Under budgetary pressure, cyber teams must do more with less. AI and tool consolidation help automate repetitive tasks and streamline costs.
For years, cybersecurity has enjoyed a special status in corporate budget decisions. Faced with rising threats — ransomware, supply chain attacks, massive data breaches — CIOs and CISOs were easily able to obtain larger budgets, justified by urgency and growing regulatory pressure. That time is over. Today, the Boards set targets for reducing overall costs, sometimes on the order of 5% less spending across an entire group, and cybersecurity is no longer an exception. Budgets are at best unchanged, at worst slightly reduced. And yet, the threat level does not decrease. The watchword is clear: do as much, or even more, with less.
This paradoxical injunction places cyber managers in an uncomfortable position. How can we maintain, or even improve, the level of protection of an increasingly complex, distributed and exposed information system, without additional resources? The answer will not come from an isolated technological miracle, nor from simple cutting costs. It requires a profound transformation of the way teams work, how tools are selected, and how investments are justified. This is precisely where artificial intelligence comes in — not as a buzzword, but as a concrete operational lever.
Decorrelate two curves that CFOs monitor closely
There is an image that financial departments have in mind: two curves that progress in parallel. On the one hand, turnover growth. On the other, the evolution of IT costs and the associated payroll. As long as these two curves remain synchronized, margins stagnate. The promise of AI, when it is well integrated and correctly deployed, is precisely to break this logic. CAC 40 companies have already made this public: some have announced AI budgets of several billion euros, with equally significant cost savings objectives at stake. This is no longer prospective, it is an operational reality that is taking hold.
For cyber in particular, this decoupling involves two complementary levers. The first is the intelligent automation of low-value-added tasks. The IT security job market remains structurally tight: experienced profiles are rare, expensive, and in high demand. Mobilizing them on simple problems, such as the management of repetitive alerts or manual reporting tasks, is a waste that few organizations can still afford. The so-called “Shift Left” strategy — ensuring that the right people are assigned to the right tasks, at the right level of complexity — is today regaining its relevance, supported by AI agents capable of processing in volume what was until now repetitive human work. Ticket resolution, security event correlation, behavioral anomaly detection, initial response to incidents: the use cases are now precise, the results measurable, and the impact on teams concrete. Seasoned engineers can finally focus on what they were hired to do.
Platformization, another lever for budgetary rationalization
The second lever is the consolidation of tools. For years, security stacks have piled up in an anarchic manner: one tool per use case, one vendor per problem, as many consoles to master, as many contracts to manage, as much training to finance. This era is coming to an end. Customers now expect their vendors to actively help them reduce the number of solutions in their environment, not increase them. Fewer salespeople mean fewer licenses, less time spent on training, more agile and more efficient teams.
Platformization meets this expectation. It allows the same solution to address several use cases, for example asset management, compliance, remediation, incident response, while deeply integrating with other structuring tools of the IT department, such as ITSM or CMDB. AI agents further amplify this potential: by bringing previously siled systems into dialogue, they create end-to-end workflows with a start, an end, and a measurable impact. It is this level of integration which today makes it possible to demonstrate real, and no longer supposed, value.
2026: the year of accountability
But perhaps the most significant change is cultural. For two years, AI was massively oversold. Considerable budgets have been committed, sometimes without clearly defined success criteria or rigorous monitoring mechanisms. Marketing teams ran faster than product teams. This phase is now complete. Clients demand quarterly evaluations, quantified proofs, demonstrated ROIs.
Accountability – this requirement to be accountable for what we have promised – is no longer a pious wish, it is a sine qua non condition for continuing to invest. General management asks their CIOs and CISOs to justify each euro spent, by concretely showing how it contributes to the company’s objectives.
This is good news, actually. This pressure forces the entire ecosystem out of marketing and into reality. And the reality is that technology has today far exceeded what the market knows how to explain or sell. AI agents, automated workflows, deep integration between security and operational tools — it all exists, works, and delivers tangible results. Organizations that are able to move from the posture of incurred expenditure to that of managed investment will derive a lasting competitive advantage.
