Enterprise Security Spending Hits Record Highs
Global IT spending is projected to reach $6.15 trillion in 2026 as enterprises accelerate investment in AI and data centers. A new report indicates enterprise security spending has reached record highs as companies prepare for emerging threats, including those from quantum computing.
- The global cybersecurity market is projected to grow from $248.28 billion in 2026 to $699.39 billion by 2034. A significant portion of this spending is driven by the need to defend against increasingly complex threats targeting hybrid and multi-cloud infrastructures. - A primary driver for increased security budgets is the threat of "harvest now, decrypt later" campaigns. In these attacks, nation-state actors and other adversaries are currently stealing and storing encrypted data with the intent of decrypting it once powerful quantum computers become available. - Artificial intelligence is a double-edged sword in the security landscape; while 87% of organizations identify AI-driven attacks as their fastest-growing risk, AI was also the top cybersecurity investment priority for companies in 2025. Attackers use AI to automate phishing and develop malware, while defenders are using it to power threat hunting and automated response systems. - Ransomware tactics have evolved into multi-stage extortion schemes that go beyond data encryption. Attackers now commonly steal data before encrypting it, threaten to leak the sensitive information publicly, and launch denial-of-service (DDoS) attacks to pressure victims into paying. - The expanding use of cloud services and third-party vendors has created new vulnerabilities. Software supply chain attacks are now one of the fastest-growing threat categories, as a breach in one component can have cascading effects on all linked systems. - The financial incentive for increased security spending is clear, as the global average cost of a data breach is approximately $4.4 million. For the largest enterprises, one-quarter of businesses report their most damaging data breach in the last three years cost $1 million or more. - While large enterprises have historically accounted for the majority of security spending, small and medium-sized enterprises (SMEs) are now increasing their investment at a faster rate. This is a response to data showing that over 50% of cyberattacks are targeted at these smaller, often more vulnerable, businesses. - A major focus of new security spending is on identity and credential protection, as 75% of intrusions involve compromised credentials. Attackers are increasingly focused on bypassing multi-factor authentication (MFA) and exploiting misconfigured cloud storage and insecure APIs.
