Software commands 40% of cybersecurity budgets as gen AI attacks execute in milliseconds

The cybersecurity landscape is rapidly evolving, with new threats emerging that require organizations to adapt quickly to protect their sensitive data and systems. According to Forrester’s 2026 Budget Planning Guide, software now commands 40% of cybersecurity spending, exceeding hardware, outsourcing, and personnel costs. This shift in spending priorities reflects the need for organizations to combat gen AI attacks that can execute in milliseconds, posing a significant challenge to traditional cybersecurity defenses.

Three converging threats are reshaping the cybersecurity landscape: generative AI (gen AI) is enabling attackers to craft personalized phishing emails at an unprecedented rate, NIST’s quantum deadline threatens data encryption, and deepfake fraud is bypassing biometric authentication. As a result, organizations are reevaluating their cybersecurity strategies and investing in new technologies to stay ahead of these evolving threats.

Platform consolidation has become a priority for many organizations, as managing multiple security tools can be costly and inefficient. Enterprise security teams lose millions of dollars annually to integration and overhead, while the average detection time remains high. Gartner forecasts a shift away from interactive application security testing (IAST) tools towards Security Service Edge (SSE) platforms, which promise streamlined convergence but often add complexity to security operations.

The need for real-time threat neutralization has never been greater, as attackers continue to exploit vulnerabilities in AI models and machine identities. Security budgets are surging to combat gen AI attacks, with 55% of security leaders expecting significant budget increases in the next 12 months. Regional spending disparities highlight variations in the threat landscape and how organizations are responding to them.

Software dominates cybersecurity budgets in 2025, reflecting the importance of runtime defenses in combating emerging threats. Organizations are investing in cloud security, on-premises technology, and security awareness training to strengthen their defenses at the critical moment of AI model inference. Quantum computing poses a new risk to organizations, with “harvest now, decrypt later” attacks becoming a threat to encrypted data.

The explosion of machine identities is fueling a credential crisis, with machine identities outnumbering human users by a significant ratio. Security leaders are advised to scale machine identity management to mitigate emerging threats. Divesting legacy security tools is essential, with Forrester recommending a focus on integrated platforms that enhance visibility and streamline management.

In conclusion, CISOs must consolidate security at AI’s inference edge to stay ahead of evolving threats and maintain control over their cybersecurity defenses. By investing in runtime defenses, behavioral anomaly detection, and robust AI deployment strategies, organizations can secure their systems and data against advanced cyber threats.