In 2026, enterprise AI moves from pilots to production. Leaders are narrowing AI access while increasing spend, building governance that ties models to ROI, and doubling down on identity-centric zero trust because AI has not yet delivered a clear defensive edge in cybersecurity.

This time of year, everyone is talking about trends. And we’re no different, but our conversations are anchored in what technology leaders are actually doing. Between our Top 10 Enterprise Technology Trends for 2026 and our partnership with siliconAngle for the annual Enterprise Technology Predictions, we have spent the past few weeks pressure testing what is real, what is hype, and what will matter when budgets get approved. That same reality check shows up in our annual Tech Trends panel, where leaders described a clear pivot from AI experimentation to execution, with success now defined by cost control, governance, and production-grade outcomes. Panelists are prioritizing narrow, high-impact deployments on mature data and cloud platforms, while confronting the hard parts of scaling AI, including cost, regulatory compliance, security gaps, and data quality. CISOs remain skeptical that AI will be a defensive breakthrough in cybersecurity as attackers move quickly, so identity-centric, zero-trust architectures are back at the center, even as spending climbs through targeted access, measurable ROI, and enterprise-grade capabilities. Read on for what this shift means for identity as the new security perimeter, the cultural drivers behind lean IT teams, how unions are navigating AI-driven workforce change, and one sleeper security vendor worth watching.

Key Takeaways

• AI has shifted from experimentation to execution. Enterprise leaders are prioritizing governance, cost discipline, and production-grade outcomes over visionary pilots or broad experimentation with AI in 2026.

• Spending on AI continues to rise even as license counts fall. Rising AI spending in light of reduced seat counts reflect a move toward targeted access, higher-value capabilities, and measurable ROI rather than mass enablement.

• Identity-centric, zero-trust security is emerging as foundational. CISOs remain unconvinced that AI meaningfully improves cyber defense while attackers rapidly weaponize AI. Identity-led, zero trust paradigms have become widespread goals for security leaders.

• AI’s workforce impact is becoming clearer but uneven. Automation is reducing reliance on specialized roles and limiting future headcount growth, while regional labor protections and modernization gaps shape outcomes.

• Salesforce, major security names, and SailPoint called out for strengths and weaknesses. Additional vendor commentary for this 2026 Tech Trends Panel includes skepticism about Salesforce Agentforce’s capabilities; positive sentiment on reliable big security names Palo Alto Networks, CrowdStrike, and Commvault; and a highlight of SailPoint as a “sleeper” vendor to watch in the new year for its lower cost and greater efficiency.

Maturing AI Programs Mean More Governance and Higher Spending, but Fewer Seats

The 2026 edition of ETR’s annual Tech Trends Feedback Panel helps tell the stories behind the data captured in Top 10 Enterprise Technology Trends for 2026. Our panelists are shifting from experimentation to disciplined execution with AI initiatives, as organizations focus on cost control, governance, and production-scale outcomes. With AI now broadly embedded, vendor differentiation is less about vision and more about proven operational value. “Now that you see more vendors that are moving forward in their AI initiatives,” says the Director of IT for a large industrial supply company, “you have a lot more opportunity to select different vendors based on your needs, understanding what works and what doesn’t, and really seeing how the market is evolving.” For now, these executives are deploying it for narrow, high-impact use cases, in particular modular, multi-agent AI pipelines for unstructured and multimodal data. Snowflake and Databricks are most common, though over the past year, ETR panelists increasingly view Databricks as the superior platform for data science and MLOps compatibility, while Snowflake is often maintained primarily for traditional analytics and business intelligence. This sentiment persists in qualitative commentary even as ETR AI Product Series Product Stack analysis data shows Snowflake is emerging as an AI ecosystem in its own right. One senior data scientist at a global consulting firm uses Confluent as a Kafka-based real-time backbone integrated with specialized AI agents and human-in-the-loop workflows. “By orchestrating these sorts of agents, we can automate the ingestion and transformation, and that can kind of in turn boost accuracy and enable end-to-end insights. With the volume and variety as part of the IoT, the modular design of this is going to scale more gracefully, and that in turn, where we can kind of refine individual prompts and business logic.” IT leaders in previous annual Tech Trends conversations described this as “RPA on steroids," particularly for back-office functions like claims processing, where automation is rapidly advancing even customer-facing voice applications.

November 2025 AI Product Series data show respondents view their organization’s AI roadmap as gradually maturing. On a scale of 1 to 5, less than half (49%) of respondents rated their company’s AI maturity as a 3 or higher in May 2025, but by November 2025 those rating a 3 or higher in maturity rose to 54%, as those indicating they are just at the beginnings of their AI journeys (1 or 2 on a 5-point scale) have decreased in this same time period.

