2026 Cyber Trends: Funding Tools, Firing Talent

A new survey from AXIS Capital has revealed a contradiction at the heart of modern cybersecurity strategy. While organisations are pouring money into their defences, some are also removing the very human expertise that might be needed to manage them.

The data shows a sector in transition with rising budgets meeting falling headcount, and the optimism of the CEO suite is increasingly at odds with the caution of the CISO.

For UK businesses, understanding this dynamic isn’t just about reading the tea leaves, it’s about ensuring your organisation doesn’t automate its way into a breach.

AI-driven attacks as the greatest emerging cyber threat

20.8% of UK organisations now view AI-driven attacks as their greatest emerging cyber threat.

The threat isn’t just about simple phishing emails riddled with spelling errors, industry now faces AI-augmented adversaries capable of generating polymorphic malware, conducting deepfake social engineering attacks, and probing network vulnerabilities at machine speed.

Yet, despite this escalating threat landscape, the industry’s response seems counterintuitive.

Budgets Up, Headcount Down

The report shows a strong disconnect between spending and staffing:

• 82% of respondents plan to increase their cybersecurity budgets over the next 12 months.
• 75.2% say they are likely to reduce cybersecurity headcount due to productivity gains from AI tools.

This suggests that many leadership teams are falling into an “Efficiency Trap”. The logic seems to be: “We bought the AI tool, so we don’t need the analyst.”

While AI tools are force multipliers, at Mondas we don’t see them as autonomous replacements. An AI can flag an anomaly in microseconds, but it still needs a skilled human analyst to interpret context, understand business intent, and make the critical decision on how to respond. Cutting headcount while threats become more sophisticated is akin to buying a faster Formula 1 car but firing the driver.

The C-Suite Disconnect

Who’s driving these decisions? The survey highlights a significant “Confidence Gap” between those at the top and those on the front lines:

• 60.2% of CEOs believe their company is more prepared than peers to respond to AI threats.
• Only 50.6% of CISOs share that confidence.

This gap is even more pronounced in the UK compared to the US. While 85% of US leaders feel “prepared” for AI threats, only 44% of UK leaders say the same.

While some might view this UK caution as a weakness, we see it as a strength. It suggests that UK CISOs are taking a more realistic, prudent view of the landscape. They understand that “preparedness” isn’t just about having the latest software installed; it’s about governance, resilience, and the ability to weather a storm.

The Human-Led, AI-Powered Future

The allure of AI is undeniable. It promises speed, scale, and efficiency. But cybersecurity remains, fundamentally, a human challenge. Attackers are human; their motivations are human; and the assets we protect are valuable because of their impact on humans.

The organisations that will thrive in 2026 aren’t those that replace their security teams with algorithms. They are the ones that use their increased budgets to augment their people.

Our philosophy at Mondas has always been clear: use the best tools to handle the noise, so your experts can focus on the signal.

The data is a warning, but it is also a roadmap. By balancing investment in technology with investment in people, UK firms can close the confidence gap and turn the AI paradox into a competitive advantage.

This article was brought to you by George Eastman, Sales Manager at Mondas, read more about George here. Original report here: AXIS Capital.