Posts from the ‘AI’ Category

Apr 8

Top 10 security categories where VC funding trails Gartner’s 2026 growth forecast, Crunchbase data

Two of Gartner’s 10 fastest-growing security categories have zero venture-backed startups. Firewall equipment, a $26.7 billion market by 2030, and pure-play cloud access security brokers, projected at $7.1 billion, are controlled entirely by incumbent vendors. No startup has raised a dollar in either category since January 2025.

I cross-referenced Gartner’s 1Q26 Information Security forecast against CB Insights, Crunchbase, and PitchBook funding data for every one of the 10 fastest-growing security categories. The question: where is venture capital following Gartner’s growth signal, and where is it missing?

The answer is stark. $93.2 billion in projected 2030 spending across these 10 categories. $11.2 billion in total VC raised by 59 funded startups. That is an 8.3:1 gap between where enterprise demand is heading and where startup capital is flowing. In 5 of 10 categories, the gap exceeds 12:1. As I detailed in last week’s analysis of the 10 fastest-growing categories, growth is concentrating in cloud infrastructure, proactive intelligence, and privacy compliance. The VC data tells you whether anyone is building what CISOs need to buy.

“Cybersecurity leaders are navigating uncharted territory this year as these forces converge, testing the limits of their teams in an environment defined by constant change,” said Alex Michaels, Director at Gartner. The spending data confirms it. The startup funding data shows the supply side has not caught up.

The master table: Gartner forecast vs. startup funding by category

I mapped each Gartner category against every cybersecurity startup that raised equity or debt since January 2025. Each company is assigned to one primary category to avoid double-counting. Gap Ratio is the Gartner 2030 market projection divided by total VC raised. Higher means wider gap.

#	Gartner Security Category	2025-26 GR	5yr CAGR	2030 Proj	Startups	Total VC	Gap Ratio	Verdict
1	Cloud Access Security Brokers (CASB)	27.2%	24.3%	$7.1B	4	$182M	39:1	Critical Gap
2	Firewall Equipment (NGFW/FWaaS)	15.9%	9.1%	$26.7B	0	$0	∞	Incumbent Lock
3	Cloud Security Posture Mgmt (CSPM)	33.4%	27.6%	$16.2B	6	$752M	21.5:1	Underfunded
4	Vulnerability Assessment	15.7%	12.0%	$6.4B	6	$306M	20.9:1	Underfunded
5	Cloud Workload Protection (CWPP)	25.9%	21.0%	$16.1B	8	$1.28B	12.6:1	Underfunded
6	Subject Rights Request Automation	16.2%	12.3%	$2.3B	2	$240M	9.6:1	M&A Absorbed
7	Network Detection & Response (NDR)	15.6%	12.4%	$4.1B	4	$701M	5.9:1	Moderate Gap
8	Zero Trust Network Access (ZTNA)	23.0%	20.9%	$6.4B	10	$1.94B	3.3:1	VC Ahead
9	Threat Intelligence	27.3%	21.1%	$6.9B	12	$3.16B	2.2:1	Oversupplied
10	Consent & Preference Mgmt	22.1%	18.6%	$2.0B	7	$2.61B	0.8:1	Oversupplied

Source: Gartner 1Q26 Information Security Market Current Outlook (G00846158, March 2026). Growth rates in constant currency. Funding data from CB Insights, Crunchbase, PitchBook. Analysis by Software Strategies Blog, April 2026.

The table splits cleanly into three tiers. Five categories are underfunded or locked out (Gap Ratio above 9:1). Two sit in the middle. Three are oversupplied or ahead of the Gartner signal.

I update this comparison every quarter as Gartner releases new forecast data. Get the next one in your inbox.

The 3 widest gaps

Gap #1: CASB — 39:1, and the category is disappearing

Gartner projects cloud access security brokers reaching $7.1 billion by 2030 at a 24.3% CAGR. Total startup funding since January 2025: $182 million across just 4 companies.

Company	Total Funding	Last Round	Lead Investor	HQ	Founded
Reco	$85M	$30M Series B	Zeev Ventures	New York	2020
Seraphic Security	$44M	$29M Series A	GreatPoint Ventures	Palo Alto / Israel	2020
Nudge Security	$35M	$22.5M Series A	Cerberus Ventures	Austin, TX	2021
Spin.AI	$18M+	Undisclosed (K1)	K1 Investment Mgmt	Palo Alto	2017

The gap is structural, not cyclical. Pure-play CASB startups no longer exist as a standalone category. The buying motion has shifted to SASE platforms. Cato Networks raised $409 million in a Series G in June 2025, but that money funds a unified SASE platform spanning CASB, ZTNA, and SD-WAN.

For CISOs, the implication is direct. If your CASB requirement is standalone, your vendor options are Netskope, Skyhigh, Forcepoint, and a handful of sub-$50 million startups. Expect fewer competitive bids and less pricing leverage than in categories where VC is abundant.

Gap #2: CSPM — 21.5:1, the fastest-growing category is still starved

Cloud security posture management is the single fastest-growing category in Gartner’s entire information security forecast. 33.4% growth in 2026. $16.2 billion by 2030 at a 27.6% five-year CAGR. Total startup funding: $752 million across 6 companies.

Company	Total Funding	Last Round	Lead Investor	HQ	Founded
Upwind Security	$430M	$250M Series B	Bessemer Venture Partners	San Francisco	2022
Noma Security	$132M	$100M Series B	Evolution Equity Partners	New York / Tel Aviv	2023
Sentra	$100M+	$50M Series B	Key1 Capital	New York / Tel Aviv	2021
Native Security	$42M	$31M Series A	Ballistic Ventures	Tel Aviv / Seattle	2024
Mondoo	$32.5M	$17.5M Series A Ext	HV Capital	San Francisco	2020
AccuKnox	$15M	$4M Venture	DreamIt Ventures	Menlo Park	2020

Upwind alone accounts for 57% of all CSPM startup capital. It hit unicorn status at a $1.5 billion valuation in January 2026. But one company cannot fill a $16.2 billion market.

Alphabet’s $32 billion acquisition of Wiz in March 2026 removed the largest independent cloud security company from the startup market entirely. In my analysis of $3.6 billion in agentic AI security funding, I tracked how M&A is filling gaps that VC has not. CSPM is a category where that pattern is accelerating.

Gap #3: Vulnerability Assessment — 20.9:1, the most active seed-stage category

Gartner projects vulnerability assessment at $6.4 billion by 2030. Total VC: $306 million across 6 companies.

Company	Total Funding	Last Round	Lead Investor	HQ	Founded
Zafran Security	$130M	$60M Series C	Menlo Ventures	New York	2022
Seemplicity	$82M+	$50M Series B	Sienna Venture Capital	Tel Aviv	2020
Cogent Security	$53M	$42M Series A	Bain Capital Ventures	San Francisco	2024
Nucleus Security	$20M+	$20M Series C	Undisclosed	Tampa, FL	2018
Onit Security	$11M	$11M Seed	Hetz Ventures	Tel Aviv	2025
ZAST.AI	~$10M	$6M Pre-A	Hillhouse Capital	Seattle	2024

This is the category with the most active early-stage investment. Cogent Security and Onit Security both use AI agents for autonomous vulnerability remediation. Zafran tripled ARR since its prior round. The agentic AI thesis is landing hardest in vulnerability management, and the funding trail shows it.

Balbix, which had raised $98.6 million, was acquired in November 2025. For CISOs evaluating this category, the vendor field is young and fragmented. Half of the funded companies were founded in 2024 or later.

Where VC is ahead of Gartner

Three categories show the opposite pattern. In Consent & Preference Management, OneTrust alone has raised $2.1 billion against a $2.0 billion Gartner projection. In Threat Intelligence, $3.16 billion in VC against a $6.9 billion projection, but Dataminr ($1.24B) and ReliaQuest ($1.13B) account for 75% of the total. In ZTNA, Cato Networks’ $1.1 billion alone represents 57% of all category funding.

The concentration risk matters. Strip out the single largest company in each oversupplied category and the gap ratios invert. Consent without OneTrust: $510 million, Gap Ratio 3.9:1. Threat Intelligence without Dataminr and ReliaQuest: $790 million, Gap Ratio 8.7:1. ZTNA without Cato: $835 million, Gap Ratio 7.7:1.

M&A is filling the gaps VC won’t

When startups cannot fill the gap, platform vendors acquire. The $3.6 billion in agentic AI security funding and $96 billion in M&A I tracked in March tells this story at scale. Palo Alto Networks assembled $29 billion in acquisitions. ServiceNow spent $11.6 billion. Alphabet closed $32 billion for Wiz. Veeam acquired Securiti.ai for $1.725 billion, removing the leading subject rights automation vendor from the independent market.

