Security software is the fastest-growing software subcategory in enterprise budgets in 2026. ETR's Spring 2026 Macro Views Survey, a quarterly read on enterprise technology budget intentions, finds that security software is on track for 7.2% spend growth over the year ahead. That is nearly double the 3.7% overall software mean and more than triple the 2.3% rate of the slowest subcategory, HR and workforce management software. While total IT spending growth slowed to 3.6% and software as a whole decelerated, security held its position at the top of the budget. The survey draws on responses from over 1,700 technology leaders, including 288 from Fortune 500 and 421 from Global 2000 organizations, fielded between March 3 and April 5, 2026.

Key Takeaways

• Security software leads all software subcategories at 7.2% expected spend growth, well ahead of the 3.7% overall software average.

• Monitoring, data, and business intelligence tools rank second at 5.7%, while HR and workforce management software trails at 2.3%.

• Total technology spending growth fell to 3.6% in Spring 2026, down a full percentage point from 4.6% in Winter, with moderation across enterprise sizes, industries, and regions.

• Near-universal AI adoption, with only 6% of organizations not using it in any capacity, is expanding the attack surface security teams must cover.

• Buyers are more disciplined, not less committed: staffing-cost reduction fell to 20% as a primary cost-cutting method while vendor consolidation (16%) and SaaS license optimization (9%) gained.

Enterprise technology spending is still growing in 2026, but it is growing more carefully. Total IT spending growth fell to 3.6% in the Spring, down a full point from Winter 4.6%, with moderation across nearly every cut in the data. When the overall budget tightens, the natural question is which line items get protected and which get trimmed.

The 2026 data answers that question clearly for one category. Security software is not just holding its ground. It is the single fastest-growing software subcategory ETR tracks, expanding at 7.2% while the broader software category decelerated to 3.7%. In a year defined by moderation, security is the exception that keeps winning.

Why Does Security Stand Out as IT Spending Slows?

Security stands out because it is the only software subcategory still accelerating while the rest of the market moderates, growing at 7.2% against a 3.7% software average.

The Spring survey shows a more cautious spending picture than the start of the year. IT spending growth fell a full percentage point from January's 4.6% estimate, with the slowdown visible across enterprise sizes, industries, and regions.

That makes the security software reading more meaningful, not less. Growth is easy to explain when everything is moving up. It is far more telling when one category continues to stand above the pack while the broader market cools. Security software at 7.2% is not simply outperforming weaker categories. It is separating itself from the entire software market.

The data behind that gap is consistent. Monitoring, data, and business intelligence tools follow security at 5.7%, with DevOps and IT management (4.1%), productivity and collaboration (4.0%), and ERP (4.0%) clustered near the average. At the bottom, HR and workforce management software trails at 2.3%. The categories growing fastest are the ones buyers consider foundational, and security sits at the top of that list.

Why Has Security Become a Protected Budget Item?

Security has become a protected budget item because enterprises no longer treat it as discretionary spending; it is business infrastructure tied directly to revenue, trust, and compliance.

Cybersecurity is winning because the cost of underfunding it has become too high to accept. Security spending behaves differently from most software spending because the cost of underfunding it is asymmetric. A delayed analytics project or a deferred collaboration upgrade carries a manageable, mostly internal cost. An underfunded security program carries tail risk: a single breach can erase years of savings and inflict regulatory, legal, and reputational damage that no budget line recovers quickly. Security protects revenue continuity, customer trust, compliance obligations, and the credibility of every digital initiative, and those outcomes matter most precisely when the spending environment is cautious. That asymmetry is what makes security one of the hardest categories to cut, even when finance is asking every other team to do more with less.

How Is AI Expanding the Security Mandate?

AI expands the security mandate by multiplying the tools, integrations, and data pipelines that have to be protected, giving security teams more ground to cover rather than less.

The security budget story intersects directly with AI adoption. Enhancing workforce productivity remains the dominant AI use case at 73%, while supporting employee decision-making rose to 64%. At the same time, the share of organizations not leveraging generative AI in any capacity fell to 6%.

