The news: Software now eats 40% of cybersecurity spend to defend against AI-driven attacks—11 points more than personnel (29%) and nearly triple hardware (15.8%), per Forrester’s 2026 Security Budget Planning Guide.
Because of rising cybersecurity budgets, 92% of companies plan to cut costs in areas like people, processes, or technology. Additionally, 28% of businesses plan to pause future IT projects. per NordLayer.
A common way to recoup security investments is by cutting costs, often by trimming product development and marketing—two of the biggest expense areas, per AlixPartners.
What’s driving it? “Leading AI firms have observed threat actors using large language models (LLMs) to learn more about targets and craft much more convincing phishing emails,” Alex Cox, director of threat intelligence at LastPass told Mark43. “Soon, we expect to see attackers using AI to craft custom malware.”
Here are other noted threats:
Security spending is crowding out innovation: Cybersecurity budgets are experiencing a clear upward trend in 2025, with global spending projected to reach $213 billion—up 15% from the previous year, per Xentegra.
Key sectors fueling this surge include banking, finance, manufacturing, IT services, telecommunications, government, and healthcare, all of which are investing heavily to combat persistent attacks, per IDC.
Our take: Businesses should prioritize innovation that’s harder to cut—first-party data programs, customer-centric automation, and strategic partnerships. These amplify impact and deliver growth even when budgets are tight.
This content is part of EMARKETER’s subscription Briefings, where we pair daily updates with data and analysis from forecasts and research reports. Our Briefings prepare you to start your day informed, to provide critical insights in an important meeting, and to understand the context of what’s happening in your industry. Non-clients can click here to get a demo of our full platform and coverage.