IANS Research and Artico Search Release Security Budget Benchmark Report
Report finds Security Budget Growth Slows to a New Five-Year Low; CISOs face flat or shrinking budgets leading to difficult financial trade-offs amid volatile market conditions and increasing threats
Boston, MA – August 5, 2025 – IANS Research and Artico Search today released the 2025 Security Budget Benchmark Report, revealing that average security budget growth has slowed to just 4% year over year, the lowest rate in five years - a sharp decline from 8% in 2024. The slowdown comes in the face of continued global market volatility, driven by geopolitical tensions, uncertain tariff policies, and fluctuating inflation and interest rates. The resulting business caution is affecting security organizations to a greater extent than in prior years, leading to stagnant or reduced budgets affecting staffing across sectors and company sizes.
This slowdown underscores the deepening challenge in securing adequate resources for cybersecurity. To better understand how security leaders are navigating this environment, IANS Research and Artico Search conducted their sixth annual 2025 CISO Compensation and Budget Research Survey. The findings offer an in-depth look at how security programs are adapting in the face of economic pressure and rising cyber threats.
“Once again, we find that security budgets are not immune to macro conditions,” said Steve Martano, IANS Faculty and Partner at Artico Search. “Despite most companies identifying cyber as a top five business risk, most CISOs are not receiving budget increases commensurate with the increase in security program scope. This year, the staffing constraints are especially significant with security leaders and their teams both reporting that they are stretched thin due to hiring freezes or limited budget for hiring. The downstream effects of this are real and include reduced team morale, delayed or stalled initiatives, and a growing gap between the company’s risk appetite and operational security.”
Key findings from the 2025 Security Budget Benchmark Report include:
- Security budget growth dropped to 4%, down from 8% in 2024 - more than half of CISOs reporting flat or shrinking budgets with certain sectors like healthcare bearing the brunt of economic instability more than others.
- Security budget as a percentage of IT spend declined from 11.9% to 10.9%, breaking a five-year upward trend as AI and cloud investments drove a rebound in IT spending surpassing security budget growth.
- Staffing growth slowed to 7%, its lowest level in four years, as hiring freezes limited teams’ ability to scale despite the threat environment becoming more complex.
- Only 11% of CISOs report being adequately staffed, while the remaining 89% describe their teams as stretched thin or understaffed leading to serious organizational risk given the continually expanding scope of security requirements.
"Security is being treated like any other business unit — its budget is largely a reflection of the macro environment and organizational goals,” said Nick Kakolowski, Sr. Research Director at IANS. “This is challenging as security's scope is rapidly increasing, putting pressure on CISOs to prioritize strategically and build organizational consensus around risk tolerances relative to budget availability."
To learn how security programs are adapting in the face of economic pressure and rising cyber threats, please download the 2025 Security Budget Benchmark Summary Report.
Security leaders will find recommendations offering practical strategies that align business objectives, better prioritize security initiatives and help justify additional program resources.
Survey Methodology
IANS Research and Artico Search fielded their sixth annual CISO Compensation and Budget survey in April 2025. From April through August, 587 CISOs from a diverse range of companies across different sizes, industries, and geographies participated in the study.
Respondents provided detailed data on the size and growth of their security budgets, staffing levels, and how spending is allocated across commonly used categories. IANS Research and Artico Search performed comprehensive analysis on this data to deliver peer benchmarks and aggregate insights for the 2025–2026 planning cycle.
About Artico Search
Founded in 2021, Artico Search’s team of executive recruiters focuses on a “grow and protect” model, recruiting senior go-to-market and security executives in growth venture, private equity and public companies. Artico’s dedicated security practice delivers CISOs and other senior-level information security professionals for a diverse set of clients.
About IANS Research
For the security practitioner caught between rapidly evolving threats and demanding executives, IANS Research is a clear-headed resource for making decisions and articulating risk. We provide experience-based security insights for CISOs and their teams. The core of our value comes from the IANS Faculty, a network of seasoned practitioners. We support client decisions and executive communications with Ask-an-Expert inquiries, our peer community, deployment-focused reports, tools and templates, and consulting.
Media Contact:
Angelique Faul
Silver Jacket Communications
513.633.0897
angelique@silverjacket.net