Forrester’s 2026 cybersecurity budget data confirms the same pattern from the buyer side. Security budgets are growing, but the spend is concentrating in fewer, larger platform purchases.

What this means for CISOs

In underfunded categories, build internally or accept platform vendor lock-in. CSPM, vulnerability assessment, and CWPP all have Gap Ratios above 12:1. Fewer funded startups means fewer competitive alternatives. If your preferred vendor gets acquired, as Wiz, Securiti.ai, and Balbix all were, your roadmap depends on the acquirer’s priorities, not yours.

In oversupplied categories, use the competition for better pricing. ZTNA, threat intelligence, and consent management have abundant VC-backed alternatives. Negotiate harder. Run competitive evaluations with three or more vendors. The funding data tells you which categories give you leverage.

Watch for single-company concentration. Chainguard holds 70% of all CWPP startup funding. Cato holds 57% of ZTNA. OneTrust holds 80% of consent management. If any of these companies pivots, gets acquired, or fails, the category funding picture changes overnight.

Bottom line

Gartner projects $93.2 billion in 2030 spending across the 10 fastest-growing security categories. Venture capital has funded $11.2 billion in startups since January 2025. The 8.3:1 blended gap tells you the overall story. The category-level ratios tell you where to act.

Cloud security posture management, vulnerability assessment, and cloud workload protection are growing at 2x to 3x the market average but remain underfunded relative to Gartner’s projections. Two categories, firewall equipment and pure-play CASB, have no startup investment at all. Platform vendors are filling gaps through acquisition at a pace that is reshaping every competitive evaluation.

This is the third quarter I have tracked Gartner’s security forecast against independent funding data. The gap between enterprise demand and startup supply keeps widening. Gartner’s 2Q26 forecast lands in July. I will break down the updated Gap Ratios the week it drops. I wrote a shorter editorial take on what these gaps mean for CISO budgets on my Substack.

Source: Gartner, Information Security Market Current Outlook, Worldwide, 1Q26 (G00846158), March 2026. Growth rates in constant currency. Dollar figures in current U.S. dollars. Funding data from CB Insights, Crunchbase, PitchBook, Statista. Cross-referenced against company press releases. Analysis by Software Strategies Blog.

Feb 16

1 Comment

Gartner forecasts agentic AI will overtake chatbot spending by 2027

Agentic AI spending grows 141% in 2026 to $201.9 billion. By 2027, it will overtake chatbot and assistant spending for the first time. Then chatbot spending starts declining. I’ve tracked Gartner’s AI forecasts through multiple iterations. This crossover changes where security risk concentrates for every security professional reading this.

The crossover is in the segment-level data tables of Gartner’s Forecast: AI Spending, Worldwide, 2024–2029, 4Q25. The headline number is well known: $2.53 trillion in 2026, $4.7 trillion by 2029 at 33% CAGR. The segment breakdowns are not. Eight markets. Nineteen sub-segments. The sub-segment data tells a different story than the top line.

This is Gartner’s first dedicated AI spending forecast, and I’ve been waiting for it. Gartner states that comparisons to previous AI estimates are not meaningful because the scope widened, adding AI cybersecurity, agentic AI as a separate segment from chatbots, AI data technology, and expanded infrastructure coverage. Gartner writes, “This is the first iteration of the forecast on AI spending that Gartner has published. Gartner has significantly expanded and modified its AI forecast coverage. Spending comparisons to previous iterations are therefore not meaningful as the scope has widened. This includes both coverage of new markets and broadened definitions of the types of AI spending that are reflected in some market segments.”

Forrester’s Predictions 2026: Cybersecurity and Risk arrives at the same warning from a different angle: an agentic AI deployment will cause a publicly disclosed breach in 2026, leading to employee dismissals. Two firms. Same conclusion. The spending data explains why.

CAPTION: Total worldwide AI spending, 2024–2029. $1.14T to $4.71T. 33% CAGR. Growth decelerates from 54% (2025) to 16% (2029) as the base expands. Source: Gartner Forecast: AI Spending, 4Q25 (December 2025).

The full market breakdown

AI infrastructure dominates at $1.37 trillion, 54% of the total. AI software follows at $452.5 billion, growing 60% year-over-year. AI services add $588.6 billion. AI cybersecurity and AI data are the outliers: growing at 74% and 155% CAGR, respectively, rates that dwarf everything else in the forecast.

Source: Gartner Forecast: AI Spending, Worldwide, 2024–2029, 4Q25 (December 19, 2025). All figures in U.S. dollars. CAGR = 2024–2029. Gartner press release: https://www.gartner.com/en/newsroom/press-releases/2026-1-15-gartner-says-worldwide-ai-spending-will-total-2-point-5-trillion-dollars-in-2026

Infrastructure takes 54% of every AI dollar

AI-optimized servers alone account for $421.6 billion in 2026, growing to $699.7 billion by 2029. AI processing semiconductors add $289.4 billion. AI-optimized IaaS hits $38.3 billion at 71% CAGR, the fastest-growing infrastructure sub-segment. AI network fabric, a new category in this forecast, reaches $28.7 billion.

Infrastructure’s share drops from 54% to 48% by 2029 as software and services scale faster. The capital-intensive build-out phase is not over.

The agentic crossover nobody is planning for

Gartner now splits AI software into chatbots/assistants and agentic AI. The spending lines cross in 2027.

CAPTION: Agentic AI spending overtakes chatbot/assistant spending by 2027. Chatbots peak at $264.7B then decline. Agentic AI grows at 119% CAGR to $752.7B by 2029. Source: Gartner Forecast: AI Spending, 4Q25 (December 2025). AI Software segment, Table 1-2.

Source: Gartner Forecast: AI Spending, 4Q25 (December 2025). CAGR = 2024–2029.

Chatbots talk to people. Agents act on behalf of people. They access databases, execute transactions, chain multi-step workflows without human approval at each step. The attack surface has moved well beyond conversation windows. Agents are autonomous decision engines with production access.

Gartner’s Top Trends in Cybersecurity for 2026 lists agentic AI oversight as the number-one trend. Forrester’s Predictions 2026: Cybersecurity and Risk goes further: an agentic AI deployment will cause a public breach this year, and employees will lose their jobs for it. Forrester senior analyst Paddy Harrington calls it a “cascade of failures,” not a single point of error. Two analyst firms. Different methodologies. Same conclusion. Security strategies built for chatbot-era risk have a shelf life measured in quarters, not years.

AI cybersecurity is two markets, not one

Gartner created a dedicated AI cybersecurity market for the first time in this forecast. It nearly doubles in 2026. But the category name hides a structural split that matters more than the growth rate.

Source: Gartner Forecast: AI Spending, 4Q25 (December 2025). CAGR = 2024–2029.

Two sub-segments. Two very different problems.

AI-amplified security ($48.5 billion, 94.5% of the market) is what most enterprises mean when they say “AI cybersecurity.” This is AI working for your security team. Machine learning models that analyze network traffic patterns and flag anomalies faster than a human analyst can. Natural language processing that reads threat intelligence feeds and correlates indicators of compromise across millions of data points in seconds. Automated triage systems that prioritize which of the 11,000 daily alerts actually need a human response. AI-powered endpoint detection that identifies malware variants that signature-based tools miss. Behavioral analytics that learn what normal looks like for each user and flag deviations. Security orchestration platforms that automate incident response playbooks, reducing mean time to containment from hours to minutes.

This is the category where enterprises are spending aggressively. And for good reason. The math on analyst workloads demands it. Security operations centers are drowning in alerts, facing a persistent talent shortage, and defending attack surfaces that expand every quarter. AI-amplified tools address all three.

Securing AI ($2.8 billion, 5.5% of the market) is the other problem. AI-amplified security puts AI to work defending the enterprise. Securing AI reverses the relationship entirely — defending the AI itself. Protecting the models, the training data, the inference pipelines, the agent workflows, and the decision outputs that enterprises are deploying at $2.53 trillion in 2026. Prompt injection defenses. Model access controls. Training data poisoning detection. Output validation. Agent permission boundaries. Audit trails for autonomous decisions.

The distinction matters because they protect different things. AI-amplified security protects your enterprise using AI. Securing AI protects the AI itself. One is a tool. The other is the thing that needs protecting. Enterprises are investing 17 times more in the tool than in protecting the thing the tool runs on.

Shadow AI is not just employees using ChatGPT

Gartner names the mechanism driving AI software growth: vendor push. Software providers are integrating GenAI and agentic AI into existing product lines. AI software grows from $143 billion in 2024 to $981 billion by 2029 at 47% CAGR.

