With financial constraints weighing heavily on cybersecurity teams, organizations are increasingly leaning on AI-powered automation to offset staffing shortages, safeguard their defenses, and stay ahead of intensifying cyber threats.

Cybersecurity Spending Under Pressure

The challenge of achieving more with fewer resources is nothing new — but in today’s climate, it has become unavoidable.

Recent analyses from IANS and Swimlane reveal a similar pattern: cybersecurity budgets are being squeezed by political and economic factors outside organizational control, creating potentially serious ripple effects.

IANS reports that while cybersecurity spending continues to grow, the pace has slowed significantly — from a 17% increase in 2022 to just 4% in 2025. This deceleration is tied to global market instability fueled by geopolitical tensions, shifting trade policies, and unpredictable inflation and interest rates.

Gartner projects that worldwide “end-user spending” on information security will reach $213 billion in 2025, up from $193 billion in 2024. By 2026, this figure is expected to climb another 12.5%, hitting $240 billion.

According to Amy Lindenmeyer, CFO of Keeper Security, business leaders must constantly balance operational efficiency, profitability, and productivity — challenges that become even sharper during economic downturns.

As a result, companies are tightening their overall spending, and cybersecurity budgets are feeling the impact. Consequences include:

• Worsening cybersecurity talent shortages, lowering team morale and increasing risk.
• Delays or cancellations of new security projects, heightening exposure to threats.
• Reallocation of resources, forcing teams to prioritize certain areas while neglecting others.

Policy and Geopolitical Factors

Swimlane’s findings mirror these concerns but focus on federal policy impacts. Uncertainty over the future of U.S. cybersecurity strategy — including reduced funding for CISA and the dissolution of the Cyber Safety Review Board — is creating hesitation in investments and increasing risk exposure.

This environment compels organizations to do more with less, shifting emphasis from national to in-house security efforts. This shift is driving greater reliance on agentic AI for automated threat detection and alert triage — a double-edged sword that reduces the need for human expertise while potentially expanding the attack surface.

Matt Lee, Senior Director of Security & Compliance at Pax8, notes that shrinking budgets are straining already overextended professionals, prompting more companies to deploy AI security tools to handle repetitive tasks.

Global Ripple Effects

Although focused on U.S. policy, Swimlane’s research highlights international implications. For example, UK organizations are showing increased caution toward U.S. cybersecurity vendors:

• 79% are more careful about vendor relationships.
• 53% have shifted toward UK or EU suppliers.
• 43% have reevaluated existing partnerships.
• 29% have delayed or canceled contracts with U.S. providers.

This reflects a broader trend among advanced economies seeking greater independence in cybersecurity capabilities, especially amid the growing sophistication of cybercrime-as-a-service and state-sponsored threat actors.

The Bottom Line

Both IANS and Swimlane underline the same reality: with budgets tightening and threats evolving, AI-driven automation is becoming a necessity, not an option.

Their reports draw on surveys conducted between April and August 2025, covering more than 1,000 IT and cybersecurity decision-makers across the U.S. and UK — and the message is clear: organizations must adapt quickly to maintain resilience in an era of financial and operational strain.

Source: https://www.securityweek.com/tight-cybersecurity-budgets-accelerate-the-shift-to-ai-driven-defense