CISOs are spending big and still losing ground>
Help Net Security – Anamarija Pogorelec
CISOs are increasing cybersecurity budgets but feeling less secure due to a widening gap between investment and impact
Despite the growth in funding, there is persistent concern about the efficacy of programs in addressing evolving threats, particularly as organizations pivot towards cloud security
Security teams are dedicating significant resources to manage cloud-related issues, leading to prioritization of cloud and data security in budget allocations
However, tool sprawl complicates operations and hampers effectiveness
AI is a major influencing factor, both for attackers and defenders
Moving forward, there is a strong emphasis on automation and visibility to improve security postures, although compliance spending is viewed as less valuable in risk reduction efforts
Important items to note:
– Increased budgets have not translated into increased security confidence.
– Key personnel like architects and engineers express concern over the adequacy of security programs.
– A majority of security teams are focused on cloud security, which increases complexity and the need for automation.
– Spending is shifting towards cloud and data security, while traditional consulting services grow more slowly.
– Tool sprawl is a critical issue, creating inefficiencies and maintenance burdens.
– AI is influencing both attack strategies and defense mechanisms, yet organizations feel unprepared for associated risks.
– Future security priorities include a push for automation and enhanced visibility in cloud environments.
– Compliance investments are viewed as not sufficiently reducing risk, leading some organizations to align compliance with broader security frameworks for more effective outcomes.
Link: https://www.helpnetsecurity.com/2025/12/08/wiz-cybersecurity-spending-priorities-report/