For CISOs, vendor push changes the equation. AI capabilities are being added to tools already in production. Often without explicit procurement decisions. The AI features embedded in your existing ERP, CRM, and developer platforms may already exceed what your security team has inventoried. Shadow AI is vendors activating AI inside products you already own.

The smallest market with the biggest growth rate

AI data technology: $134 million in 2024. $3.1 billion in 2026. $14.6 billion by 2029. The 155% CAGR is the highest in the forecast. The 277% year-over-year growth in 2026 is the steepest single-year jump of any segment.

Synthetic data generation is the standout sub-segment, going from $41 million to $6.8 billion by 2029. Gartner is direct: enterprises need AI-ready data with proper labeling, quality checks, and compliance. For organizations running AI projects on ungoverned data, the readiness gap compounds every quarter.

CAPTION: AI spending markets ranked by five-year CAGR. AI Data (155%) and AI Cybersecurity (74%) lead. AI Infrastructure is the largest by absolute dollars. Source: Gartner Forecast: AI Spending, 4Q25 (December 2025).

Indirect services are the governance blind spot

Indirect AI services, where AI is a supporting component in a larger project, grow from $78.4 billion in 2024 to $255.9 billion in 2026 at 50% CAGR. Direct AI services hit $332.8 billion. By 2028, indirect overtakes direct.

Indirect AI means capabilities embedded in consulting and implementation projects that procurement does not classify as AI. If you cannot see it in your AI inventory, you cannot govern it.

Servers are a bigger market than AI software

AI-optimized servers alone hit $421.6 billion in 2026, just below the entire AI software market at $452.5 billion. By 2029, servers reach $699.7 billion. Cloud providers are building capacity for AI workloads that have not materialized at scale. The infrastructure is ahead of the applications.

The enterprise agentic stack is showing up in spending data

Gartner’s DSML segment includes a dedicated agent builder platforms sub-segment at $5.0 billion in 2026, reaching $13.7 billion by 2029. AI observability and governance adds $1.3 billion, growing to $4.0 billion. The xOps sub-segment (MLOps, DataOps, ModelOps) is the largest at $15.0 billion.

Together, these form the tooling layer for building, monitoring, and governing agents in production. The enterprise agentic stack is materializing in the spending data. Most organizations have not formalized it in their architecture.

The numbers that belong in your next board deck

If you take one thing from this forecast into a budget meeting, take this table. I built it from the raw spreadsheet data. Six years of AI deployment spending next to AI security spending. The bottom row is the one that gets the questions.

Source: Gartner Forecast: AI Spending, 4Q25 (December 2025). All percentages derived from Gartner’s published data tables (Tables 1-1 and 1-2).

The ratio improves over time. Securing AI goes from 0.07% in 2024 to 0.25% by 2029. But watch the absolute numbers. In 2029, enterprises will spend $4.71 trillion deploying AI and $11.6 billion securing it. The percentage gets better. The dollar gap gets wider. Every year, the market grows its way into a larger exposure.

Where I think this lands

Three things worth tracking from the segment data:

The agentic crossover. Agentic AI overtakes chatbot spending in 2027. The enterprise risk profile shifts from conversational data leakage to autonomous decision-making at scale. CISOs who build agentic governance frameworks in 2026 position themselves before the inflection. The spending curve says the window is narrowing.

The securing-AI gap. $2.8 billion to protect AI systems in a year when $2.53 trillion deploys them. Enterprises are enthusiastic about using AI for defense. The investment in defending AI itself has not caught up.

Data readiness is the bottleneck. The 277% growth in AI data spending confirms that AI without governed data delivers diminished returns. Data classification investments directly enable or constrain AI ROI.

If your security budget is growing at 12% and AI deployment inside your enterprise is growing at 44%, the gap compounds every quarter. You cannot close it by holding steady. The organizations getting this right treat AI security as a proportion of AI deployment, not a fixed line item.

—

Sources

Gartner, Forecast: AI Spending, Worldwide, 2024–2029, 4Q25, December 19, 2025, ID G00843179.

Gartner press release (January 15, 2026): https://www.gartner.com/en/newsroom/press-releases/2026-1-15-gartner-says-worldwide-ai-spending-will-total-2-point-5-trillion-dollars-in-2026

Gartner, Top Trends in Cybersecurity for 2026 (February 5, 2026): https://www.gartner.com/en/newsroom/press-releases/2026-02-05-gartner-identifies-the-top-cybersecurity-trends-for-2026

Gartner, IT Spending Forecast 1Q26 (February 3, 2026): https://www.gartner.com/en/newsroom/press-releases/2026-02-03-gartner-forecasts-worldwide-it-spending-to-grow-10-point-8-percent-in-2026-totaling-6-point-15-trillion-dollars

Forrester, Predictions 2026: Cybersecurity and Risk (October 2025): https://www.forrester.com/blogs/predictions-2026-cybersecurity-and-risk/

All dollar figures in U.S. dollars. Growth rates and CAGR derived from Gartner’s published data tables (Tables 1-1 and 1-2).

Sep 17

Top Seven Takeaways from Gartner’s 2024 CIO GenAI Survey

For 87% of CIOs, generative AI (GenAI) represents more than a technological advancement—it’s a career-defining opportunity.

Gartner’s 2024 CIO Generative AI Survey finds that GenAI is gaining momentum with CIOs, with 95% believing in the technology’s significant potential to improve their organizations. A significant obstacle: a gap between CIOs and their C-suite peers — tempers their optimism.

While CIOs recognize AI’s potential to unleash productivity gains and improve customer experiences, only a fraction of the C-suite sees it as an urgent priority. Closing that gap underscores CIOs’ essential role in championing GenAI by committing to excel at learning every aspect of the new technology and how it can deliver long-term value to their organizations.

The top seven takeaways from Gartner’s survey provide CIOs with a roadmap on how to take a practical, pragmatic approach to bridge the gaps across the C-suite and help their organizations get results from their GenAI strategies.

Strategic Insights from Gartner’s 2024 CIO GenAI Survey

Gartner’s latest CIO survey on GenAI provides insights into how IT leaders can capitalize on the technology’s significant impact, from career growth and expertise development to helping CIOs achieve more support across the C-suite. Each takeaway focuses on how CIOs can leverage AI to drive success for themselves and their organizations.

Here are the survey’s seven most insightful takeaways:

More CIOs are starting to view GenAI as a career-enhancing opportunity. Eighty-seven percent of CIOs see GenAI as a pivotal career advancement opportunity, with 44% of those proficient in AI strongly affirming this view. GenAI’s rapid adoption in organizations is proving itself a technology capable of delivering productivity gains and is increasingly becoming a skill and expertise essential for career advancement. For CIOs leading AI initiatives, it’s not just about technology—it’s about positioning themselves as visionary leaders qualified to step into more senior positions. To maximize this opportunity, CIOs need to prioritize the development of AI strategies that demonstrate clear, measurable business outcomes. Continuous learning and certification programs are given to any IT professional, especially CIOs, who want to maintain a competitive edge and have their careers capitalize on GenAI’s growth trajectory.

CIOs are more focused than ever on increasing their acumen about GenAI. CIOs are rapidly becoming the in-house experts on AI, with 52% now rating themselves as proficient or advanced, up from 38% nine months ago. This growing expertise is crucial, as 67% of CIOs are tasked with leading AI initiatives, often sharing this responsibility with other C-suite members. Gartner recommends that CIOs deepen their AI knowledge further and foster a culture of AI literacy across their teams to capitalize on this trend. Providing targeted training for IT and business leaders to ensure that AI strategies are fully integrated into broader business goals is quickly becoming table stakes.

Source: Key findings from the 2024 Gartner CIO generative AI survey (ID G00820936). Gartner, Inc.

Disconnect between CIO optimism and C-suite prioritization. Despite 95% of CIOs believing in the potential for GenAI to deliver value, the survey reveals a disconnect with the C-suite—only 21% of CIOs who consider themselves highly knowledgeable about AI believe their C-suite sees it as a high priority. This gap suggests a need for more effective communication and strategic alignment. CIOs need to focus on translating AI’s potential into language that resonates with the C-suite. Regular briefings and ROI-focused presentations can help bridge this gap and elevate AI as a top priority for all executive leaders.

CIOs are leading the charge in AI implementations. CIOs are increasingly in charge of GenAI initiatives, with 48% of CIOs responding to the survey indicating that they are the main executives responsible for these initiatives. Another 28% are part of the team responsible for developing AI strategy. This central role places CIOs at the forefront of digital transformation, requiring them to be strategic leaders and hands-on practitioners. CIOs need to establish clear governance frameworks and metrics for AI initiatives to ensure success and alignment with broader organizational goals. Additionally, partnering with other C-suite members, such as the CFO and CMO, can help secure the necessary resources and support for AI projects.

