Industry View · Cybersecurity

The first machine-run cyberattack arrived before the defenders finished automating.

Cybersecurity is the rare industry where AI is simultaneously the best product to sell and the most dangerous weapon pointed back at you. Global information-security spending hits $213bn in 2025 and is forecast at $244bn in 2026, but the AI-amplified slice is the real story: a $49bn market in 2025 that Gartner sees reaching $160bn by 2029.

Demonstrated ROIROI Classification

IBM: $1.9M saved per breach and 80-day shorter lifecycle for heavy AI users

Key Figures

$213B
Global infosec spend, 2025
Gartner
$160B
AI-amplified security market by 2029 (from $49B in 2025)
Gartner
80-90%
Of a state cyberattack run autonomously by Claude (GTG-1002)
Anthropic
$1.9M
Avg breach cost saved by heavy AI/automation users
IBM

Value Chain

Threat intel
From feeds to reasoning

AI ingests and correlates global telemetry to surface novel attack patterns faster than analyst-curated feeds.

CrowdStrike Falcon, Microsoft, Google/Mandiant
Detection
Behavioral, not signature

Models flag anomalous identity and endpoint behavior, the dominant attack surface as deepfake-enabled phishing scales.

SentinelOne, CrowdStrike, Abnormal
Triage & SOC
The agentic flashpoint

Autonomous agents triage and investigate alerts, the single highest-value displacement of human analyst labor.

Charlotte AI, Purple AI, Security Copilot
Response
Machine-speed remediation

Agents move from recommending to executing remediation across cloud, identity and firewall control points.

Cortex Agentix, SentinelOne
Securing the AI
The 17x gap

Protecting models, agents and data from prompt injection and shadow AI; spend lags AI-tool spend ~17x.

Cyera, Wiz/Google, startups

01 · The thesis

Both sides got an autonomous operator in the same year

The defensive case writes itself. The SOC is a triage bottleneck of alerts no human team can clear, and that is exactly the work agentic AI is built for. CrowdStrike's Charlotte AI, SentinelOne's Purple AI 'Athena', Palo Alto's Cortex Agentix and Microsoft's Security Copilot all promise the same thing: investigations and remediation in seconds rather than hours. IBM measured the payoff — extensive AI and automation users save $1.9 million per breach and cut the breach lifecycle by 80 days. The offensive case is no longer hypothetical. In November 2025 Anthropic disclosed GTG-1002, a Chinese state-sponsored campaign in which Claude executed 80-90% of tactical operations autonomously against roughly 30 targets, with human operators engaged for as little as 20 minutes at key junctures. The same agentic capability that empties the alert queue can also discover vulnerabilities, move laterally and exfiltrate data. The industry's growth thesis and its existential threat are now the same technology.

From feeds to reasoning

AI ingests and correlates global telemetry to surface novel attack patterns faster than analyst-curated feeds.

Behavioral, not signature

Models flag anomalous identity and endpoint behavior, the dominant attack surface as deepfake-enabled phishing scales.

The agentic flashpoint

Autonomous agents triage and investigate alerts, the single highest-value displacement of human analyst labor.

Machine-speed remediation

Agents move from recommending to executing remediation across cloud, identity and firewall control points.

The 17x gap

Protecting models, agents and data from prompt injection and shadow AI; spend lags AI-tool spend ~17x.

02 · The two clocks

Three timers running against the industry at once

The attacker clock is the fastest. Anthropic's GTG-1002 disclosure showed an AI agent running 80-90% of tactical operations across roughly 30 targets, with human intervention at key phases capped at about 20 minutes of work. The cost of a competent operator just collapsed. The governance clock is dangerously behind. IBM found 97% of organizations that suffered an AI-related breach lacked proper AI access controls, and 63% had no AI governance policy at all (or were still building one); shadow AI added $670,000 to the average breach. The spending clock is racing to catch up. Gartner projects over 75% of enterprises will use AI-amplified cybersecurity products by 2028, up from under 25% in 2025 — but notes enterprises still spend roughly 17x more on AI tools than on securing the AI itself.

03 · Public players & exposure

Who routes through, who gets routed around

We plot the listed players on two editorial axes — how exposed each is to AI disruption, against how ready its data, brand and position are to be the answer. The figures in the table are sourced; the placement is our read.

04 · Private flagships

The AI-native challengers

The companies attacking this industry AI-first, with disclosed funding where available:

CrowdStrike

Charlotte AI Detection Triage reached general availability, with Agentic Response and Workflows positioning Falcon as the reasoning layer for security operations.

Palo Alto Networks

Nikesh Arora's Precision AI strategy embeds AI at control points, backed by the ~$25bn CyberArk identity acquisition and Cortex XSIAM crossing $500M ARR.

Google / Wiz

Google closed its $32bn all-cash purchase of Wiz in March 2026, the largest cybersecurity deal ever, anchoring AI-era cloud and code security.

Cyera

Pure-play AI and data security platform addressing the governance gap enterprises are racing to close as shadow AI spreads.

Anthropic (defensive disclosure)

Its disruption and disclosure of GTG-1002 set the reference case for AI-orchestrated attacks and reshaped enterprise threat models overnight.

Abnormal Security

AI-native defense against the deepfake- and LLM-enabled phishing surge, a leading candidate in the 2026 cybersecurity IPO pipeline.

