Skip to content

Archive for

Jan 22

1 Comment

Gartner 4Q25: $4.71T AI market proves agentic AI and data readiness are the only race that matters

Only 43% of organizations say their data is ready for AI. Meanwhile, AI Data spending is compounding at 155% annually. That’s six times faster than the infrastructure buildouts grabbing headlines. That disconnect defines the enterprise AI landscape in 2025.

Gartner’s 4Q25 AI Spending Forecast (December 17, 2025) projects $4.71 trillion by 2029. But I’ve been digging through the segment data, and the story isn’t the topline number. Four subsegments within Gartner’s AI Data market are growing between 136% and 178% CAGR. AI Infrastructure? Just 29.25%. The money is following the bottlenecks.

“Nearly everything today, from the way we work to how we make decisions, is directly or indirectly influenced by AI,” says Carlie Idoine, VP Analyst at Gartner. “But it doesn’t deliver value on its own. AI needs to be tightly aligned with data, analytics, and governance to enable intelligent, adaptive decisions and actions across the organization.”

McKinsey’s 2025 State of AI survey (1,993 participants, 105 countries) found 88% of organizations now use AI in at least one business function. But two-thirds remain stuck in pilot mode. Just 6% qualify as “AI high performers,” meaning organizations where more than 5% of EBIT comes from AI. The gap between adoption and value creation is where the real spending story unfolds.

Where the bottlenecks are breaking

Every high-growth segment in the forecast eliminates a constraint that stalls production of AI.

Synthetic data generation addresses the labeled data shortage. You can’t train models without it, and real world data comes with privacy constraints, bias problems, and collection costs that don’t scale. Data governance enforces quality standards because ungoverned data produces ungoverned outputs. Hallucinations, compliance violations, and bias incidents trace directly back to data quality failures. Data integration software connects fragmented sources. Most enterprise data sits across dozens of systems that don’t communicate.

“With AI investment remaining strong this year, a sharper emphasis is being placed on using AI for operational scalability and real-time intelligence,” says Haritha Khandabattu, Senior Director Analyst at Gartner. This has led to a gradual pivot from generative AI as a central focus toward the foundational enablers that support sustainable AI delivery, such as AI-ready data and AI agents. Infrastructure enables these capabilities. Data readiness and agentic AI determine whether they generate returns.

The $14.6 billion data readiness bet

Gartner tracks AI Data as a unified market with four subsegments. The aggregate grows from $134.35 million in 2024 to $14.59 billion by 2029. That’s 109x, making it the fastest-growing major category in the forecast.

Synthetic Data Generation: 178.29% CAGR, $40.71M to $6.80B. The fastest-growing subsegment adds $6.76 billion in new spending by 2029. A 167x increase from a small 2024 base. Gartner predicts 60% of data and analytics leaders will encounter failures in managing synthetic data by 2027, which explains why governance spending is accelerating in parallel.

AI Data Governance: 163.75% CAGR, $14.82M to $1.89B. Starting from just $14.82 million in 2024, this subsegment grows 128x by 2029. Legal and compliance teams won’t accept the alternative. When AI systems produce ungoverned outputs, the liability exposure is unacceptable.

AI Data Integration Software: 137.13% CAGR, $71.73M to $5.38B. The largest AI Data subsegment by 2029. Connects fragmented data sources, delivering context that transforms generic models into systems that understand specific business operations.

AI Ready Datasets: 136.16% CAGR, $7.09M to $520.45M. These are prepackaged, curated datasets structured for AI and ML workflows. Think labeled image libraries for computer vision, cleaned financial datasets for forecasting, and domain-specific corpora for fine-tuning LLMs. Organizations buy them to skip the months of data collection, cleaning, and annotation that delay projects. Smallest subsegment by revenue, but 73x growth signals enterprises are willing to pay for time to production shortcuts.

The 2027 crossover: When agents overtake chatbots

Agentic AI: 118.73% CAGR, $15.04B to $752.73B. This is the single most dramatic dollar growth in the forecast. Agentic AI expands from $15 billion to $753 billion by 2029. That’s 50x. Nothing else comes close.

Gartner predicts the crossover will happen in 2027. Chatbots peak at $264.75 billion that year, while Agentic AI surges to $371.40 billion. By 2029, Agentic AI is 3.3x larger ($752.73B vs. $228.50B).

McKinsey’s data reinforces the trajectory: 62% of organizations are experimenting with AI agents, 23% report scaling them in at least one function. But scaling remains limited. Most organizations deploying agents are only doing so in one or two functions, primarily IT service desk and knowledge management.