Focus on productivity gains. GenAI is proving effective in streamlining operations and improving efficiencies organization-wide, with 74% of CIOs citing productivity as its top business value. AI also improves customer experience (49%) and helps streamline digital transformation (31%). These priorities demonstrate AI’s multifaceted role in modern businesses. Gartner recommends that CIOs integrate AI into crucial or core organizational areas, ensuring that AI initiatives align with organizational objectives and are designed to deliver measurable, scalable outcomes.

Concerns over AI hallucinations. Although GenAI holds great potential, there are significant risks. According to 59% of CIOs, the biggest worry is “hallucinations” or misleading or incorrect outputs. In close succession, 44% and 48% of CIOs express concern about privacy violations and false information spread by malicious attackers. These dangers highlight the importance of solid governance, ongoing oversight, and continued investments in cybersecurity. According to Gartner, CIOs need to prioritize creating AI ethics guidelines and investing in auditing tools. Gartner also notes that reducing these risks will require cultivating a culture of accountability and transparency.

C-Suite engagement in AI is growing but still lags. The survey shows that while C-suite engagement with AI is growing, 42% of CIOs note increased investment in understanding AI, and 53% still consider their peers novices, highlighting a critical need for further education and alignment. CIOs need to take the lead and champion targeted AI education and strategy sessions to close this gap, ensuring AI initiatives are fully supported and integrated into the organization’s strategic goals.

Conclusion

In Gartner’s 2024 CIO Generative AI Survey, GenAI is more than a technological advancement—it’s a strategic imperative for CIOs seeking business transformation and career advancement. GenAI is rapidly becoming a cornerstone of modern enterprise strategy, with 87% of CIOs seeing it as a career-enhancing tool and 95% as a business value driver.

With only 21% of CIOs seeing AI as a high priority for their executive peers, the journey is difficult. 74% of CIOs are focused on productivity gains, but the C-suite is cautious. CIOs must gain AI expertise and lead the way in aligning AI initiatives with organizational goals to mitigate risks like AI hallucinations through robust governance. CIOs can use GenAI to achieve business success and career growth by strategically navigating these dynamics to cement their role as digital visionaries.

Bibliography:

Struckman, C. (2024). Key findings from the 2024 Gartner CIO generative AI survey (ID G00820936). Gartner, Inc. https://www.gartner.com/document/820936 (Client access required).

Sep 15

Capgemini report finds top 10 ways enterprises are harnessing the value of GenAI

Eighty percent of enterprises have increased their investment in GenAI over the past year, with nearly one-quarter (24%) now integrating the technology into their operations, up from just 6% in the previous year.

Capgemini Research Institute’s recent report, Harnessing the value of generative AI: 2nd edition: Top use cases across sectors, highlights enterprises’ accelerating pace of GenAI adoption and growing importance across their operations and industries.

“Generative AI is not just a technological innovation; it’s a catalyst for transformative change across multiple sectors, driving productivity gains, operational efficiency, and strategic shifts in business models,” write the report’s authors. Enterprise leaders’ sentiment underscores the increasing recognition of GenAI as a critical technology for staying competitive in an increasingly turbulent economic environment.

According to the report, GenAI’s rapid adoption across IT and marketing indicates that companies are actively integrating it into their core operations to drive tangible, measurable benefits. Capgemini’s findings highlight the need for a strong data governance framework, strategic talent development, and vigilant cybersecurity to maximize GenAI’s potential as companies scale their initiatives.

How enterprises are maximizing GenAI’s value

Capgemini found ten key ways enterprises are positioning themselves to maximize GenAI’s potential. These strategies demonstrate how all companies can potentially invest in and integrate GenAI to boost growth, efficiency, and innovation across departments and industries.

Investment surge reflects growing confidence in GenAI. 89% of large businesses with annual revenues over $20 billion are leading this investment surge, highlighting GenAI’s significance for future growth. Additionally, 73% of companies with revenues between $1 billion and $5 billion have significantly increased their GenAI budgets, showing that this trend is not limited to the largest companies. This investment trend indicates that many companies believe GenAI can drive enterprise evolution and deliver substantial returns, with many expecting double-digit productivity and customer engagement growth.

Capgemini report finds top 10 ways enterprises are harnessing the value of GenAI

GenAI maturity grows steadily across industries. GenAI implementations have continued to mature across industry sectors over the past year. Up from 6% in 2023, 18% of organizations will fully integrate GenAI into most or all functions in 2024. With 64% and 53% of companies enabling GenAI, high-tech and financial services lead. Retail grew 17%–40% and industrial manufacturing 14%–35%. With 53% and 47% of telecom and energy/utilities adopting GenAI, respectively, progress has been made.

GenAI’s integration across organizational functions is growing. In one year, GenAI IT adoption rose from 4% to 27% across organizational functions. GenAI is improving enterprise productivity and innovation through this broad integration across sales, marketing, operations, and R&D. Capgemini also found that GenAI is transforming operations and creating value across all business areas.

Productivity and customer engagement gains. Over the last year, organizations that have implemented GenAI have reported a 7.8% increase in productivity and a 6.7% increase in customer engagement. These tangible benefits demonstrate GenAI’s ability to provide real, measurable value to enterprises. Early adopters report significant improvements in key performance metrics, highlighting the strategic importance of incorporating GenAI into business operations.

Small Language Models (SLM) are gaining momentum. 24% of organizations have implemented SLMs, and 56% plan to do so within three years. These models are cheaper and less computationally intensive than larger AI models, so many companies are piloting and eventually moving them into production. SLMs excel in industry-specific applications, allowing businesses to harness AI’s potential without the infrastructure and resource demands of larger models. SLMs are becoming a good option for companies trying to compete in an AI-driven market as they seek efficient and scalable AI solutions.

GenAI is enabling enterprises to advance from chatbots to autonomous multi-agent systems. GenAI is helping 62% of organizations upgrade from chatbots to AI agents that autonomously manage complex goals. 48% of users use multi-agent systems, where AI agents operate independently in changing environments. As businesses automate and optimize complex processes with these systems, decision-making and operational efficiency improve across industries. AI has evolved from simple user interactions to complex, agentic use cases, as shown in the image.

GenAI agents are accelerating the shift to autonomous operations. GenAI agents are increasingly used in enterprise automation, with 82% of companies planning to implement them in 1–3 years. These agents are evolving from supportive tools to autonomous entities that can perform complex tasks without interaction. This shift is significant, with 71% of organizations expecting AI agents to automate workflows and 64% expecting customer service and productivity improvements. AI agents are not just efficient; they are a radical shift toward fully autonomous, AI-driven operations that will transform enterprise productivity and strategic decision-making.

GenAI is forcing major business strategy shifts. 54% of companies expect GenAI to improve their strategies, up from 39% in 2023. 40% of companies are revising their business models to stay competitive as GenAI becomes more important. As GenAI becomes more important, 74% of businesses believe they must use it to grow revenue and stay ahead of the competition.

Strengthening data foundations is crucial for GenAI’s success. More than 60% of companies realize GenAI’s potential depends on solid data foundations. Only 51% have documented data integration processes and 46% have AI data management policies. Even enterprises that have adopted GenAI still struggle to make the most of all their external data sources. Capgemini makes it clear that for GenAI initiatives to succeed, companies need scalable, secure data infrastructure.

Tighten AI controls or risk trust and compliance. Ethics in AI deployment is a priority for 57% of organizations, which recognize the need for control mechanisms that can flex and adapt as their business goals change. While 46% have clear AI governance frameworks, 73% agree that human oversight is necessary to validate AI-driven decisions. Without strong governance, bias, and accountability issues could counteract GenAI’s benefits, so organizations must act now.

Conclusion

With 80% of organizations increasing their investment and almost a quarter already including it in their operations, GenAI is fast changing how businesses run. This general acceptance emphasizes GenAI’s importance as a main engine of efficiency and creativity, providing real advantages in customer interaction and output.

Organizations are not only embracing GenAI as AI agents and Small Language Models (SLMs) acquire traction; they are also including GenAI in their basic strategies. Those who match GenAI with their business models, make investments in solid data foundations, and develop the knowledge required to maximize its possibilities will inherit the future. They will lead in the era of artificial intelligence by doing this, establishing new benchmarks for operational excellence and creativity.

Jul 7

Forrester’s top ten trends defining identity and access management in 2024

Stolen identity and privileged access credentials now account for 61% of all data breaches. This figure continues to increase as nation-state attackers, cybercrime groups, and rogue attackers integrate AI into their attack tradecraft.

