Skip to content

Posts tagged ‘IT Spending’

Jan 22

1 Comment

Gartner 4Q25: $4.71T AI market proves agentic AI and data readiness are the only race that matters

Only 43% of organizations say their data is ready for AI. Meanwhile, AI Data spending is compounding at 155% annually. That’s six times faster than the infrastructure buildouts grabbing headlines. That disconnect defines the enterprise AI landscape in 2025.

Gartner’s 4Q25 AI Spending Forecast (December 17, 2025) projects $4.71 trillion by 2029. But I’ve been digging through the segment data, and the story isn’t the topline number. Four subsegments within Gartner’s AI Data market are growing between 136% and 178% CAGR. AI Infrastructure? Just 29.25%. The money is following the bottlenecks.

“Nearly everything today, from the way we work to how we make decisions, is directly or indirectly influenced by AI,” says Carlie Idoine, VP Analyst at Gartner. “But it doesn’t deliver value on its own. AI needs to be tightly aligned with data, analytics, and governance to enable intelligent, adaptive decisions and actions across the organization.”

McKinsey’s 2025 State of AI survey (1,993 participants, 105 countries) found 88% of organizations now use AI in at least one business function. But two-thirds remain stuck in pilot mode. Just 6% qualify as “AI high performers,” meaning organizations where more than 5% of EBIT comes from AI. The gap between adoption and value creation is where the real spending story unfolds.

Where the bottlenecks are breaking

Every high-growth segment in the forecast eliminates a constraint that stalls production of AI.

Synthetic data generation addresses the labeled data shortage. You can’t train models without it, and real world data comes with privacy constraints, bias problems, and collection costs that don’t scale. Data governance enforces quality standards because ungoverned data produces ungoverned outputs. Hallucinations, compliance violations, and bias incidents trace directly back to data quality failures. Data integration software connects fragmented sources. Most enterprise data sits across dozens of systems that don’t communicate.

“With AI investment remaining strong this year, a sharper emphasis is being placed on using AI for operational scalability and real-time intelligence,” says Haritha Khandabattu, Senior Director Analyst at Gartner. This has led to a gradual pivot from generative AI as a central focus toward the foundational enablers that support sustainable AI delivery, such as AI-ready data and AI agents. Infrastructure enables these capabilities. Data readiness and agentic AI determine whether they generate returns.

The $14.6 billion data readiness bet

Gartner tracks AI Data as a unified market with four subsegments. The aggregate grows from $134.35 million in 2024 to $14.59 billion by 2029. That’s 109x, making it the fastest-growing major category in the forecast.

Synthetic Data Generation: 178.29% CAGR, $40.71M to $6.80B. The fastest-growing subsegment adds $6.76 billion in new spending by 2029. A 167x increase from a small 2024 base. Gartner predicts 60% of data and analytics leaders will encounter failures in managing synthetic data by 2027, which explains why governance spending is accelerating in parallel.

AI Data Governance: 163.75% CAGR, $14.82M to $1.89B. Starting from just $14.82 million in 2024, this subsegment grows 128x by 2029. Legal and compliance teams won’t accept the alternative. When AI systems produce ungoverned outputs, the liability exposure is unacceptable.

AI Data Integration Software: 137.13% CAGR, $71.73M to $5.38B. The largest AI Data subsegment by 2029. Connects fragmented data sources, delivering context that transforms generic models into systems that understand specific business operations.

AI Ready Datasets: 136.16% CAGR, $7.09M to $520.45M. These are prepackaged, curated datasets structured for AI and ML workflows. Think labeled image libraries for computer vision, cleaned financial datasets for forecasting, and domain-specific corpora for fine-tuning LLMs. Organizations buy them to skip the months of data collection, cleaning, and annotation that delay projects. Smallest subsegment by revenue, but 73x growth signals enterprises are willing to pay for time to production shortcuts.

The 2027 crossover: When agents overtake chatbots

Agentic AI: 118.73% CAGR, $15.04B to $752.73B. This is the single most dramatic dollar growth in the forecast. Agentic AI expands from $15 billion to $753 billion by 2029. That’s 50x. Nothing else comes close.

Gartner predicts the crossover will happen in 2027. Chatbots peak at $264.75 billion that year, while Agentic AI surges to $371.40 billion. By 2029, Agentic AI is 3.3x larger ($752.73B vs. $228.50B).

McKinsey’s data reinforces the trajectory: 62% of organizations are experimenting with AI agents, 23% report scaling them in at least one function. But scaling remains limited. Most organizations deploying agents are only doing so in one or two functions, primarily IT service desk and knowledge management.

Organizations building chatbot-only strategies should note that the category dominating 2025 and 2026 is projected to decline after 2027.

