CISOs are spending big and still losing ground
Security leaders are entering another budget cycle with more money to work with, but many still feel no safer. A new benchmark study from Wiz shows a widening gap between investment and impact. Budgets keep rising, cloud programs keep expanding, and AI is reshaping both threats and defenses. Still, CISOs say the fundamentals of risk reduction are not improving fast enough.
Bigger budgets do not create confidence
Organizations continue to increase cybersecurity spending across industries. Even with that growth, respondents say their programs fall short of what the threat landscape now demands. The concern is strongest among people closest to day to day work. Architects, engineers, and security managers report that well funded programs still struggle to keep up with new attack techniques, rapid cloud adoption, and broader business needs.
Large enterprises share the same concern. Teams with larger budgets say rising costs and added responsibilities make it difficult to show progress.
Teams carry a heavy cloud workload
Cloud security now takes up a significant share of the security team’s time. In many organizations, a large portion of staff focuses on cloud issues each day, and some now have more than half the team dedicated to cloud work.
This trend is expected to continue as cloud environments grow and as risks tied to scale and distributed ownership become more pronounced. These pressures are driving teams toward automation and away from manual processes that cannot match development speeds.
Spending priorities shift toward cloud and data
Budgets may be rising across categories, but cloud and data security now guide most investment decisions. As sensitive workloads move into public cloud services and development accelerates, these areas sit at the center of security planning.
Traditional spending areas such as consulting are growing more slowly. Internal teams are expected to take on more responsibility and integrate security directly into engineering practices.
Tool sprawl slows security teams
Security teams continue to manage large and often unwieldy toolsets. Organizations now run dozens of tools, with some running far more. This creates overhead that slows operations, increases training needs, and adds friction across teams.
Cloud security stacks follow the same pattern. Even mid sized organizations use a wide range of cloud security products, each with its own model and workflow.
Complexity has become a major obstacle to strong cloud security. Fragmented tools force teams into maintenance work and constant switching between systems, which drains time and breaks focus. CISOs say the environment has reached a point where simplification is necessary.
AI raises stakes for attackers and defenders
AI now shapes most security decisions, and organizations are investing in AI powered tools for detection, triage, and response. Attackers are doing the same, using AI to automate reconnaissance, strengthen social engineering, and manipulate models.
Security leaders are also focused on attacks that target the AI lifecycle itself. These include poisoning training data, manipulating prompts, and attempting to extract models that contain proprietary information. Few teams feel they have strong controls for these risks, and available frameworks are still developing.
Organizations are split on whether AI has already changed cloud security. Some say the impact is visible now, while others believe the larger shift is still ahead. Most expect AI to settle at the center of both offensive and defensive operations.
Automation and visibility lead next year’s priorities
Nearly all organizations plan to strengthen their cloud security posture in the coming year. Automation is the top focus. CISOs want fewer manual tasks and fewer disconnected dashboards. Visibility follows, especially as cloud environments grow and as new AI services appear across the business without central oversight.
Respondents also plan to replace parts of their cloud security stack, citing limits in current tools and the need for better integration and speed.
Managed services are gaining traction for some teams, while others plan to expand training so staff can keep up with cloud provider tooling and changing technology.
Compliance spending still lacks value
Compliance remains a steady source of investment, but CISOs say these requirements do not always reduce risk. Mid sized organizations feel this most. They face heavy audit demands but often lack the staff or tooling to turn the work into lasting improvement.
Some leaders address this by aligning compliance with broader frameworks such as NIST, which helps ensure that compliance efforts support overall maturity rather than operating as a separate track.
Download: Strengthening Identity Security whitepaper