Adversarial AI is taking aim at identities

80% or more of breach attempts aim first at identities and the systems that manage them. CrowdStrike’s 2024 Global Threat Report found that identity-based and social engineering attacks are reaching a new level of intensity. CrowdStrike found that attackers are using AI to launch advanced phishing attacks to impersonate legitimate users and infiltrate secure accounts. Attackers have long sought account credentials, but in 2023, their goals centered on authentication tools and systems, including API keys and OTPs.

“What we’re seeing is that the threat actors have really been focused on identity, taking a legitimate identity. logging in as a legitimate user. And then laying low, staying under the radar by living off the land by using legitimate tools,” Adam Meyers, senior vice president counter adversary operations at CrowdStrike, told VentureBeat in an interview early this year. Two of the most infamous Russian nation-state attackers, Fancy Bear and Cozy Bear, led these efforts, with the former exploiting a Microsoft Outlook vulnerability (CVE-2023-23397) for unauthorized server access.

Top ten trends defining identity and access management (IAM) in 2024

Forrester’s recent report, The Top Trends Shaping Identity And Access Management In 2024, provides an insightful view into the future of Identity and Access Management (IAM) and Privileged Identity Management (PIM). The report predicts that threat detection and remediation will improve with the help of A.I. Forrester also predicts that FIDO passkey authentication will go mainstream. In contrast, biometric authentication will slow down due to concerns regarding deepfakes.

Leading IAM providers include AWS Identity and Access Management, CrowdStrike, Delinea, Cradlepoint, ForgeRock, Ivanti, Google Cloud Identity, IBM Cloud Identity, Microsoft Azure Active Directory, Palo Alto Networks, and Zscaler.

Here is a summary of the top ten trends Forrester believes will shape IAM in 2024:

Trend 1: AI Will Improve Identity-Based Threat Detection and Remediation. Generative AI (genAI) is helping to redefine the future of IAM by improving outlier behavior analysis, increasing alerts’ accuracy, and streamlining administrative tasks while guarding against new threats.

98% of security professionals believe AI and machine learning (ML) will be beneficial in fighting identity-based breaches and see it as a pivotal technology in unifying their many identity frameworks. The majority, 63%, predict AI’s leading use case will be greater accuracy in identifying outlier behavior. 56% believe AI will help improve the accuracy of alerts, and 52% believe AI will help streamline administrative tasks.

Forrester asserts that AI will help short-staffed security teams triage alerts and automate time-consuming, mundane aspects of their jobs. Forrester also envisions genAI being used to query, “Which five applications are the riskiest from an identity entitlement perspective?” CrowdStrike announced at RSAC 2024 that Charlotte AI, CrowdStrike’s Generative AI security analyst, can automatically correlate all related contexts into a single incident and generate an LLM-powered incident summary for security analysts.

Trend 2: IAM Platforms Face Increased Scrutiny Of Their Underlying Security. High-profile breaches that began with impersonation leading to identity theft, including MGM and Okta, reflect how social engineering can still bypass IAM safeguards. CISOs are pushing back on their IAM vendors to improve operational processes and security practices and prioritize security for cloud-based SaaS applications and multi-cloud configurations. Forrester writes that their clients running IAM systems expect their vendors to comply with standards like SOC 2, FedRAMP, ISO 27002, and PCI. CISOs and security teams are also asking to vet a vendor’s workforce, including both employees and contractors and understand how the vendor communicates about and addresses security issues.

Forrester’s advice to security and risk management professionals is to “Demand multifactor authentication for all workforce business and admin users, without exception. Prioritize IAM vendors that embrace secure-by-design and secure-by-default principles and value continuous two-way customer engagement to improve their overall cybersecurity posture.”

Trend 3: IAM And Non-IAM Vendors Respond To Identity-Centric Threats. More CISOs and their security teams are taking a zero trust mindset to breaches. They see them as inevitable, and as part of their zero trust frameworks, they’re looking to shut down lateral movement after an intrusion. Forrester observes that “both IAM vendors and non-IAM cybersecurity vendors keep making advances in identity threat detection and response (ITDR). As a result of organic development and acquisitions, ITDR capabilities are being incorporated in platforms from privileged identity management (PIM) vendors like ARCON, BeyondTrust, CyberArk, and Delinea, as well as XDR vendors, such as Cisco, CrowdStrike, Proofpoint, and SentinelOne.”

Trend 4: FIDO Passkey Authentication Goes Mainstream For Workforce And B2C Uses. Forrester notes that a large number of customer-facing sites, including H&R Block, PayPal, and Verizon, are moving to passwordless authentication. At the same time, smaller financial institutions like coinbase.com offer optional fast identity online (FIDO) Authentication and FIDO passkey-based authentication. The research firm expects 30% of B2C websites and apps to offer FIDO passkeys by the end of 2024.

Trend 5: Biometric Adoption Slows Due To Concerns Around Deepfakes. Despite biometric authentication being a security standard on smartphones, CISOs and consumers alike are becoming more concerned about deepfakes. Designing liveness detection and other advanced features for facial and fingerprint recognition systems reduces the threat of spoofing generated by deepfake technology.

As multiple breach attempts have proven, voice biometrics are more susceptible to attack. Forrester notes that in response, the FTC set a Voice Cloning Challenge to “encourage the development of multidisciplinary solutions—from products to procedures—aimed at protecting consumers from artificial intelligence-enabled voice cloning harms, such as fraud and the broader misuse of biometric data and creative content.” Vendors will add additional deepfake detection to their solutions in 2024, resulting in a rebound in biometrics adoption in 2025.

Trend 6: IMG And PIM Vendors Expand Coverage Of Cloud Administrator Identities. Getting multicloud and hybrid cloud security right is getting more challenging and complex to achieve at scale due to configuration complexity. Forrester notes that “zero trust in the cloud starts with understanding the data access entitlements of identities like cloud infrastructure administrators, SaaS administrators, and business users.” Security and risk management professionals need to review cloud administrators’ entitlements that grant access to sensitive data assets and, when necessary, cancel them. Forrester writes, “While tools offer detection and remediation automation, they are no substitute for documented and consistent identity governance processes.”

Trend 7: Government-Issued Digital Identities Continue To Spread. Forrester believes acceptance of government-issued decentralized digital identities (DDIDs) beyond government use cases will grow in 2024. Mobile digital identities, including driver’s licenses, are now available in the US states of Arizona, California, Florida, and Iowa. Jurisdictions that have or will soon issue mobile driver’s licenses include the European Union (based on the eIDAS 2.0 approved set of standards), Estonia, Hungary, and Sweden. Nigeria and the Philippines have digital identities active today. .

Trend 8: B2B IAM Becomes A Differentiating Feature. Security teams and CISOs running them who are operating without an extended IAM ecosystem for partners like contractors, suppliers, and resellers face more severe security risks. B2B IAM involves managing joiner, mover, and leaver (JML) processes differently than internal employees. Forrester predicts that in 2024, IAM vendors will enhance platforms with features like simplified federation onboarding, verifiable credentials for ID verification, and improved access review processes for the extended enterprise.

Trend 9: Commercial and homegrown IAM Solutions Face Growing Demand For Upgrades. Maintaining on-premises IAM systems is becoming more costly and inefficient, making it more attractive to move to a cloud-based platform. Forrester is finding that the brittle, less secure nature of on-premise legacy systems also makes them more difficult to upgrade. Demand is so high for replacing legacy systems that a recent Forrester survey found that the intention to replace homegrown solutions jumped from 4% in 2022 to 18% in 2023.

Trend 10: The Fine-Grained Authorization Market Heats Up. As digital platforms and business app creation continue to proliferate, the need for dynamic and fine-grained access controls is extending beyond security. Forrester says that the IAM market is moving toward centralized and external authorization patterns because of B2B2E and B2B2C relationships and the possibility that genAI could make it easier to create and manage authorization policies.

Jul 7

Deloitte shares latest research into adversarial AI, ransomware in new report

Over the past year, 66% of organizations experienced at least one ransomware attack, with many suffering repeated breaches. According to Deloitte’s Annual Cyber Threat Trends report, ransomware, identity-based attacks, and sophisticated attack methods like zero-day exploits and AI-driven cyber espionage dominate a rapidly changing threat landscape.

Ransomware attackers specialize in making chaos pay

Attackers are using ransomware as a smash-and-grab strategy, often to finance other illegal operations. Cybercrime gangs, including those that are state-funded, rely on ransomware as a primary source of revenue as well.

Ransomware attackers aim to create widespread chaos across supply chains, amplifying the impact of their attacks. For example, United Healthcare paid a $22 million ransom in Bitcoin, demonstrating how greater disruption often leads to higher payouts.