Main themes include open RAG, LLM, fine tuning, and hallucinations, as well as semantic modeling. That said, for legacy-heavy global enterprises, scaling AI exposes cost and regulatory challenges. “What works for the POC does not work for the operational,” says the senior director of data and AI at a multinational logistics firm. Security is, as always, a top concern. The Global CISO at a major energy and utilities firm finds AI has yet to deliver meaningful gains in cyber defense, even as attackers rapidly adopt AI to scale phishing and malware. “[To date] I think AI has absolutely failed. I haven’t had a single vendor from Microsoft on down be able to prove to me that AI is going to help me.” They are eager for defensive technology to evolve. “We have to find ways to improve our detection and response time through AI; I’m hoping that 2026 brings that around.” Broadly for the past few years, IT executives warn that while security vendors promise automated “magic," the reality often involves significant manual oversight, with “AI fighting AI” needed to counter the speed of automated attacks.

Enterprises are buying fewer AI licenses, though overall spending continues to rise, driven by tighter governance, more focused use cases, and demand for higher-value capabilities. Panelists agree this reflects a move away from novelty-driven adoption toward disciplined deployment seeking measurable ROI. “When you look at things like Microsoft Copilot, and you expand use cases into Security Copilot, GitHub Copilot, and other products in that portfolio, your spend is going up, but those types of products are for targeted groups, and not necessarily for the mass market.” There are often cultural and operational drivers behind tighter licensing. One organization emphasizes individual autonomy and lean teams, applying strict license scrutiny and least-privilege access, a skepticism reinforced by a growing sentiment among buyers that vendors are “forcing” customers to adopt costly AI features that should arguably be included in the base research and development fees of enterprise platforms. “There’s a mindset that somebody who’s tasked to get access to any particular software is going to be doing the job of multiples. There’s no ‘teams’ to work with.”

According to November 2025 AI Product Series data, 89% of organizations expect higher spending in the next year, and 84% project AI to grow as a share of total tech budgets.

One CISO summarizes succinctly: “Companies are buying less AI access, but more capability.” They want reliability, control, and enterprise-grade functionality rather than mass adoption. Another has folded AI initiatives into an existing demand-management framework, requiring upfront financial validation, defined ROI, and an operational timeline. “Once we put all those data points on it, I think the governance became much more fact-based than emotion-based. Initially people would take the smallest problem possible and just do it and voila, just to say, yeah, it works great. Now we’re saying zoom out, define this thing, go in front of the execs, show them the big picture, and tell them what you’re going to do.”

AI governance structures are borrowing from earlier data-governance and security playbooks, bringing data quality, security, and financial controls into sharper alignment. At times, rapid AI experimentation has temporarily overshadowed foundational data governance principles. “You’re only as good as the quality of the data that you’re pouring in. If you do not pay attention to how your models are getting trained, you can get only so much farther, and then you will be hit with these anomalies and all that.” Other executives in previous Tech Trends panels have emphasized that because LLMs function as “black boxes” once fed, organizations are doubling down on input governance, recognizing that scaling AI is impossible without a unified data fabric to control sensitive PII before it enters the model. The Director of IT at an industrial supply company describes early AI adoption as a case of “cart before the horse,” with legal, security, and business teams initially pulling in opposite directions. Their organization has established a cross-functional AI committee to evaluate use cases, data readiness, and security implications before scaling deployments. “You have more things to worry about, like deep fakes, and other potential security concerns that can really cause problems for your enterprise.” A third panelist likens the current moment to the early days of the internet. “We have a bunch of lawyers who are helping. We’ve got a governance policy that covers the entire company. But the fact remains that people are moving. It looks tasty to the business, but it’s a constant struggle to make sure that they understand that there’s a lot of risk involved.”

Zero Trust and Identity are Top Security Priorities

AI is yet another argument for identity-centric security and zero trust architectures; while “zero trust” remains loosely defined, its practical implementation centers on ensuring the right users access the right resources at the right time. “The CISOs that I know and myself have been talking about identity as the new perimeter for a long time, making sure that people have just-in-time access, and that they have the right access to the right information at the right time. It is a foundational part of the new way of doing cybersecurity.” To sell this paradigm shift to skeptical boards who recoil at the term “zero trust,” some CISOs have successfully rebranded the strategy as “continuous authentication,” focusing on context-aware policies that verify device posture and location rather than just user credentials. Today, our panelists use Zscaler and Okta to integrate IAM, IGA, SSO, FIDO2 authentication, biometrics, and behavioral signals to balance security with productivity. “There’s a tool that we see a lot of our clients using called Sapience, that tracks every single thing. For example, if you join a meeting on your own work email, but not on the client email domain, it doesn’t count it as current time. They scrutinize things, that people are in the most secure environment.”