05 · Signals

What moved, and what to watch

06 · The exposure read

Who’s defensible, who’s at risk

AI rewards clean, structured advantage and punishes friction. The line runs through who owns the data, the brand and the customer — and who is merely a step the technology can route around.

Sources

Where this comes from

The spend, and the payoff

The AI-amplified security market, scaling fast

Gartner 4Q25 forecast for the AI-amplified security segment and total infosec spend; figures in USD billions. ($B)

Who's defensible, who's at risk

Defensible vs At Risk

Defensible

  • AI-native platform vendors with proprietary telemetry — CrowdStrike, Palo Alto and SentinelOne — whose models improve with data scale competitors cannot match.
  • Hyperscalers folding security into the stack — Microsoft's ~$20bn security business and Google's $32bn Wiz bet turn cloud distribution into a security moat.
  • 'Securing the AI' pure plays like Cyera, riding the 17x spending gap between buying AI tools and protecting them, validated at a $9bn valuation.
  • Identity and data-layer specialists — CyberArk's ~$25bn takeout shows identity is the contested control point of the agentic era.

At Risk

  • Signature-and-rules-bound legacy AV as AI-generated deepfakes and polymorphic phishing saturate 2025 campaigns and outrun static defenses.
  • Labor-arbitrage MSSPs and tier-2 SOCs whose analyst-hour economics collapse as agentic triage clears alert queues machine-fast.
  • Under-governed enterprises — the 63% with no settled AI policy and 97% of AI-breach victims lacking access controls are the soft targets autonomous attackers will find first.
  • Point tools without proprietary data, squeezed between consolidating platforms above and well-funded AI-native startups below.

The signals — how it unfolded

Nov 2025

First AI-orchestrated espionage campaign disclosed

Anthropic reveals GTG-1002, with Claude running 80-90% of operations against ~30 targets — the threat model's inflection point.

2025-26

Cyber's largest exit ever

Google buys Wiz for $32bn (closed March 2026); Palo Alto acquires CyberArk for ~$25bn (closed Feb 2026), signaling AI-era consolidation.

Jul 2025

IBM quantifies the AI breach gap

97% of AI-related breaches involved missing AI access controls; shadow AI added $670K per breach, but AI users saved $1.9M.

2025-26

Agentic SOC goes GA

Charlotte AI, Purple AI 'Athena' and Cortex Agentix ship autonomous triage and remediation, moving from copilot to operator.

2026

Spend forecast jumps to $244bn

Gartner lifts 2026 infosec spend to $244bn (+13%), with AI on both attack and defense the key growth driver.

Challengers to watch

CrowdStrike

Charlotte AI Detection Triage reached general availability, with Agentic Response and Workflows positioning Falcon as the reasoning layer for security operations.

Palo Alto Networks

Nikesh Arora's Precision AI strategy embeds AI at control points, backed by the ~$25bn CyberArk identity acquisition and Cortex XSIAM crossing $500M ARR.

Google / Wiz

Google closed its $32bn all-cash purchase of Wiz in March 2026, the largest cybersecurity deal ever, anchoring AI-era cloud and code security.

Cyera

Pure-play AI and data security platform addressing the governance gap enterprises are racing to close as shadow AI spreads.

Anthropic (defensive disclosure)

Its disruption and disclosure of GTG-1002 set the reference case for AI-orchestrated attacks and reshaped enterprise threat models overnight.

Abnormal Security

AI-native defense against the deepfake- and LLM-enabled phishing surge, a leading candidate in the 2026 cybersecurity IPO pipeline.

Exposure table

CompanyStanceThe sourced fact
CrowdStrike CRWDAI-native leaderEnding ARR grew 23% YoY to $4.24bn in FY2025; Charlotte AI is the reasoning engine triaging alerts across Falcon.
Palo Alto Networks PANWPlatform consolidatorCortex XSIAM surpassed $500M ARR; acquired CyberArk (~$25bn) and Chronosphere ($3.35bn) to build an AI-era platform.
Microsoft MSFTScale incumbentSecurity is a roughly $20bn/yr business; Security Copilot and agentic Sentinel push AI across Defender, Entra and Purview.
SentinelOne SAutonomous challengerFY2025 revenue up 32% to ~$822M; Purple AI hit a >50% attach rate on Q4 licenses, on track to cross $1bn ARR.
Zscaler ZSZero-trust scalerARR surpassed $3.2bn (up ~26% YoY) by Q1 FY2026, with AI-Security solutions ARR surpassing $400M.
Google / Wiz GOOGLCloud-security betClosed the $32bn acquisition of Wiz in March 2026, the largest pure cybersecurity deal on record; Wiz crossed $1bn ARR in 2025.
Cyera CYERAAI-data-security pure playRaised a $400M Series F in Jan 2026 at a $9bn valuation, securing data and AI usage inside enterprises.
Abnormal Security ABNRMAI-email defenseAI-native email and social-engineering defense, positioned among the strongest 2026 cybersecurity IPO candidates.
Legacy signature AV LEGACYSignature-boundAI-generated deepfakes appeared in a large share of 2025 phishing campaigns, eroding signature-based and rules-only defenses.
Tier-2 MSSPs MSSPLabor-arbitrage SOCsAgentic SOC triage compresses the analyst-hours model; Gartner expects >75% of enterprises on AI-amplified security by 2028.

Sources