“Sophisticated ransomware operators are increasingly using zero-day exploits as their initial access vector, with 36 percent of victims ransomed in this way. Valid credential compromise was the second most common entry point for ransomware attacks,” says Deloitte in the report.

“Phishing, remote attacks on public-facing infrastructure, and unauthorized remote desktop connections continue to be the primary sources of infiltration for ransomware,” writes Paul Furtado, Gartner vice president analyst, in a recent research report, How to Prepare for Ransomware Attacks.

Furtado notes that “bad actors are mining exfiltrated data to identify other potential sources of revenue,” further increasing the urgency to harden cyberdefenses against ransomware attacks. The following is a typical ransomware attack pattern as defined in the Gartner report.

Source: Gartner, How to Prepare for Ransomware Attacks, 16 April 2024

CrowdStrike’s threat intelligence teams regularly monitor every known ransomware variant. “RaaS kits are easy to find on the dark web, where they are advertised in the same way that goods are advertised on the legitimate web,” writes Kurt Baker in a blog post explaining RaaS. The post continues, “a RaaS kit may include 24/7 support, bundled offers, user reviews, forums, and other features identical to those offered by legitimate SaaS providers.”

The 2024 Annual Threat Assessment of the U.S. Intelligence Community found that “transnational organized criminals involved in ransomware operations are improving their attacks, extorting funds, disrupting critical services, and exposing sensitive data. Important U.S. services and critical infrastructure such as health care, schools, and manufacturing continue to experience ransomware attacks.”

Adversarial AI’s growing tradecraft

Deloitte’s research uncovered the growing use of adversarial AI for cyber espionage, finding it’s driving new forms of tradecraft in influence operations, social engineering, underground services, and collaboration.

Adversarial AI’s goal is to deliberately mislead AI and machine learning (ML) systems so they are ineffective for the use cases they’re being designed for. Adversarial AI refers to “the use of artificial intelligence techniques to manipulate or deceive AI systems. It’s like a cunning chess player who exploits the vulnerabilities of their opponent. These intelligent adversaries can bypass traditional cyber defense systems, using sophisticated algorithms and techniques to evade detection and launch targeted attacks.”

source: Deloitte Annual Cyber Threat Trends report

Influence operations are the most active threat vector of the three Deloitte is tracking. AI image deception and deepfake accuracy are accelerating faster than many existing detection technologies can keep up with.

Telesign’s 2024 Trust Index found just how wide the trust gap is becoming due to deep fakes and broader influence operations. 87% of Americans hold businesses accountable for digital privacy, yet only 34% trust them to use AI effectively to protect against fraud. Deepfakes and misinformation are driving a wedge of distrust between companies, the customers they serve, and citizens participating in elections this year.

Deloitte found that social engineering-based attacks are becoming more challenging to identify and stop. Nation-states are weaponizing LLMs and using genAI to improve their ability to launch large-scale social engineering attacks aimed at harvesting privileged access credentials and gaining control of thousands of identities in an enterprise at once.

The rapid growth of Voice Cloning-as-a-Service (VCaaS) tools powered by AI, which is used for vishing attacks to clone voices for financial fraud and unauthorized access, continues to defy easy detection. Cybercriminals and nation-state adversaries are quick to invest in new technologies that yield tradecraft that existing cybersecurity systems can’t decipher, and deepfakes are among the most undetectable today.

Preventing a ransomware attack

Start with a zero-trust mindset. Any trust-based connections in a network are a liability—a ransomware attack waiting to happen. Furtado advises, “Build and execute on a zero-trust strategy that reduces the risk of attackers abusing implicit trust in environments to achieve lateral movement, employ available exploits, and gain privilege escalation to deploy ransomware.”

Furtado’s recommendations reflect a strong zero-trust mindset that seeks to eliminate lateral movement, enforce least privilege access, and monitor all network activity while hardening identity and access management (IAM) security. In short, he’s advising having as strong of a zero-trust framework as possible in place to withstand a ransomware attack.

One of the core concepts of zero trust is to assume an attack has already penetrated the network. Furtado’s key takeaways from his recent report on ransomware include the following:

Have a complete preincident prevention strategy that includes workspace and endpoint protection, data protection, immutable backup, asset management, end-user awareness training, and strong identity and access management.
Implement a reliable asset management process to identify what needs to be protected and who is responsible, paying particular attention to legacy systems.
Establish a risk-based vulnerability management process that includes threat intelligence (TI) to address unpatched systems.
Implement both macro and micro network segmentation to minimize the blast radius of ransomware attacks.
Build and execute a zero-trust strategy to reduce the risk of attackers abusing implicit trust in environments.
Implement compliance scanning, penetration testing, and breach attack simulation (BAS) tools.
Remove local administrative privileges on endpoints and limit access to sensitive applications, including email, to prevent account compromise.
Prevent access to the command prompt and block the execution of PowerShell scripts on all user endpoints.
Implement strong authentication for privileged users, such as database and infrastructure administrators and service accounts, and log and monitor their activity.

May 19

1 Comment

Gartner’s 2024 CEO Survey Reveals AI as Top Strategic Priority

75% of CEOs used ChatGPT in the first half of 2023, with 44% incorporating it into their jobs.

Gartner’s 2024 CEO survey finds that CEOs are on board with AI to a much greater extent than previously believed. 87% of CEOs agree that AI’s benefits to their business outweigh its risks. “Digitalization, in general, and AI, in particular, will be core innovative elements in revised business strategies, as will environmental-sustainability-based growth ideas,” writes Gartner in the report.

CEOs experimenting with synthetic video

Almost a third of CEOs have considered making and using a synthetic video of themselves. Gartner notes that Estelle Brachlianoff, CEO of the European utility services company Veolia, has posted an AI-augmented video of herself on LinkedIn and X appearing to speak in multiple languages.

Driving AI adoption

CEOs who adopt new technologies immediately drive their adoption enterprise-wide because everyone immediately sees those technologies as critical to their jobs. Seasoned CEOs know the quickest way to get a new enterprise app’s adoption rate to go up is to use it themselves and demonstrate their mastery quickly. What’s happening with AI’s adoption is faster than many CEOs expected.

Key takeaways from Gartner’s 2024 CEO survey include the following:

Growth dominates CEO agendas, reaching a new record in Gartner’s annual survey. “CEOs’ top business priority of growth is up 25% and is at the highest level since 2014,’ writes Financial considerations increased by 25%, cost management by 11%, and customer priorities grew by 22%. The survey points towards CEOs being more focused on profitability and margins, two signs of internal process gains to reduce operating costs and improve efficiency. The survey results point to more CEOs looking at how to get greater returns from the most expensive assets their businesses operate.

75% of CEOs used ChatGPT in the first half of 2023, with 44% incorporating it into their jobs.Gartner's 2024 CEO survey finds that CEOs are on board with AI to a much greater extent than previously believed. 87% of CEOs agree that the benefits of AI to their business outweigh its risks. "Digitalization, in general, and AI, in particular, will be core innovative elements in revised business strategies, as will environmental-sustainability-based growth ideas," writes Gartner in the report. CEOs experimenting with synthetic video Almost a third of CEOs have considered making and using a synthetic video of themselves. Gartner notes that Estelle Brachlianoff, CEO of the European utility services company Veolia, has posted an AI-augmented video of herself on LinkedIn and X appearing to speak in multiple languages. Driving AI adoption CEOs who adopt new technologies immediately drive their adoption enterprise-wide because everyone immediately sees those technologies as critical to their jobs. Seasoned CEOs know the quickest way to get a new enterprise app's adoption rate to go up is to use it themselves and demonstrate their mastery quickly. What's happening with AI's adoption is faster than many CEOs expected. Key takeaways from Gartner's 2024 CEO survey include the following: • Growth dominates CEO agendas, reaching a new record in Gartner's annual survey. "CEOs' top business priority of growth is up 25% and is at the highest level since 2014,' writes Gartner. Financial considerations increased by 25%, cost management by 11%, and customer priorities grew by 22%. The survey points towards CEOs being more focused on profitability and margins, two signs of internal process gains to reduce operating costs and improve efficiency. The survey results point to more CEOs looking at how to get greater returns from the most expensive assets their businesses operate. Ceo growth 1 • CEOs mentioning AI as one of their top two technology priorities jumped from 4% in 2023 to 24% in 2024. Technology innovation also increased from 7% to 11%, and the use of digital transformation for growth increased from 9% to 11%. It's interesting to see how CEOs are focusing on how to improve, integrate, and modernize their strategic use of technology. That category jumps from 1% in 2023 to 5% in 2024. "AI is explicitly mentioned a lot more in 2024 than it was in the 2023 survey. At the same time, mentions of "digitalization" have declined significantly, and so have mentions of e-commerce and omnichannel," writes Gartner. CEO two top strategic business priorities 2 • 34% of CEOs say that the next business transformation their enterprises will pursue after digital is AI. CEO's intentions to pursue AI as their next business transformation are nearly four times greater than their interest in operations efficiency and agility. Sustainability and ESG are a distant third priority. Just 5% of CEOs say customer experience/centricity will be a priority. the theme of the next transformation after digital • 59% say AI is the technology that will most impact their industry. AI has a four-year track record of being the top category, starting in 2020, with the percentage of CEOs mentioning it ranging between 18% to 29%. Gartner mentions in the survey results that in 15 years of asking this question and comparable ones to it, there's never been a category that emerges as dominant as AI has. In the past, CEOs believed cloud and big data technologies would be the most impactful. Previous technologies have had nowhere near the extent of impact that AI does today. "Eighty-six percent of CEOs expect AI will help maintain or grow their revenue in 2024-2025, and when asked exactly how that would happen, the top answer category was an improvement to customer experience and relationships," writes Gartner. Use AI to Help Maintain or Grow Company Revenue

