SecurityBrief US - Technology news for CISOs & cybersecurity decision-makers
United States

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Computer shield digital data streams ai elements network web cybersecurity protection
#
Data Protection
#
Advanced Persistent Threat Protection
#
Supply Chain

Preemptive cybersecurity to reach 50% of IT security spend by 2030

Fri, 19th Sep 2025
Author image
By Melvin Hipolito, Editor

Preemptive cybersecurity solutions are forecast to make up 50% of IT security spending by 2030, according to a recent report from Gartner.

Preemptive cybersecurity technologies leverage advanced artificial intelligence and machine learning to identify and neutralise threats before they can develop. Gartner states that these tools include predictive threat intelligence, advanced deception methods and automated moving target defence capabilities.

Industry shift

"Preemptive cybersecurity will soon be the new gold standard for every entity operating on, in, or through the various interconnected layers of the global attack surface grid (GASG)," said Carl Manion, Managing Vice President at Gartner. "DR-based cybersecurity will no longer be enough to keep assets safe from AI-enabled attackers. Organisations will need to deploy additional countermeasures that act preemptively and independently of humans to neutralise potential attackers before they strike.

"Ignoring the shift brought by AI-driven cyberthreats poses a significant and escalating risk to product and innovation leaders. By clinging to reactive security strategies as their primary line of defense, they will expose their products, services and customers to a new, rapidly escalating level of danger."

This move towards preemptive protection comes as the number of cyber risks continues to increase. The global attack surface grid, which represents the sum of digital touchpoints vulnerable to attack, is expanding rapidly in what Gartner refers to as the "age of GenAI".

Gartner predicts that by 2030, there will be more than 1 million documented Common Vulnerabilities and Exposures (CVEs), a 300% increase from the approximately 277,000 CVEs forecast for 2025. This substantial rise demonstrates the growing complexity of cybersecurity challenges facing organisations worldwide.

Autonomous approaches

An emerging focus highlighted by Gartner is the development of the Autonomous Cyber Immune System (ACIS), which is positioned as a future-oriented evolution of cybersecurity for the growing GASG. ACIS aims to use decentralised intelligence and tactical defences to proactively adapt to threats, rather than merely responding to incidents post-factum.

"The relentless expansion and increasing sophistication of the GASG render traditional, reactive cybersecurity measures obsolete. Though early in its development, the proactive and adaptive power of the ACIS, is unequivocally the future of digital defense," said Manion. "The development and deployment of intelligent, decentralised, tactical ACIS frameworks are not merely aspirational goals, but an eventual absolute imperative for safeguarding our increasingly interconnected world."

Specialisation and integration

Gartner further suggests that security strategies are shifting to more targeted and specialised solutions, with preemptive capabilities being designed for specific sectors, application types or malicious actor tactics. Such solutions are expected to be powered by agentic AI and domain-specific language models, facilitating precise defence measures where generic products may fall short.

The report identifies opportunities for security vendors to focus on niche markets, such as healthcare, finance, and manufacturing, or on securing particular application types like industrial control systems, cloud-native applications and AI/ML pipelines. There is also an increased emphasis on combating specific attack methodologies, such as ransomware campaigns targeting critical infrastructure or supply chain attacks affecting SaaS platforms.

"This emphasis on specialisation will drive increased collaboration and integration within the cybersecurity ecosystem. Because no single vendor can effectively address the entirety of the GASG, partnerships and interoperability between specialised solutions will become even more crucial," Manion said.

Manion added, "For instance, a vendor specialising in preemptive cybersecurity for IoT devices in the healthcare sector might need to integrate with a platform focused on securing cloud-based electronic health records. Such interdependencies will create opportunities for technology alliances, joint go-to-market strategies, and the development of standardised APIs and data formats to facilitate seamless interaction between disparate security solutions."

Preparing for the future

The broad transition towards preemptive cybersecurity is expected to reshape not only vendor offerings, but also organisational strategies, regulatory approaches and industry partnerships. As risks posed by advanced AI-driven threats grow, Gartner's projections indicate that preemptive, automated and highly integrated security systems will become a primary line of defence for enterprises operating across the global attack surface grid.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Microsoft tops global phishing brand rankings again
Index Engines expands CyberSense reach & OEM alliances
Portnox unveils global channel push with new VP hire
AI translation outpaces governance in defence work
Team Cymru & Filigran integrate Pure Signal with OpenCTI

Top stories

ChatGPT drives bulk of enterprise generative AI data risk
BioCatch warns AI agents will supercharge online fraud
Hayo boosts mobile registry to combat SIM swap fraud
Nozomi unveils Vantage IQ for OT & IoT cyber defence
Armis unveils flexible global partner scheme for Centrix