💯 Everyone loves to talk about top-line growth and EBITDA… until a cyber incident wipes out both overnight.
🥇 Leaders who treat cybersecurity investment as a growth enabler will win.
🧨 Leaders who treat cybersecurity as a cost center will lose.
Here’s the uncomfortable truth:
🧯 You can’t “out-grow” cyber risk. If you haven’t invested ahead of the threat, you’re already behind.
If you’re serious about scaling growth, you’d better be just as serious about protecting the assets that make that growth possible.
🔥 70% still suffered at least one material third-party incident in the last 12
A new Marsh report shows the wake-up call is finally landing:
🔐 Two-thirds of organizations are increasing cyber risk prevention spend this year
💰 Over a quarter plan to invest 25%+ more
⚙️ Priorities: better security tech, airtight incident response, and hiring the right talent
hashtagCyberSecurity hashtagLeadership hashtagScale hashtagRiskManagement hashtagBusinessGrowth
https://www.ciodive.com/news/global-firms-boost-cyber-spending-2026/807568/
Majority of global firms plan to boost cyber spending in 2026
A report by Marsh shows companies are also focused on third-party risk mitigation.
- Two-thirds of organizations across the globe are planning to increase their investment in cyber risk prevention over the next 12 months, according to a report released Tuesday by Marsh. More than a quarter of organizations plan to boost their spending by more than 25%.
- The top spending priorities include security technology and mitigation, incident response and preparation, and hiring.
- Seven of every 10 organizations have experienced at least one material third-party incident over the past 12 months, according to the report.
Dive Insight:
The report highlights how organizations worldwide plan to address the growing challenges of maintaining the security of their customer data and boosting operational resilience.
Marsh’s conclusions are drawn from a survey of more than 2,200 cybersecurity leaders in 20 countries across eight regions.
Organizations in the U.K. were the most likely to increase investments, with three-quarters of respondents saying they planned to do so.
A Marsh cyber leader cautioned it is tough to fully protect against cyber risk, but added that cyber hygiene and governance changes can help.
“Organizations need to create a framework to vet vendor security and audit their vendors frequently,” said Payal Patel, a managing director in Marsh’s Cyber Practice. “Other measures organizations can take include adhering to a robust governance framework, negotiating strong contractual protections, reviewing access control rights, and off-boarding vendors when they are no longer utilized.”
The U.K. went through a historically difficult period of cyber risk this year, with a wave of social engineering attacks targeting the retail sector,followed by an attack against automaker Jaguar Land Rover, which crippled production for more than a month. U.K. authorities challenged corporate leaders to make cyber resilience a board-level concern and focus on maintaining business continuity.
Respondents expressed various degrees of confidence in their own cybersecurity capabilities, with the Middle East and Africa region showing the most confidence, at 83%, and security professionals in Asia-Pacific locations showing the least confidence, at 50%
If Cyber Isn’t a Growth Priority, You Don’t Have a Growth Strategy