Source: Gartner 2024 CEO Survey — The Year of Strategy Relaunches

CEOs mentioning AI as one of their top two technology priorities jumped from 4% in 2023 to 24% in 2024. Technology innovation also increased from 7% to 11%, and the use of digital transformation for growth increased from 9% to 11%. It’s interesting to see how CEOs are focusing on how to improve, integrate, and modernize their strategic use of technology. That category jumps from 1% in 2023 to 5% in 2024. “AI is explicitly mentioned a lot more in 2024 than it was in the 2023 survey. At the same time, mentions of “digitalization” have declined significantly, as have mentions of e-commerce and omnichannel,” writes Gartner.

Gartner's 2024 CEO Survey Reveals AI as Top Strategic Priority

Source: Gartner 2024 CEO Survey — The Year of Strategy Relaunches

34% of CEOs say that the next business transformation their enterprises will pursue after digital is AI. CEO’s intentions to pursue AI as their next business transformation are nearly four times greater than their interest in operations efficiency and agility. Sustainability and ESG are a distant third priority. Just 5% of CEOs say customer experience/centricity will be a priority.

Source: Gartner 2024 CEO Survey — The Year of Strategy Relaunches

59% say AI is the technology that will most impact their industry. AI has a four-year track record of being the top category, starting in 2020, with the percentage of CEOs mentioning it ranging between 18% to 29%. Gartner mentions in the survey results that in 15 years of asking this question and comparable ones to it, there’s never been a category that emerges as dominant as AI has. In the past, CEOs believed cloud and big data technologies would be the most impactful. Previous technologies have had nowhere near the extent of impact that AI does today. “Eighty-six percent of CEOs expect AI will help maintain or grow their revenue in 2024-2025, and when asked exactly how that would happen, the top answer category was an improvement to customer experience and relationships,” writes Gartner.

Source: Gartner 2024 CEO Survey — The Year of Strategy Relaunches

Mar 10

Gartner Predicts Solid Growth for Information Security, Reaching $287 Billion by 2027

Image created in DALL-E

AI continues to become more weaponized with nation-state attackers and cybercrime gangs experimenting with LLMs and gen AI-based attack tradecraft. The age of weaponized LLMs is here.

At the same time, multi-cloud-based infrastructures more businesses rely on are coming under attack. Exfiltrating any identity data available from endpoints and then traversing a network to gain more access by collecting more credential data is often the goal.

Cyberattacks that combine AI and social engineering are just beginning

Attackers have a version of human-in-the-middle, too, but their goal is to unleash AI’s offensive attack capabilities within social engineering campaigns. Last year’s social engineering-based attacks on MGM, Comcast, Shield Healthcare Group, and others serve as a case in point.

CrowdStrike’s 2024 Global Threat Report finds that cloud intrusions jumped 75% last year. There was a 76% increase in data theft victims named on data leak sites and a 60% increase in interactive intrusion campaigns. Worse, 75% of attacks were malware-free, making them difficult to identify and stop. There was also a 110% YoY increase in cloud-conscious cases.

PwC’s 2024 Digital Trust Insights Report finds that 97% of senior management teams have gaps in their cloud risk management plans. 47% say cloud attacks are their most urgent threat. One in three senior management teams is prioritizing cloud security as their top investment this year.

Gartner sees a more complex threatscape driving growth

Gartner’s Forecast: Information Security and Risk Management, Worldwide, 2021-2027, 4Q23 Update report predicts the information security and risk management market will grow from $185 billion in 2023 to $287 billion in 2027, attaining a compound annual growth rate of 11% in constant currency.

Nation-state attackers are picking up the pace of their stealthy AI arms race. They’re looking to score offensive first victories on an increasingly active digital battlefield. Gartner predicts that in 2027, 17% of the total cyberattacks and data leaks will involve generative AI.

Another key assumption driving Gartner’s latest forecast is that by 2025, user efficiency improvements will drive at least 35% of security vendors to offer large language model (LLM)-driven chat capabilities for users to interact with their applications and data, up from 1% in 2022.

Gartner has also factored in the surge in cloud attacks and the continued growth of hybrid workforces. One of their key assumptions driving the forecast is that “by the end of 2026, the democratization of technology, digitization, and automation of work will increase the total available market of fully remote and hybrid workers to 64% of all employees, up from 52% in 2021.”

Source: Gartner, Forecast Analysis: Information Security and Risk Management, Worldwide, Published February 29, 2024

Source: Gartner, Forecast Analysis: Information Security and Risk Management, Worldwide, Published 29 February 2024

Key takeaways from Gartner’s forecast

Market subsegments predicted to see the most significant growth through 2027 include the following:

Gartner has high expectations for Zero Trust Network Access (ZTNA) growth, stating the worldwide market was worth $575.7 million in 2021 and predicting it will soar to $3.99 billion in 2027, attaining a 31.6% CAGR in the forecast period.
Identity Access Management (IAM) is predicted to grow from $4 billion in 2021 to $11.1 billion in 2027, attaining a 17.6% CAGR. Identity Governance and Administration software is predicted to grow from $2.8 billion in 2021 to $5.77 billion in 2027, attaining a 12.8% CAGR.
Endpoint Protection Platforms (EPP) are predicted to grow from $9.8 billion in 2021 to $26.9 billion in 2027, achieving a 17.2% CAGR.
Threat Intelligence software is predicted to grow from $1.1 billion in 2021 to $2.79 billion in 2027, growing at a 15.6% CAGR through the forecast period.
Cloud Access Security Brokers (CASB) is predicted to grow from $928M in 2021 to $4.75 billion in 2027, attaining a CAGR of 30.2%. Gartner believes that the market share of cloud-native solutions will continue to grow. They are predicting that the combined market for cloud access security brokers (CASBs) and cloud workload protection platforms (CWPPs) will reach $12.8 billion in constant currency by 2027, up from $4.6 billion in 2022. Gartner continues to also see strong demand for cloud-based detection and response solutions that include endpoint detection and response (EDR) and managed detection and response (MDR).

Feb 17

IT And Marketing Show Strongest Interest In Adopting Gen AI First

Currently, 16% of organizations have implemented generative AI in production, while 44% are piloting it for potential applications.
Interest in deploying generative AI for production applications saw a fivefold increase from the first to the fourth quarter of 2023.
Healthcare, manufacturing, and education are the three industries most actively pursuing generative AI adoption.
A majority of organizations, 63%, deem CRM data critical to their generative AI initiatives.

These and many other insights are from Dresner Advisory Services‘ recent Generative AI Report. The advisory firm surveyed its research community of over 8,000 organizations and vendors’ customer communities. The study is global in scope, with 50% of respondents from North America, 26% from EMEA, 19% from Asia/Pacific and 6% from Latin America. Dresner’s report stands out for its in-depth and nuanced analysis of gen AI adoption across global organizations.

News about generative AI has captivated technology leaders. Demand for gen AI-related news and insights dominates many organization leaders’ time. 29% are following gen AI news updates constantly, and 30% say they often check in and see what’s new in gen AI, 24% regularly check the news. Overall, 72% of analytics and business intelligence (BI) professionals have made gen AI news a priority. North American respondents are the most diligent with constantly checking gen AI news, reflecting the region having the highest production use of gen AI.

Key takeaways from the report include the following:

Professionals in IT and marketing report plans to be the first adopters of generative AI, with 44% of IT and 36% of marketing professionals saying adopting gen AI is a primary focus. Operations/ production, sales, and C-level executives also show significant interest in adopting gen AI early. Dresner’s report states that “finance and human resources least often indicate overall interest, exceeding a majority only when aggregating their primary, secondary, and tertiary responses.”

