Futurum Group Report Sees Cybersecurity Spending Reaching $521.7B by 2031
The global cybersecurity market is projected to reach $521.7 billion by 2031 at a 7.6% compound annual growth rate (CAGR) from an estimated $335.8 billion in spending that occurred in 2025, according to a report from the Futurum Group.
Cloud security (12%), security operations and governance, risk management and control (10%), data security (9%) and application security (8%) will see the highest CAGR through 2031, the Futurum Group projects.
Historically, the cybersecurity market has grown anywhere from 14% to 18%, so the projection suggests there will be a contraction of overall spending. However, the report does allow for a more “bullish” estimate that assumes spending on artificial intelligence (AI) security accelerates much faster than generally expected. In that scenario, the cybersecurity market is projected to grow to $601 billion for a 10.1% CAGR.
However, at the other end of the extreme, a more “bearish” estimate projects a 5.0% CAGR, which would result in total revenues of $449 billion in 2031.
In the meantime, a separate survey of 929 cybersecurity leaders conducted by the Futurum Group finds 67% of respondents are anticipating cybersecurity budget increases over the next 12 months. Among organizations expecting budget growth, risk management strategy now leads the top-cited drivers at 48%.
Combined vendor consolidation intent rose to 42% in the first half of 2026, compared to 35% in the second half of 2025, the survey finds. That suggests that more cybersecurity teams are looking to consolidate the number of tools and platforms they employ to both reduce friction and lower costs.
Fernando Montenegro, vice president and practice lead for cybersecurity and resilience at the Futurum Group, said the overall growth in cybersecurity spending continues to increase, but that growth itself seems to have slowed down a bit. However, that’s not unusual given how large the market itself has already become, he added.
Additionally, security capabilities are now being embedded into a wider range of platforms, which reduces the amount of budget dollars that cybersecurity teams would otherwise have to allocate, noted Montenegro.
It’s also not clear just yet to what degree AI is transforming cybersecurity. For now at least, organizations appear to not be changing how they allocate budget resources or how their teams are aligned. For example, the CISO reports to the CIO or CTO in 33% of organizations, compared to 26% where the CISO reports to the CEO. At the same time, 65% of survey respondents report they now present to the board at least quarterly. That suggest there continues to a greater appreciation for the impact cyberattacks can have on the business as a whole.
Regardless of approach, the one thing that is certain is attacks will increasingly be occurring at machine speed in the age of AI. As such, many of the defenses that organizations have relied on for years might soon be rendered obsolete. The challenge will be determining what new tools and platforms will be required in the AI era and, just as importantly, to what degree might they eliminate the need for existing tools or platforms to help fund the acquisition of a new AI capability at a time when the economic outlook remains uncertain.
