Enterprises are all in on AI for security but budgets aren’t keeping pace

2026-04-02 · Source: Tech Monitor · Field: Technology & Digital — Cybersecurity & Data Privacy, Artificial Intelligence & Machine Learning · Depth: Fundamental Awareness, quick

Summary

A recent survey by EY of 500 security decision-makers at companies with annual revenues exceeding $500 million reveals that 96% view AI as a core, already-deployed element in their cybersecurity strategy. Concurrently, the same 96% perceive AI-driven attacks as significant threats. Despite this, 85% of organizations using AI for security believe their budgets are underfunded, and only 20% report sufficient cybersecurity governance frameworks. Looking ahead, the proportion of organizations dedicating 25% of their cybersecurity budgets to AI solutions is projected to rise from 9% to 48% within two years. Currently, 46% see under $1 million return from AI solutions, with 12% reporting no quantifiable savings. Key application areas for AI include Advanced Persistent Threat (APT) detection, identity and access management (IAM), and real-time fraud detection, with anticipated improvements in mean time to recovery (MTTR) and mean time to detect (MTTD).

Key takeaway

For CTOs and VPs of Engineering evaluating cybersecurity investments, the widespread adoption of AI in security, coupled with significant budget and governance gaps, indicates a critical need for strategic planning. You should prioritize increasing AI cybersecurity budgets to meet evolving threat landscapes and integrate robust governance frameworks. Focus on AI applications that demonstrably improve MTTR and MTTD, such as APT detection and identity management, to maximize operational resilience.

Key insights

AI is central to cybersecurity strategies, yet budget and governance gaps persist despite future investment plans.

Principles

• AI is a dual-edged sword in cybersecurity.
• Budget and governance lag AI adoption.
• AI improves detection and recovery metrics.

In practice

• Prioritize AI for APT detection.
• Implement AI in IAM solutions.
• Use AI for real-time fraud detection.

Topics

• AI in Cybersecurity
• Cybersecurity Strategy
• AI-driven Attacks
• Cybersecurity Budgets
• Cybersecurity Governance

Best for: CTO, VP of Engineering/Data, Executive, Consultant, Director of AI/ML

Related on AIssential

• AI adoption correlates with incident frequency, underscoring need for governance — Increased AI adoption directly correlates with higher cybersecurity incident rates, necessitating robust governance.
• Enterprises report increasing budgets for security training in AI and other critical topics — Enterprises are prioritizing cybersecurity training, especially for AI skills, despite significant time constraints.
• Cybersecurity in the Intelligence Age — AI reshapes cybersecurity, demanding democratized defense tools and coordinated government-industry efforts.
• 2026 Really Is This Risky: Our Top Recommendations For CISOs — Security leaders must build flexible programs to navigate persistent volatility from AI, budget shifts, tech consolidation, and geopolitics.
• Gartner SRM 2026 Signals a Cybersecurity Shift From Prevention to Resilience — Cybersecurity success now hinges on resilience, identity modernization, and AI agent governance, not solely prevention.
• this is really bad... — AI significantly amplifies cyberattack capabilities, necessitating advanced AI-driven defenses and highlighting geopolitical risks.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Tech Monitor.