63% of organizations consider CRM data as critical or very important to generative AI. Finance and accounting data is considered the next most important, followed by call center and supply chain data. Dresner’s analysis found that respondents least often expect generative AI to leverage workforce (HR) data. Organizations are wary of using HR data due to privacy concerns combined with the stringent standards and safeguards on data security and its use across regulated industries today.

Gen AI adoption across organizations accelerated rapidly in 2023. From 1Q23 to 4Q23, production use increased nearly fivefold, experimenting increased by 70%, and planned use in 12 months increased by 157%. Dresner’s research results reflect a major shift in generative AI prioritization last year. The report’s authors contend that implementation activity and funding were primarily from autonomous, decentralized sources, not from C-level mandates or sponsors, as it occurred late in fiscal years and into annual budget cycles.

Consumer services lead gen AI production levels at 43%. Technology, business services, and healthcare have the next three highest levels of gen AI production in use today. The education industry reports the highest experimentation rate at 67%, closely followed by healthcare at 62%, while government trails at 50%. The report notes that the government also reports the highest levels for planned use beyond 12 months and no planned use.

40% of organizations consider it critical to achieve productivity and efficiency gains from gen AI. One in three (30%) say improving customer experience and personalization is the next most critical priority, followed by improved search quality and decision-making (26%).

Data privacy concerns are considered critical to 46% of organizations pursuing gen AI initiatives today. Legal and regulatory compliance, the potential for unintended consequences, and ethics and bias concerns are also significant. Less than half of respondents—46% and 43%, respectively—consider costs and organizational policy important to generative AI adoption.

Apr 8

Five Ways AI Can Help Create New Smart Manufacturing Startups

AI and machine learning’s potential to drive greater visibility, control, and insight across shop floors while monitoring machines and processes in real-time continue to attract venture capital. $62 billion is now invested in 5,396 startups concentrating on the intersection of AI, machine learning, manufacturing, and Industry 4.0, according to Crunchbase.

PwC’s broader tech sector analysis shows a 30% year-over-year growth in funding rounds that reached $293.2 billion in 2021. Smart manufacturing startups are financed by seed rounds at 52%, followed by early-stage venture funding at 33%. The median last funding amount was $1.6 million, with the average being $9.93 million.

Abundant AI startup opportunities in smart manufacturing and industry 4.0

According to Gartner, “The underlying concept of Industry 4.0 is to connect embedded systems and smart production facilities to generate a digital convergence between industry, business, and internal functions and processes.” As a result, Industry 4.0 is predicted to grow from $84.59 billion in 2020 to $334.18 billion by 2028. AI and machine learning adoption in manufacturing are growing in five core fields: smart production, products and services improvements, business operations and management, supply chain, and business model decision-making. Deloitte’s survey on AI adoption in manufacturing found that 93% of companies believe AI will be a key technology to drive growth and innovation.

Machine intelligence (MI) is one of the primary catalysts driving increased venture capital investment in smart manufacturing. Startup CEOs and their customers want AI and machine learning models based on actual data, and machine intelligence is helping to make that happen. An article by McKinsey & Company provides valuable insights into market gaps for new ventures. McKinsey’s compelling data point is that those leading companies using MI achieve 3X to 4X the impact of their peers. However, 92% of leaders also have a process to track incomplete or inaccurate data – which is another market gap startups need to fill.

McKinsey and the Massachusetts Institute of Technology (MIT) collaborated on a survey to identify machine intelligence leaders’ KPI gains relative to their peers. They found that leaders achieve efficiency, cost, revenue, service, and time-to-market advantages. Source: Toward smart production: Machine intelligence in business operations, McKinsey & Company. February 1, 2022.

Based on the uplift MI creates for new smart manufacturing startup funding and the pervasive need manufacturers have to improve visibility & control across shop floors, startups have many potential opportunities. The following are five that AI and machine learning is helping to create:

AI-enabled Configure, Price, and Quote (CPQ) systems that can factor in supply chain volatility on product costs are needed. Several startups are already using AI and machine learning in CPQ workflows, and they compete with the largest enterprise software providers in the industry, including Salesforce, SAP, Microsoft, and others. However, no one has taken on the challenge of using AI to factor in how supply chain volatility changes standard and actual costs in real-time. For example, knowing the impact of pricing changes based on an allocation, how does that impact standard costs per unit on each order? Right now, an analyst needs to spend time doing that. AI and machine learning could take on that task so analysts could get to the larger, more complex, and costly supply chain problems impacting CPQ close rates and revenue.
Using AI-enabled real-time data capture techniques to identify anomalies in throughput as an indicator of machine health. The aggregated data manufacturing operations produced every day holds clues regarding each machine’s health on the shop floor. Automated data capture can identify scrap rates, yield rates and track actual costs. However, none of them can analyze the slight variations in process flow product outputs to warn of possible machine or supply chain issues. Each process manufacturing machine runs at its cadence or speed, and having an AI-based sensor system track and analyze why speeds are off could save thousands of dollars in maintenance costs and keep the line running. In addition, adding insight and intelligence to the machine’s real-time data feeds frees quality engineers to concentrate on more complex problems.
Industrial Internet of Things (IIoT) and edge computing data can be used for fine-tuning finite scheduling in real-time. Finite scheduling is part of the broader manufacturing systems organizations rely on to optimize shop floor schedules, machinery, and staff scheduling. It can be either manually intensive or automated to provide operators with valuable insights. A potential smart manufacturing opportunity is a finite scheduler that relies on AI and machine learning to keep schedules on track and make trade-offs to ensure resources are used efficiently. Finite schedulers also need greater accuracy in factoring in frequent changes to delivery dates. AI and machine learning could drive greater on-time delivery performance when integrated across all the shop floors a manufacturer relies on.
Automated visual inspections and quality analysis to improve yield rates and reduce scrap. Using visual sensors to capture data in real-time and then analyze them for anomalies is in its nascent stages of deployment and growth. However, this is an area where captured data sets can provide machine learning algorithms with enough accuracy to identify potential quality problems on products before they leave the factory. Convolutional neural networks are an effective machine learning technique for identifying patterns and anomalies in images. They’re perfect for the use case of streamlining visual inspection and in-line quality checks in discrete, batch, and process manufacturing.
Coordinated robotics (Cobots) to handle assemble-to-order product assembly. The latest cobots can be programmed to stay in sync with each other and perform pick, pack, ship, and place materials in warehouses. What’s needed are advanced cobots that can handle simple product assembly at a more competitive cost as manufacturers continue to face chronic labor shortages and often run a shift with less than half the teams they need.

Talent remains an area of need

Manufacturers’ CEOs and COOs say that recruiting and retaining enough talent to run all the production shifts they need is the most persistent issue. In addition, those manufacturers located in remote regions of the world are turning to robotics to fulfill orders, which opens up opportunities for integrating AI and machine learning to enable cobots to complete assemble-to-order tasks. The unknown impact of how fast supply chain conditions change needs work from startups, too, especially in tracking actual cost performance. These are just a few opportunities for startups looking to apply AI and machine learnings’ innate strengths to solve complex supply chain, manufacturing, quality management, and compliance challenges.

Researching the intersection of AI, machine learning and cybersecurity in the enterprise

Posts from the ‘AI’ Category

The master table: Gartner forecast vs. startup funding by category

The 3 widest gaps

Gap #1: CASB — 39:1, and the category is disappearing

Gap #2: CSPM — 21.5:1, the fastest-growing category is still starved

Gap #3: Vulnerability Assessment — 20.9:1, the most active seed-stage category

Where VC is ahead of Gartner

M&A is filling the gaps VC won’t

What this means for CISOs

Bottom line

Share this:

Like this:

The full market breakdown

Infrastructure takes 54% of every AI dollar

The agentic crossover nobody is planning for

AI cybersecurity is two markets, not one

Shadow AI is not just employees using ChatGPT

The smallest market with the biggest growth rate

Indirect services are the governance blind spot

Servers are a bigger market than AI software

The enterprise agentic stack is showing up in spending data

The numbers that belong in your next board deck

Where I think this lands

Share this:

Like this:

Strategic Insights from Gartner’s 2024 CIO GenAI Survey

Conclusion

Share this:

Like this:

How enterprises are maximizing GenAI’s value

Conclusion

Share this:

Like this:

Adversarial AI is taking aim at identities

Top ten trends defining identity and access management (IAM) in 2024

Share this:

Like this:

Ransomware attackers specialize in making chaos pay

Adversarial AI’s growing tradecraft

Preventing a ransomware attack

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Abundant AI startup opportunities in smart manufacturing and industry 4.0

Talent remains an area of need

Share this:

Like this:

Email Subscription

Top Posts

This Blog’s Purpose

Categories

Search