- In 2029, 69% of cybersecurity spending will be on software across seven prime functional disciplines of cybersecurity (applications, cloud, data, endpoint, network, identity, and security operations);
- the remaining spending will be allocated to security services, excluding security outsourcing, implementation, and deployment services; and
- AI software spending will grow at a CAGR of 21.2%, from $74.3 billion in 2024 to $194.3 billion by 2029.
Merritt leads Forrester’s Security & Risk research team focused on cloud security, identity security, endpoint security, and proactive security. As research director, Merritt leads a team of analysts who publish research, deliver thought leadership, and conduct client advisories on cutting-edge topics related to cloud security, identity and access management (IAM), endpoint security, IoT/OT security, vulnerability management, and proactive security. Merritt has spoken at industry events such as the RSA Conference and Cloud Identity Summit, and his insights are widely cited in publications such as the Wall Street Journal, Dark Reading, and CSO Online. Merritt’s research focuses on identity security, physical security, cybersecurity M&A, and overall cybersecurity market trends and growth.
- Don't miss InfoSec World 2025 — October 27 to 29 at Disney’s Coronado Springs Resort! Cybersecurity pros, workshops before and after, and endless networking. Save 25% with code ISW25-SW at securityweekly.com/ISW2025!
Matt Alderman
- How cybersecurity impacts customer loyalty
In the digital economy and marketplace we operate in, cybersecurity has morphed into something much bigger than just a risk mitigation tool. It can be a core driver of digital trust, brand value, and—critically—customer loyalty.
- The problem with cybersecurity is not just hackers – it’s how we measure risk
CISOs rarely have unlimited budgets – thinking like Billy Beane, former general manager of the Oakland Athletics depicted in the move Moneyball, forces them to accept constraints and still deliver results. The discipline is not about perfection, but about being efficient enough to survive.
- What California’s new AI law means for CIOs
Tech leaders will need to adapt multiple processes to ensure providers are meeting the new standards, according to analysts.
- How CISOs Can Drive Effective AI Governance
AI's growing role in enterprise environments has heightened the urgency for Chief Information Security Officers (CISOs) to drive effective AI governance. When it comes to any emerging technology, governance is hard – but effective governance is even harder. The first instinct for most organizations is to respond with rigid policies. Write a policy document, circulate a set of restrictions, and hope the risk is contained. However, effective governance doesn't work that way. It must be a living system that shapes how AI is used every day, guiding organizations through safe transformative change without slowing down the pace of innovation.
- The Art of the Executive Exit
Even seasoned leaders and boards struggle with CEO exits. Every transition is shaped by a unique mix of people, politics, and circumstances, but all have an emotional undercurrent. In an ideal exit, all parties create a virtuous cycle of candor and trust. Organizational stability is maintained, the chair and departing leader reflect and learn, and the business moves forward smoothly. Unfortunately, such exits are rare. Winning CEO transitions require structure, intent, and shared ownership. Departing CEOs should do the emotional work of leaving early, hand over their role with grace, and reinforce culture on the way out. Boards should reinforce identity, continuity, and respect during the transition.
- The Language of Leadership: How to Set Firm Boundaries Without Sounding Like a Jerk
The words you use to protect your time and energy can build respect or breed resentment. Here’s a practical guide to setting limits that empower you and your team.








