AI is now the top investment priority in cybersecurity budgets over the next 12 months, according to a new PwC report.
AI-based security was cited as a top three budget priority by 36% of business and technology executives, ahead of cloud security (34%), network security and zero trust (28%), data protection (26%) and threat management (24%).
AI threat hunting capabilities (48%) was the capability being prioritized by security leaders surveyed. This was followed by the deployment of agentic AI solutions to increase efficiencies in areas such as cloud security (35%).
Other AI security capabilities such as event detection and behavioral analytics, identity and access management and vulnerability scanning and assessments were highlighted by around one-third of security leaders, respectively.
The PwC report, published on October 1, also found that 78% of organizations expect their cyber budget to increase over the coming year.
The majority (60%) of respondents said they are increasing cyber risk investment in response to the current geopolitical landscape.
Only 6% of organizations said they are ‘very capable’ of withstanding cyber-attacks across all vulnerabilities surveyed given the geopolitical landscape.
Lack of Skills Hinders Security Initiatives
Challenges to the application of AI for cyber defense include a lack of knowledge of the technology (50%) and lack of relevant skills (41%).
More than half (53%) of organizations are prioritizing AI and machine learning tools to help close such capability gaps. Other prominent approaches include investment in security automation tools (48%), cyber tool consolidation (47%) and upskilling or reskilling (47%).
Quantum computing was ranked as one of the top five threats organizations are least prepared to address, behind only cloud, connected products and third-party breaches.
Despite this, less than 10% prioritize quantum security measures in budgets and only 3% have implemented all leading quantum-resistant measures.
Around half (49%) have not considered or started implementing any quantum-resistant security measures.
The biggest challenges to implementing such measures were gaps in technical expertise to adopt industry standards and gaps in dedicated quantum computing knowledge and resources, cited by 37% and 36% of security leaders surveyed, respectively.
The survey also highlighted other areas where skills shortages are impeding progress in cybersecurity. Nearly half (47%) of respondents cited a lack of qualified personnel as a top challenge when securing operational technology (OT) and the industrial internet of things (IIoT) systems.
Sean Joyce, global cybersecurity and privacy leader, PwC US, urged security leaders to ensure cyber is woven into long-term business planning, enabling focus to start early in areas like AI and quantum.
“The organizations that will lead in the future are those investing in cyber not just to respond, but to anticipate. This year’s findings show that resilience comes from foresight, not hindsight. Organizations should ensure they are also investing in AI and cyber skills, prioritizing the upskilling and re-skilling of their cyber teams in order to clearly and proactively map the cyber risks they face,” he noted.
The PwC 2026 Global Digital Trust Insights Survey included 3887 business and tech executives across 72 countries, 1740 of whom were security leaders.