Organizations building chatbot-only strategies should note that the category dominating 2025 and 2026 is projected to decline after 2027.

The Security Tax on Agentic AI

AI Cybersecurity: 73.90% CAGR, $10.82B to $172.01B. AI agents introduce attack surfaces that traditional security architectures weren’t built for. Gartner’s Hype Cycle for Application Security, 2025 (July 2025) projects that through 2029, over 50% of successful attacks against AI agents will exploit access control issues via direct or indirect prompt injection. The 16x growth in AI Cybersecurity spending reflects enterprises grappling with that exposure.

Production AI deployment requires security architectures designed for agentic systems. That’s a capability most organizations don’t have yet.

Infrastructure: Dominant but decelerating

AI Infrastructure remains the largest absolute spending category: $624.76 billion in 2024, growing to $2.25 trillion by 2029. McKinsey (August 2025) projects hyperscalers alone will spend $300 billion in capex over 2025. Their April 2025 analysis projects $5.2 trillion in data center investment by 2030.

But at 29.25% CAGR, infrastructure grows slower than every other major AI market except Services (26.93%). Market share drops from 54.6% of total AI spending in 2024 to 47.8% by 2029. The buildout is real. Differentiation happens elsewhere.

The 6% problem

Only 6% of organizations qualify as AI high performers despite 88% adoption. McKinsey’s analysis shows high performers are 3x more likely to redesign workflows around AI rather than layering it onto existing processes. They’re also 3x more likely to have committed executive leadership driving AI as a strategic priority.

The 155% CAGR for AI Data reflects organizations investing to close that gap. The 2027 chatbot-to-agent crossover marks the inflection point when autonomous capabilities surpass conversational interfaces in market size.

Gareth Herschel, VP Analyst at Gartner, frames the pressure: “D&A is going from the domain of the few to ubiquity. At the same time, D&A leaders are under pressure not to do more with less, but to do a lot more with a lot more, and that can be even more challenging because the stakes are being raised.”

Where the value accrues

Organizations positioned to capture value from this transformation may not be the ones building the biggest data centers. The Gartner data suggests they’re investing in capabilities that make AI systems work at enterprise scale: data readiness, governance, integration, and security.

AI Data Market (aggregate): 155% CAGR, $134M to $14.6B (109x)

  • Synthetic Data Generation: 178% CAGR, $41M to $6.8B (167x)
  • AI Data Governance: 164% CAGR, $15M to $1.9B (128x)
  • AI Data Integration: 137% CAGR, $72M to $5.4B (75x)
  • AI Ready Datasets: 136% CAGR, $7M to $520M (73x)

Other High-Growth Segments:

  • Agentic AI: 119% CAGR, $15B to $753B (50x)
  • AI Cybersecurity: 74% CAGR, $11B to $172B (16x)
  • AI Infrastructure: 29% CAGR, $625B to $2.25T (4x)

Gartner’s 4Q25 data points to a directional shift: AI spending is moving from infrastructure-first to data and capabilities-first architectures. The organizations treating data readiness as an afterthought are the ones most likely to stay stuck in the 94% that never make it past pilot.

Jan 13

Gartner’s 4Q25 Information Security forecast shows 15 categories capturing half of all new security spending through 2029

Gartner's 4Q25 Information Security forecast shows 15 categories capturing half of all new security spending through 2029

Fifteen cybersecurity categories are growing up to three times faster than the overall market, capturing $48.7 billion in new spending by 2029.

That’s nearly half of the $98.4 billion the entire security market will add over the next four years. Cloud Security Posture Management leads the pack at 29.36% CAGR. Cloud Access Security Brokers follow at 24.81%.

Enterprises are fundamentally restructuring their security budgets, and the driver is brutal in its simplicity. Organizations now manage an average of 112 SaaS applications across multiple cloud providers. 82% of misconfigurations are caused by human error, according to Exabeam’s analysis. And Gartner estimates 99% of cloud security failures through 2025 will be the customer’s fault, primarily from these misconfigurations. Manual oversight breaks under this kind of scale. Enterprises are responding by investing in automation that manages what people can’t across hundreds of cloud accounts, thousands of APIs, and millions of attack vectors.

Gartner’s 4Q25 update delivers the clearest signal yet about where enterprise security budgets are heading. The overall information security market grows from $213.5 billion in 2025 to $311.9 billion by 2029 at 10.03% CAGR. These fifteen high-growth categories are expanding at 10.30% to 29.36% CAGR, capturing investment dollars at rates that dwarf legacy security spending patterns.

