Budgeting for Cybersecurity: How Software Commands Are Taking the Lead Against Gen AI Attacks

The cybersecurity landscape is rapidly evolving, with organizations facing new challenges and threats that require practical guidance on budget allocation. According to Forrester’s 2026 Budget Planning Guide, there has been a significant shift in cybersecurity spending priorities, with software now commanding 40% of cybersecurity budgets, surpassing hardware, outsourcing, and personnel costs. This change reflects the need to combat gen AI attacks that can execute in milliseconds, posing a significant risk to organizations.

Three major threats are reshaping cybersecurity: gen AI attacks, quantum computing risks, and deepfake fraud. Attackers are leveraging generative AI to craft personalized phishing emails at scale, while the looming deadline for quantum encryption standards threatens data security. Deepfake fraud is also on the rise, bypassing biometric authentication systems. As a result, organizations must rethink their defensive strategies to stay ahead of these evolving threats.

Platform consolidation is becoming crucial in the cybersecurity landscape, as the complexity of managing multiple security tools is costing organizations millions in integration and overhead expenses. Security teams managing 75 or more tools are losing $18 million annually, while the average detection time remains high. Gartner forecasts a shift away from interactive application security testing tools towards Security Service Edge platforms, which promise streamlined convergence but can add complexity to security operations.

Security budgets are on the rise, with 55% of global security technology decision-makers expecting significant budget increases in the next 12 months. This increase reflects the asymmetric battlefield where attackers deploy gen AI to target employees with personalized campaigns. Regional spending disparities highlight variations in the threat landscape, with Asia Pacific organizations leading in budget increases.

Software dominates cybersecurity budgets in 2026, with cloud security, on-premises technology, and security awareness training topping investment priorities. The focus is on runtime defenses to protect the inference layer of AI model development, which is vulnerable to various threats that require millisecond-scale responses.

Quantum computing poses a significant risk to cybersecurity, with the potential for “harvest now, decrypt later” attacks once quantum processors reach operational scale. Security leaders are urged to prioritize post-quantum cryptography adoption to protect sensitive data. The explosion of machine identities is fueling a credential crisis, with machine identities outnumbering human users. Scaling machine identity management is crucial to mitigating emerging threats.

Security leaders are advised to divest legacy security tools and prioritize integrated platforms that enhance visibility and streamline management. Consolidating controls at the inference edge is crucial for securing AI deployments at scale. By following a clear playbook that includes robust behavioral anomaly detection and investing in runtime defenses, organizations can achieve secure AI deployments.

In conclusion, the cybersecurity landscape is evolving rapidly, with organizations facing new challenges and threats that require a strategic approach to budget allocation and security management. By staying ahead of emerging threats and embracing new technologies, organizations can strengthen their cybersecurity posture and protect against evolving risks.