The Security Tax on Agentic AI

AI Cybersecurity: 73.90% CAGR, $10.82B to $172.01B. AI agents introduce attack surfaces that traditional security architectures weren’t built for. Gartner’s Hype Cycle for Application Security, 2025 (July 2025) projects that through 2029, over 50% of successful attacks against AI agents will exploit access control issues via direct or indirect prompt injection. The 16x growth in AI Cybersecurity spending reflects enterprises grappling with that exposure.

Production AI deployment requires security architectures designed for agentic systems. That’s a capability most organizations don’t have yet.

Infrastructure: Dominant but decelerating

AI Infrastructure remains the largest absolute spending category: $624.76 billion in 2024, growing to $2.25 trillion by 2029. McKinsey (August 2025) projects hyperscalers alone will spend $300 billion in capex over 2025. Their April 2025 analysis projects $5.2 trillion in data center investment by 2030.

But at 29.25% CAGR, infrastructure grows slower than every other major AI market except Services (26.93%). Market share drops from 54.6% of total AI spending in 2024 to 47.8% by 2029. The buildout is real. Differentiation happens elsewhere.

The 6% problem

Only 6% of organizations qualify as AI high performers despite 88% adoption. McKinsey’s analysis shows high performers are 3x more likely to redesign workflows around AI rather than layering it onto existing processes. They’re also 3x more likely to have committed executive leadership driving AI as a strategic priority.

The 155% CAGR for AI Data reflects organizations investing to close that gap. The 2027 chatbot-to-agent crossover marks the inflection point when autonomous capabilities surpass conversational interfaces in market size.

Gareth Herschel, VP Analyst at Gartner, frames the pressure: “D&A is going from the domain of the few to ubiquity. At the same time, D&A leaders are under pressure not to do more with less, but to do a lot more with a lot more, and that can be even more challenging because the stakes are being raised.”

Where the value accrues

Organizations positioned to capture value from this transformation may not be the ones building the biggest data centers. The Gartner data suggests they’re investing in capabilities that make AI systems work at enterprise scale: data readiness, governance, integration, and security.

AI Data Market (aggregate): 155% CAGR, $134M to $14.6B (109x)

  • Synthetic Data Generation: 178% CAGR, $41M to $6.8B (167x)
  • AI Data Governance: 164% CAGR, $15M to $1.9B (128x)
  • AI Data Integration: 137% CAGR, $72M to $5.4B (75x)
  • AI Ready Datasets: 136% CAGR, $7M to $520M (73x)

Other High-Growth Segments:

  • Agentic AI: 119% CAGR, $15B to $753B (50x)
  • AI Cybersecurity: 74% CAGR, $11B to $172B (16x)
  • AI Infrastructure: 29% CAGR, $625B to $2.25T (4x)

Gartner’s 4Q25 data points to a directional shift: AI spending is moving from infrastructure-first to data and capabilities-first architectures. The organizations treating data readiness as an afterthought are the ones most likely to stay stuck in the 94% that never make it past pilot.

Aug 25

Top Ten Insights from Forrester’s 2024 Cybersecurity Budget Benchmarks

Top Ten Insights from Forrester's 2024 Cybersecurity Budget Benchmarks

CISOs are being asked to do a lot more with less as their businesses are going all-in on new digital businesses that demand identity-based security while keeping budgets tight for securing infrastructure against attacks.

Cybersecurity budgets are, on average, just 5.7% of IT annual spending. That’s tight for many security teams. CISOs are rising to the challenge, however, and delivering revenue gains by protecting new digital businesses while keeping infrastructure safe. Achieving that is a quick way for CISOs to advance their careers.

Cybersecurity needs funding to match its business growth potential

The good news is that more CEOs and boards see cybersecurity as a business enabler. The challenge for CISOs, however, is that cybersecurity still gets funded purely for its defensive value – not its upside potential to drive growth.

Many security teams struggle to make ends meet in their budgets while still staying responsive to internal teams’ needs. Forrester’s 2024 Cybersecurity Benchmarks Global Report shows just how tight budgets can get for a CISO and their team. Project-related work and incident management are a constant balancing act for security teams, and keeping them both in check is key to staying under budget.

Top Ten Insights

Cybersecurity budgets are on the low side compared to the growing complexity of threats and risks organizations face.

That’s forcing CISOs to be selective about what they spend on and how they allocate limited resources. Add to that the average spend of $1,070 per enterprise user and $157,000 per cybersecurity employee, and cybersecurity teams have little, if any, room for inefficiencies.