What makes these categories different

Every high-growth category eliminates manual bottlenecks that break under cloud-native workloads. CSPM scans configurations continuously. CASB provides visibility into unauthorized SaaS usage. ZTNA verifies every connection rather than trusting the network location. With 79% of organizations using multiple cloud providers, according to Spacelift’s research, manual processes create mathematical impossibilities.

These technologies prevent problems rather than clean up after them. CSPM catches misconfigurations before breaches. ZTNA eliminates the attack surface that VPNs create. Tokenization protects data even when systems get compromised. Security teams are finally getting ahead of threats instead of constantly playing catch-up.

And the ROI is quantifiable. IBM’s 2025 Cost of a Data Breach Report shows organizations using AI and automation extensively save $1.9 million per breach and reduce breach lifecycles by 80 days. U.S. breach costs average $10.22 million. These investments pay for themselves with a single prevented incident—a calculation CFOs understand.

Gartner's 4Q25 Information Security forecast shows 15 categories capturing half of all new security spending through 2029

The 15 categories reshaping enterprise security

1. Cloud Security Posture Management (CSPM) — 29.36% CAGR — $4.68B → $12.76B

CSPM platforms scan infrastructure continuously across AWS, Azure, and Google Cloud, automatically remediating misconfigurations before they become breaches. The 82% human error rate isn’t going to improve through training. Organizations managing 100+ cloud accounts need automation. CSPM adds $8.09 billion in new spending by 2029, the single largest dollar contribution among high-growth segments.

2. Cloud Access Security Brokers (CASB) — 24.81% CAGR — $2.30B → $5.58B

Here’s the brutal reality. Enterprises average 112 SaaS applications, but shadow IT accounts for 42% of all applications per JumpCloud’s data. IT stays blind to roughly 78 apps out of an average 187-app environment. The damage? 65% of shadow IT deployments result in data loss, and 52% lead to breaches, according to Mimecast research. CASBs restore visibility and control, growing to $5.58 billion by 2029.

3. Zero Trust Network Access (ZTNA) — 21.95% CAGR — $2.48B → $5.43B

ZTNA replaces the VPN model with application-specific access controls. Instead of network-level access, it provides application-specific connections verified for every request. Gartner predicts 70% of new remote access deployments will use ZTNA by 2025, up from less than 10% at the end of 2021. And 65% of companies plan to retire VPNs within one year per Cybersecurity Insiders data. This represents a wholesale rethinking of secure access. The perimeter-based model is dying. Good riddance.

4. Threat Intelligence — 21.73% CAGR — $2.58B → $5.69B

Modern threat intelligence platforms fuse telemetry from open-source intelligence, dark-web monitoring, vendor feeds, and internal logs. Machine learning prioritizes indicators based on organizational relevance. IBM data shows organizations integrating threat intelligence reduce detection and escalation costs while cutting incidents by 30%. The market reaches $5.69 billion by 2029 as enterprises shift from passive threat feeds to automated response integration.

5. Cloud Workload Protection Platforms (CWPP) — 21.53% CAGR — $5.98B → $13.11B

Traditional endpoint security can’t protect containers that spin up and vanish in seconds. Serverless functions executing for milliseconds? Legacy tools weren’t designed for that. CWPP solutions instrument workloads directly at the kernel or hypervisor level, monitoring system calls, file access, and network connections in real-time. The 21.53% CAGR reflects the rapid shift toward microservices and Kubernetes. As workloads migrate into container clusters, protecting them becomes a survival-level priority.

6. Consent and Preference Management — 20.22% CAGR — $0.81B → $1.64B

GDPR fines surpassed €5.88 billion by January 2025, according to DLA Piper’s annual survey. California’s CCPA penalties keep climbing. The California Privacy Protection Agency recently fined Todd Snyder $345,178 for inadequate opt-out and privacy request processes. Manual consent workflows can’t meet regulatory deadlines across jurisdictions. Automated platforms centralize preferences across web, mobile, and API endpoints while providing auditable logs for regulators.

7. Subject Rights Request (SRR) Automation — 14.26% CAGR — $1.24B → $2.01B

When users demand “delete my data,” these platforms automate orchestration across internal systems and third-party vendors. Privacy laws grant individuals rights to access, correct, and delete personal data with strict compliance timelines. SRR automation prevents the penalties that result from manual processing failures at scale, especially as more jurisdictions implement data privacy regulations.

8. Network Detection and Response (NDR) — 13.44% CAGR — $2.15B → $3.37B

NDR platforms establish behavioral baselines using statistical analysis and machine learning. When anomalies appear (unusual lateral movement, data exfiltration attempts, command-and-control traffic), they raise alerts or automatically isolate systems. The mindset shift matters here. Rather than hoping to prevent all attacks, sophisticated organizations invest in rapid detection that minimizes damage when attackers inevitably breach perimeters. Prevention alone isn’t sufficient anymore.

