The main mission of cyber security is the same: defend the organization from all the dangers in digital space.
But the danger is developing, as there are technologies involved in both aggressive and defensive sides of cyber security. Therefore, there are ways to execute security heads on that mission.
Threats are increasing, and they are becoming more sophisticated. Increasing rate of speed is attacking. Artificial Intelligence is rebuilding everything. Markets and financial pressure are increasing.
Sisos feel squeezed. Bittest weis trace surveyed 1,000 cyber security and cyber risk leaders for this Cyber risk and exposure 2025 report And found that 90% said that the management of cyber risks is harder than five years ago. According to respondents, the AI and the surface of the widening attack are the top two reasons for that increasing difficulty.
But cyber leaders say they are only two factors that affect security. Here they turn into five major trends that re -shaping security strategies.
1. Financial pressure squeeze the security budget
Macroeconomic uncertainties have pressurized the C-suit to keep the cost under investigation. This pressure safety ceremony extends to the CIO and CFO expected to do more with less, with less, says Lu styinbergCTM Insights, Founder and Managing Partner in a Cyberspace Research Lab and Incubator.
“We have hit a point of funding fatigue with information safety,” says Steinberg. The budget has gone up and right forever, and now they are flat and sometimes down, “Saying,” says Steinberg. “This is new to many siso, so they have to answer questions about the abilities that they have not had in the past.”
2025 budget benchmark report from IANS Safety and Artico Search It was found that the average annual security budget growth declines by 4%, a decline from 8% in 2024 and the lowest growth rate in five years. It was also found that only 47% out of 587 surveyed Sisos reported an increase in their security budget in 2025, 62% in 2024 and 78% in 2022. More than half (54%) reported a flat or shrinking budget.
Similarly, 2025 Global Cyber Security Leading Insight Studies The firm of commercial services was found that the cyber security budget has fallen from 1.1% to 0.6% annual revenue in the last two years.
Steinberg said that in response Sisos are simplifying their technical stacks, making Bespoke and Point-in-Time solutions simple for off-the-shelf options that provide equal controls but are easy to manage and the total cost of ownership is low. They are identifying more areas to automated to generate capacity, and they are more outsourcing to reduce talent costs.
2. AI-competent attacks are emerging to increase professional risks
CISOS now ranks the AI-operated cybrants as its top concern, 80% quoted by CISOS A survey by Boston Consulting GroupThis is the opposite of a year ago when Sisos put the AI-managed attack on number 4 in the list of top concerns.
According to the BCG survey, the opponents are using generic AIs to list more sophisticated, more targeted and more effective social engineering – 62% CISO as a major anxiety or significant threat.
Announcing the results of its survey, BCG said, “Organizations have seen an increase in automatic, general-AI-operated attacks, which are fast easy to execute for the attackers and may be extremely effective in cheating employees, partners or customers.”
The BCG reported that this CISO spends more in areas that spend more in areas that can help them combat such attacks, especially intelligence and application safety as well as AI-competent security solutions, BCG.
Security leaders are breaking for even more powerful A-SAP attacks. Chris LovelyThe IT Infrastructure Services provider Kindrail, Global Security and Facilitation Practice Leader, predicts that by 2027 enterprises will be completely autonomous, AI-operated cyber attack.
Such predictions say in the CISO race to implement AI devices for detection, reaction, recovery and flexibility Wolfgang goeralichIANS Research Faculty and a public sector CISO.
3. Agent AI Safety is growing to redefine basic things
CISOS is working to secure the AI initiative of its own organization, adjust policies and apply equipment to protect the data being used by AI.
This work is going on, but CISOS should now start planning how to protect its outfits from the risks made by the agent AI.
Team8’s 2025 CISO Village Survey It was found that 37% Sisos said that securing AI agents was one of their most important concerns.
Steinberg says Agentic AI will need to develop Sisos as to how they not only reach certification but also authority.
“Most agents live in their walls gardens today, so Sisos rely on them,” Steinberg explains. “But we are going to a place where we are interacting with the agents outside (a CISO’s own organization), and CISO will have to certify those agents to certify what it says and it is authorized to take action. We are going to ask, ‘Are you authorized to ask me to work.”
For example, Steinberg says that the agent AI will allow a passenger to book a slightly more flight than a prompt. The passenger will start with an online query for a flight, which meets some circumference, such as airport and destination, day, favorite airline, etc. The AI agent will then run to pay on its own from search to booking.
In this future situation, the airline would have to find a way to verify that the agent was authorized to book a flight from the passenger – a difficult task without a human in the loop, says Steinberg.
“We must have some kind of way to confirm that a real person with a real identity wants the agent to do a specific work. Otherwise, how will the organization know that the series is reliable?” Given the agent AI that the agent AI means the end of Sisos using authentication as a proxy for the authority.
Steinberg says that she has not yet seen any real solution to that challenge, although researchers and technology companies are trying to expand the existing authority protocols to include the authentication mechanism.
“But until there is a real standard solution, we are going to continue using the walls of the walls: I am only confident what mine is,” they say. “And this is going to be limited at a time when business people want to do things. This may mean that the security department will once again and the department of slow department.”
4. Speed safety currencies and practices
There is another trend affecting speed safety strategies, as Sisos says they are moving faster now than the past and they hope that they still have to move faster in the future to keep pace with the opponents and business.
Consider some figures.
CISO Perspectives Report 2025: AI and Digital Supply Series Risk from CobaltA safety technology and service company, found that 60% of the surveyed security leaders believe that the attackers are actually developing very quickly to maintain flexible security currency.
And this 2025 CISO Benchmark Report: securing Digital Foundation for Reconstruction Accenture and Retail and Hospitality ISAC found that 45% CISOS cited “speed of business requirements” as a barrier to secure digital core by design.
“It is about the speed of change and keep it with it,” saysPhil SwainCISO and Vice President of Information Safety at Tech Company Extreme Networks. “CISOS is here to support the business, and is a promoter of the security business, so as businesses grow rapidly and become very agile and more innovative, which is falling down in security. Security will have to grow more quickly and become more optimal.”
5. Sellers raise questions about landscape viability, flexibility and faith
The security technical sector has experienced an increase in merger and acquisition in 2025.
Integrating the capabilities in strategic buyers and investors to consolidate capabilities in domain-cloud security, exposure management, identity and secops, “M&A activity with a record deal volume of 2024 with an annual deal of Q1) remains high). Cyber Safety Software Sector M&A Industries Spring 2025 Report From Crol, provider of financial and risk advisory solutions.
It cannot always benefit CISOS, however, says goerlich.
“When we think of flexibility, we have to think about the flexibility of our technical software and service providers. It is running to see more in the seller market. More and more we have to pay attention to the viability of our sellers, whether they are going to be acquired and whether they will be around,” they say. “Because when a seller is purchased, the cost can go through the roof, the vendor’s roadmap can be stopped. I had a seller who was bought and its roadmap was stopped and it fell back and I fell back and I ended with a weakness (in my safety program). So I did not have to plan this.”
Goerlich says that he is now spending more time monitoring the seller markets for investor’s trends and M&A news to protect his safety program against such situations in future.