AI’s Impact on Headcount Comes into View

Impact on IT headcount is becoming more visible, though uneven across regions, industries, and job categories. One Global CISO at a large European energy and utilities firm says AI has not directly eliminated any jobs in his organization. “The employees are protected pretty heavily by the unions. I could see it helping us, doing a lot of the mundane things that nobody wants to do, and then the humans can spend more time doing the things that they really want to do.” Other participants, however, describe a far more turbulent US labor market, where retraining experienced professionals is often overlooked. “Companies like Google, they’re saying that they don’t need people even with any degree, just high school, and they can come in and do this. They look for people not with necessarily the qualification, but who kind of had the experience.” One panelist posits that workforce displacement is often attributed to AI when it more accurately reflects delayed modernization. “Somebody’s processing a bill of lading or doing a shipping manifest. In that instance, that’s something that was going to be automated anyway. AI just happens to make that process easier.” This aligns with recent ETR survey data indicating that 34% of Fortune 500 companies are now using AI to limit future headcount growth, engaging in a structural overhaul that targets inelastic, repeatable tasks rather than simply laying off existing staff. A senior director at global logistics company offers the clearest picture: AI, they say, has reduced reliance on specialists by accelerating productivity for junior staff and automating large portions of operational workflows. “What used to be a 30- or 40-person group, now it’s about four or five people. We still have one human in the middle, but we don’t need as many, because 80% to 90% we were able to automate. Ten percent, yeah, we need four or five people to kind of do those outliers.”

In the January 2026 Macro Views Survey, the portion of respondents indicating AI is limiting future headcount growth rose from 21% in July 2025 to 30% in January 2026, and those indicating AI was resulting in strategically reducing current headcount rose from 14% to 18% in the same time period.

IT leaders expect 2026 to be defined less by experimentation and more by consolidation around a smaller set of trusted vendors. Panelists broadly aligned with survey data showing strong momentum behind cloud and data platforms such as Databricks, Snowflake, OpenAI, Anthropic, Amazon Web Services, and Microsoft. “I’m seeing more traction with AWS and Azure, at least with project availability and a lot of skill set demand, but it’s not that you do the certification in AWS or any public cloud vendor and think that you get a job. Very highly specialized generative AI engineers or deep learning and those kinds of vendors, that’s what I see for 2026.” Of note, the strategic advantage of cloud-agnostic platforms: Snowflake and Databricks have matured into enterprise standards precisely because they are not tied to a single hyperscaler. See previous ETR panel feedback from financial services leaders who prioritize Snowflake specifically to maintain a “cloud-agnostic posture,” deliberately avoiding native hyperscaler offerings like Google BigQuery to preserve architectural independence. Then, “We’re strong users of Workday and ServiceNow. I think they’re phenomenal, what they’ve done and how well they have seamlessly integrated AI into our day-to-day experience.” Conversely, “Teradata is a disappointment. I think they had the front row seat with this thing. Another vendor that comes to my mind is SAS, another one that kind of missed the boat.”

Additional Vendor Commentary: Salesforce Skeptics and SailPoint a Sleeper

Some of today’s panelists like Salesforce, though one is quick to push back. “I mean, there’s certainly use cases. I use it for call center customer service, which is a perfect use case. But there’s a lot of other things that AgentForce doesn’t address at this point and doesn’t really have a clear roadmap to get there.” In previous panels, some early adopters are going a step further and planning to reduce Salesforce licenses entirely, describing Agentforce as simply “Einstein wrapped in new clothes” and noting that the technology failed to deliver on its initial promises during pilots. They warn that CIOs cannot afford to enable AI across every product in their portfolios. “I have to pick chosen leaders that’ll work for my organization across multiple use cases. Small players that have good products are going to be capitalized, and are going to be captured by larger vendors.”

A CISO panelist uses CrowdStrike, Commvault, and Palo Alto Networks, all highly ranked in ETR data, and flags SailPoint as a “sleeper.” “It’s far cheaper and it’s more efficient. I just like it. The whole IDAM team loves it. If I was going to go outside and pick a long shot, I would say SailPoint is one to watch.” ETR survey data has SailPoint receiving some of the highest marks for technical support and roadmap quality among identity peers. Still, despite heavy investment, AI-driven cybersecurity has yet to materially outperform existing approaches. “No one’s proven to me that they can do anything more than what we can do already, and it’s not that impressive.”

For a deeper outlook on 2026, read our Top 10 Enterprise Technology Trends for 2026 and siliconAngle’s annual Enterprise Technology Predictions. Both are grounded in our Technology Spending Intentions Survey (TSIS) and Macro Views Survey data to turn market signals into actionable insights.