AI Accountability Drives Cybersecurity Budgets in 2026 – digit.fyi
Home > Security > Cybersecurity
AI Accountability Drives Cybersecurity Budgets in 2026
“Organisations in the UK and Ireland are shifting their priorities to make cybersecurity a critical business investment, but their approach to AI remains conflicted,” said Findlay Whitelaw, Cybersecurity Strategist & Researcher at Exabeam.
Elizabeth Greenberg
,
While cybersecurity budgets surge with unprecedented growth, security leaders race ahead on AI transformation while falling behind on measurement, justification, and strategic alignment.
That’s according to new research from Exabeam; the firm’s new multinational report, From Adoption to Accountability: The New Economics of AI in Cybersecurity, surveyed 750 IT decision-makers responsible for security in organisations with over 500 employees, across 12 countries.
According to the study, 93% of organisations in the UKI are increasing cybersecurity budgets in 2026, with 68% seeing double-digit growth. However, AI simultaneously holds three contradictory positions in budget planning in the region: it’s the top driver of increases (51%), the first investment that would be cut if budgets tightened (43%), and the most challenging spend to justify to business stakeholders (28%).
“Security leaders are getting mandates to invest in AI, but nobody’s given them a way to prove it’s working. You can’t measure AI transformation with pre-AI metrics,” said Steve Wilson, Chief AI and Product Officer at Exabeam. “The problem isn’t that security teams lack data. They’re drowning in it. The issue is they’re tracking the wrong things and speaking a language the board doesn’t understand. Those are the budgets that get cut first. The window to fix this is closing fast.”
Cybersecurity investment trends in 2026 represent a significant shift for the UKI, with AI and automation emerging as the primary catalyst for budget expansion (51%), followed by cloud infrastructure growth (36%). This surge being channelled into technology, rather than the usual suspect of headcount, signals how the AI era is fundamentally shifting security operations.
While 93% of security leaders in the UKI express confidence that their investments are delivering business value, 26% cite a lack of board understanding of the link between cybersecurity investment and business resilience as their biggest challenge in defending spend.
The disconnect reveals a critical vulnerability: 62% in the region report using operational metrics and 58% use outcome metrics, yet boards and executives still don’t understand the connection between security investments and business risk.
The problem isn’t a lack of information, but a mismatch between security metrics and business-decision metrics. Security teams are relying on traditional security measurements that don’t translate into the business impact language boards need to evaluate investment decisions.
“In AI-assisted environments, traditional metrics like mean time to resolution (MTTR) becomes almost automatic, so speed alone doesn’t prove risk has been reduced,” said Kevin Kirkwood, CISO at Exabeam.
“We need new ways to measure security effectiveness that actually show business impact, because boards don’t fund faster ticket closure, they fund measurable risk reduction and business resilience. We have to show that we’re not just responding quickly but eliminating and improving the conditions that allow incidents to happen in the first place.”
Regional differences in AI adoption are striking. The UKI reports that AI drives a higher percentage of budget increases compared to the global average. Saudi Arabia demonstrates the most aggressive position, with 75% reporting AI is already improving security operations, nearly double the UKI (43%). These variations reflect different organisational priorities. Saudi Arabia’s figures align with broader national digital transformation initiatives, while European and Asian organisations emphasise careful evaluation and workforce preservation before scaling deployment.
“Organisations in the UK and Ireland are shifting their priorities to make cybersecurity a critical business investment, but their approach to AI remains conflicted,” said Findlay Whitelaw, Cybersecurity Strategist & Researcher at Exabeam. “AI is critical for modern cybersecurity, yet its value is often questioned when in the face of budget cuts. The path ahead lies in better aligning AI investments with measurable business outcomes. Demonstrating clear ROI and integrating AI into broader security strategies will be key so stakeholders can see both the risk reduction and operational efficiencies it delivers.”
Closing the Justification Gap
The cybersecurity industry is experiencing a rare moment of budget abundance, yet this creates a sustainability challenge. Security leaders are investing heavily in AI transformation while simultaneously struggling to articulate its business value to boards and CFOs. This isn’t a sustainable dynamic — budget abundance creates expectations, and organisations that can’t demonstrate clear value from AI investments risk seeing those budgets retracted when economic conditions shift.
The organisations that will thrive are those that recognise deployment is only half the challenge. Success requires developing new frameworks for measuring AI impact, creating outcomes-based metrics that tie security performance directly to business resilience, and establishing executive-ready communication that translates technical improvements into business impact language.
Elizabeth Greenberg
Staff Writer
Explore 
Subscribe to 
© 2026 DIGIT
source
This is a newsfeed from leading technology publications. No additional editorial review has been performed before posting.