That near-universal adoption changes the enterprise risk profile. Every new model, integration, and data pipeline becomes something that has to be secured, and GenAI raises the stakes for identity, data protection, monitoring, and policy enforcement. In plain terms, AI does not reduce the need for cybersecurity. It gives security leaders more ground to cover, and security spend tends to scale with the complexity of what it protects.

This also helps explain why monitoring, data, and BI tools sit second only to security. Observability, data governance, and threat detection increasingly draw from the same foundation, so investment in one tends to pull investment in the other. Both sit well above the software mean while categories tied to headcount sit below it.

How Is Budget Discipline Changing Security Buying?

Budget discipline is making security buyers more selective: the category stays funded, but spending concentrates on vendors that prove value, consolidate the stack, and support AI and cloud strategy.

A protected category is not a blank check. Technology leaders are getting sharper about where the money goes. Spring data shows that reducing staffing costs fell to 20% as a primary cost-cutting method, while vendor consolidation came in at 16% and SaaS license optimization reached 9%, its highest level on record.

That discipline reaches security too, and the spending data shows it concentrating rather than spreading evenly. ETR measures vendor momentum with Net Score (the share of a vendor's customers increasing spend minus the share cutting it) and it tracks that score separately for customers raising their overall IT budget and those reducing it. Within information security, several vendors hold a healthy Net Score even among customers cutting their broader IT budget, a sign that buyers protect specific security relationships rather than funding the category as a whole. Microsoft posts the strongest profile in the category, staying healthy with both budget-growers and budget-cutters, and specialists such as CrowdStrike and Cloudflare stay in positive territory even among customers reducing overall spend, while others see softer momentum. Category-level strength is real, but it is not evenly distributed.

For vendors, that means 7.2% category growth is an opportunity, not a guarantee. Buyers will expect clearer proof of value, cleaner packaging, stronger integration, and fewer redundant tools. Security vendors should be ready to answer three questions with data:

• • Does this measurably reduce risk?

  • Does this consolidate or simplify the stack?

  • Does this support the enterprise's AI, cloud, and data strategy?

The category is protected, but protection is not the same as immunity. The vendor that wins is not the one with the loudest threat narrative. It is the one that can prove it is mission-critical, not merely familiar, when finance and procurement are hunting for overlap.

Could Hardware and Tariff Pressure Favor Software-Based Security?

Possibly: with hardware pricing surging to 5.5% and tariffs prompting purchase delays, technology leaders have reason to favor cloud-based and software-driven security that does not depend on infrastructure refreshes.

The infrastructure side of the budget adds one more dimension. Hardware spending accelerated to 3.7%, while hardware pricing surged to 5.5%, the sharpest pricing jump across major categories. Cloud held steady at 7.9%, and software growth slowed to 3.7%. Tariff uncertainty is also shaping behavior: a combined 35% of respondents are actively planning or have implemented tariff-related purchasing adjustments, led by renegotiating vendor contracts (47%), delaying hardware or infrastructure purchases (46%), and diversifying suppliers (39%).

This may create a practical opening for cloud-based and software-driven security investments. When hardware becomes more expensive or harder to time, technology leaders have reason to look for ways to strengthen defenses without committing to a major infrastructure refresh. The data supports the direction without overstating it, but the logic favors security approaches that do not depend on hardware cycles.

The Bottom Line

Cybersecurity is winning the IT budget war because enterprises understand the cost of getting it wrong. Even as spending growth moderates across nearly every cut, security leads every software subcategory at 7.2% and widens its distance from the rest of the stack. It stays funded because it is tied to business resilience, AI readiness, regulatory confidence, and operational continuity.

For security vendors, the category tailwind is genuine. For the technology leaders setting these budgets, the question is no longer whether to fund security, but how to direct a protected and growing budget toward the platforms and partners that deliver the most defensible value. Technology leaders may cut, delay, and renegotiate around the edges. Security is still sitting closer to the center of the enterprise technology agenda.

Access more Macro Views Findings. The full report covers spending intentions across cloud, software, hardware, and AI, with breakdowns by sector, company size, and region. Visit the Macro Views page to fill out the form to access the summary and complete report.