9. Vulnerability Assessment — 13.02% CAGR — $3.48B → $5.60B

Quarterly vulnerability scans are obsolete in CI/CD pipelines deploying multiple times daily. Modern assessment platforms provide continuous scanning integrated with exploit intelligence to prioritize patches based on real-world risk. DevOps teams need vulnerability detection that keeps pace with their deployment cadence. Anything less creates unacceptable exposure windows.

10. Tokenization — 12.68% CAGR — $1.34B → $2.11B

Tokenization replaces sensitive data with non-reversible tokens that can’t be mathematically decoded. The urgency comes from quantum computing advances. NIST finalized post-quantum encryption standards in August 2024, including ML-KEM (formerly CRYSTALS-Kyber) and ML-DSA (formerly CRYSTALS-Dilithium). Attackers already practice “harvest now, decrypt later”—collecting encrypted data today for quantum decryption within five to ten years. Organizations must begin quantum-safe transitions now.

11. Endpoint Protection Platform (EPP) — 12.51% CAGR — $17.68B → $28.36B

The largest single category adds $10.68 billion in new spending as ransomware attacks surge. U.S. ransomware attacks increased 149% year-over-year—from 152 incidents in early 2024 to 378 in the same period of 2025, according to Cyble analysis. Next-generation EPP platforms use behavioral analytics and signatureless detection to stop ransomware before encryption begins, catching what traditional antivirus misses.

12. Secure Web Gateway (SWG) — 11.63% CAGR — $4.44B → $6.74B

Malicious sites appear and disappear in hours. Cloud-delivered SWGs update threat intelligence in real-time, protecting remote and hybrid workforces wherever they connect. Integration with ZTNA creates comprehensive security that follows users across devices and locations without relying on network perimeters that no longer exist.

13. Web Application Firewalls (WAF) — 10.92% CAGR — $2.48B → $3.74B

Organizations expose hundreds of APIs and microservices—each a potential attack vector. Traditional network firewalls can’t inspect application-layer attacks like SQL injection, cross-site scripting, or API abuse. Modern WAFs use machine learning to differentiate legitimate user behavior from attack traffic without blocking customers. Getting that balance right is harder than it sounds.

14. Encryption — 10.64% CAGR — $1.35B → $1.98B

NIST’s standardization of quantum-resistant algorithms signals the urgency that organizations can no longer ignore. With quantum computing advances accelerating, encrypted data collected today faces decryption within a decade. Enterprises must transition to post-quantum cryptography now because full integration across complex environments takes years. This isn’t theoretical risk anymore.

15. Security Information and Event Management (SIEM) — 10.30% CAGR — $7.60B → $11.15B

AI transforms SIEM from reactive log collection to proactive threat hunting. The latest platforms embed unsupervised machine learning to detect zero-day attacks and automatically enrich alerts with context. Organizations using AI-powered automation save $1.9 million per breach and cut incident lifecycles by 80 days—turning security operations into a competitive advantage rather than a cost center.

Why this matters

Cloud complexity has proven exponential. With 79% of organizations using multiple cloud providers and managing hundreds of accounts, manual security processes break under the load. The 29.36% CAGR for CSPM isn’t market optimism. It’s organizational survival.

Shadow AI joins shadow IT as a core threatscape element. Shadow AI breaches cost $4.63 million—$670,000 more than standard incidents, according to IBM data. But AI also powers the best defenses, with automated security tools reducing breach lifecycles by 80 days. The same technology that creates vulnerabilities offers the most effective countermeasures.

Compliance costs keep accelerating. Between GDPR, CCPA, and emerging global regulations, manual compliance processes create escalating liability. Automated platforms turn regulatory requirements into competitive advantages by reducing fine exposure and accelerating data subject request responses.

Bottom Line

The organizations winning this transformation aren’t those with the largest security budgets. They’re the ones investing in the right categories at the right time. These fifteen segments define what modern security architecture looks like and capture nearly half of all new security spending through 2029.

Gartner’s 4Q25 data delivers a clear message. Security spending is shifting to automation-driven, zero-trust, cloud-native architectures. Organizations still relying on legacy approaches aren’t just falling behind. They’re accepting risks the market has already priced as unacceptable.

Source: Gartner Forecast: Information Security, Worldwide, 2023-2029, 4Q25 Update (Document G00843183, published December 18, 2025), showing overall market growth from $213.5B (2025) to $311.9B (2029) at 10.03% CAGR in constant currency.