The following are the top ten insights from Forrester’s latest cybersecurity benchmark report:

  • CISOs need to move out of the IT organization and report to their CEOs and board of directors to have a chance at a more realistic budget. Forrester finds that cybersecurity budgets increase when CISOs report directly to the CEO or board of directors. CISOs who can articulate the business value of cybersecurity, demonstrating how it can drive revenue and support strategic goals, are more likely to secure the necessary funding. This shift also reflects a growing recognition of cybersecurity’s strategic importance beyond mere IT operations.
  • Software will dominate cybersecurity budgets in 2024. The report reveals that 35.9% of cybersecurity budgets globally are allocated to software. This trend is particularly pronounced in large enterprises with up to 74,999 employees, where 39.4% of the budget is dedicated to software. Smaller organizations, conversely, spend a higher percentage on outsourcing services due to limited in-house capabilities, which underscores the scalability challenges smaller firms face in maintaining robust cybersecurity defenses.
Top Ten Insights from Forrester's 2024 Cybersecurity Budget Benchmarks

Source: Forrester 2024 Cybersecurity Benchmarks Global Report

  • Cybersecurity spending per user keeps climbing, reaching $1,070. This is another budget constraint CISOs have to factor into their total operations plans for a given year. Forrester notes that “the cybersecurity spend per enterprise user ranges from an average of $947 at extra-large organizations (75,000 or more users) to $1,210 at small organizations (fewer than 10,000 users).
  • Personnel costs consume 28% of the typical security budget. The report highlights that organizations are spending an average of $157,593 per cybersecurity employee. Full-time employees make up 73.5% of security teams, with the global average cost per contracted full-time equivalent (FTE) reaching $194,613. This significant expenditure on personnel underscores the critical role of skilled professionals in maintaining effective cybersecurity defenses.
Top Ten Insights from Forrester's 2024 Cybersecurity Budget Benchmarks
Source:  Forrester 2024 Cybersecurity Benchmarks Global Report
  • System Defense is the leading functional spend category in 2024. Forrester finds that 29% of functional spending is in System Defense alone. The funding levels approved for this category reflect the critical need to protect endpoints and mobile devices against increasingly sophisticated attacks. With adversaries innovating faster than enterprises can keep up, System Defense is a must-have to protect new digital businesses and infrastructure. The following graphic shows cybersecurity spending by functional domain.
Top Ten Insights from Forrester's 2024 Cybersecurity Budget Benchmarks
Source:  Forrester 2024 Cybersecurity Benchmarks Global Report
  • Identity and Access Management (IAM) takes up 21% of functional spending in the typical budget. Identity-driven attacks take many forms, from mass phishing to whale phishing, where senior executives of a company are targeted with tailored campaigns IAM also enhances operational efficiency and fraud reduction, making it a strategic investment for many organizations. Its broad applicability across both internal and customer-facing applications drives its substantial share of the cybersecurity budget.
  • Security analytics and incident handling reach 13% and 14%, respectively. Forrester notes that each of these separate services accounts for a relatively low percentage of the overall cybersecurity budget. Still, most organizations combine spending on these two categories into “detection and response.” Both areas combined equal 26% of the overall security budget, on average.
  • Getting compliance and governance right is a growing concern for many CISOs who are willing to spend their budget to stay in good standing with the SEC. The Security and Exchange Commission’s Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure adopted on July 26, 2023. The rules adopted by the SEC define a standardized process for cybersecurity disclosures for public companies. These rules require companies to disclose material cybersecurity incidents on Form 8-K or Form 6-K within four business days of determining the incident’s materiality. Additionally, companies must include cybersecurity risk management, strategy, and governance information in their annual reports (Forms 10-K and 20-F). The rules also mandate the use of Inline XBRL for tagging these disclosures.
  • Incident handling is on average, 13.5% of a global cybersecurity budget. This category is the most unpredictable, as it deals with responding to intrusions and breaches that cannot be forecasted. Spending on incident handling varies by company size, with small organizations (fewer than 10,000 employees) aligning with the global average of 13.5%. Larger organizations tend to allocate slightly less, likely due to more extensive preventative measures and diversified cybersecurity resources.
  • Privacy is core to customer trust today and gets funded, even in tough budgeting cycles. The two departments that use privacy-related solutions the most frequently are legal and marketing, which dedicate on average 12% of a cybersecurity budget to them. Forrester notes that this 12% figure is not the total privacy spend of an organization. Rather, the report says, “Data privacy spans multiple areas of the organization, including marketing and legal. Its share of the security budget doesn’t represent the total spending on privacy-related initiatives across the entire technology estate.

Balancing the scales of cybersecurity budgeting

The bottom line is that cybersecurity is a business decision and needs to be funded with that mindset. Organizations need to see the CISO role as a more board-level one so they can share their technology expertise in helping to manage risk.

It’s time for cybersecurity to be funded as a growth engine, not just one used for deterrence alone.

CISOs can balance the scales by looking for an opportunity to elevate their role to a CEO direct report and, ideally, be on the board to help guide their companies through an increasingly complex threat landscape.