Evolving market dynamics are changing the way cybersecurity providers reach potential customers, according to research from a McKinsey study in Cybercrime Magazine’s Cybersecurity Market Report 2025-2026, published last month.
Today, nearly 15 percent of (corporate) cybersecurity spending comes from outside the chief information security office (CISO), and non-CISO cyber spending is expected to grow at a 24 percent CAGR over the next three years, according to the McKinsey study, which goes on to state that this has changed from a decade ago, when almost all cybersecurity spending came from the CISO organization.
Going forward, cybersecurity vendors and service providers will need to increasingly cater to non-CISO customers, the McKinsey study posits, with most non-CISO cyber spending coming from buying centers responsible for cloud, product, network, and audit and compliance.
McKinsey shared additional insights on the cybersecurity market in a video recorded by Cybercrime Magazine at the RSA Conference USA 2025 earlier this year.
Watch the Video