Recent research from a McKinsey study, published in Cybercrime Magazine's Cybersecurity Market Report 2025-2026, reveals significant shifts in how cybersecurity providers are engaging with potential customers. The evolving market dynamics are reshaping the landscape of cybersecurity spending.
Currently, nearly 15 percent of corporate cybersecurity expenditures originate outside the chief information security office (CISO). The McKinsey study anticipates that non-CISO cyber spending will grow at a compound annual growth rate (CAGR) of 24 percent over the next three years. This marks a notable change from a decade ago when CISO organizations accounted for nearly all cybersecurity expenditures.
Looking ahead, cybersecurity vendors and service providers must increasingly tailor their offerings to non-CISO customers. According to the study, most of this non-CISO spending is expected to come from purchasing centers focused on cloud services, product development, network management, and audit and compliance.
For more insights into the cybersecurity market, McKinsey shared a video recorded by Cybercrime Magazine during the RSA Conference USA 2025 earlier this year.
