Coffee cup cheers, Security Gang,
It’s budget season—the quarter when every acronym shows up with a price tag and “platform savings” slide. At the market level, spend is still growing: IDC projects ~12.2% global cybersecurity growth in 2025, while Gartner pegs 2025 security & risk management spend at ~$213B.

But inside many enterprises, security programs are fighting for wallet share again: the IANS/Artico benchmark shows average CISO budgets up only ~4%, and security’s share of total IT spend dipped from 11.9% to 10.9% as cloud and AI reclaimed priority. Translation: this is a competition for outcomes, not acronyms. (IDC)

Here’s the move: tie defense-in-depth to plain-English business outcomes (loss avoided, downtime reduced, faster safe change) and fund those outcomes with consolidation and deprecations.

The data backs you up: IBM’s 2025 report shows the global average breach cost at ~$4.44M (first decline in years), but the U.S. average rose to ~$10.22M—and organizations that use AI & automation extensively save about $1.9M and ~80 days off the breach lifecycle. Meanwhile, shadow AI can add ~$670k when governance is weak. This is exactly where targeted budget wins. (IBM)