What is the latest update in the cybersecurity market?

The cybersecurity market had a massive first quarter in 2026, with record-breaking acquisitions, strong earnings, and a clear shift toward AI-powered security.

We constantly update this blog post so you always have the freshest picture of what is happening in the cybersecurity market right now.

And if you want to better understand this new industry, you can download our pitch covering the cybersecurity market.

Summary table of the most important updates in the cybersecurity market

We define the cybersecurity market as the set of technologies and services whose primary purpose is to protect digital systems, data, and users from cyber threats.

We include security software (e.g., identity, endpoint, network, cloud, application, and data security), as well as dedicated security services such as managed detection and response, security operations, penetration testing, incident response, and security awareness training.

We exclude general IT infrastructure and services (e.g., basic hosting, generic backup and disaster recovery, IT outsourcing, and purely physical security) unless they are specifically designed and marketed as cybersecurity offerings.

You can also get all the latest market news for the month here.

Piece of news	Category	Date	Source
Google closed its $32 billion acquisition of Wiz, the biggest cybersecurity deal of the quarter	M&A	March 11, 2026	Alphabet
Palo Alto Networks completed its CyberArk acquisition, making identity a core platform pillar	M&A	February 11, 2026	Palo Alto Networks
CrowdStrike acquired SGNL to control human, machine, and AI identities in real time	M&A	January 8, 2026	CrowdStrike
CrowdStrike acquired Seraphic to turn any browser into a secure enterprise browser	M&A	January 13, 2026	CrowdStrike
The European Commission proposed a revised EU Cybersecurity Act to reshape compliance	Regulations	January 20, 2026	EU Digital Strategy
CrowdStrike posted $5.25B ending ARR and crossed $1B in annual net new ARR	Financial results	March 3, 2026	Business Wire
Palo Alto Networks reported $2.6B quarterly revenue and raised full-year guidance	Financial results	February 17, 2026	Palo Alto Networks
SentinelOne crossed $1B revenue and reached full-year operating profitability	Financial results	March 12, 2026	SentinelOne
Palo Alto Networks launched Prisma AIRS 3.0 to secure AI agents end-to-end	Product launches	March 23, 2026	Palo Alto Networks
Cisco expanded AI Defense and launched AI-aware SASE for the agentic era	Product launches	February 10, 2026	PR Newswire
Check Point reported cyberattacks hit record levels, with AI accelerating threats	Market Research	January 28, 2026	Check Point
Gambit emerged from stealth with $61M for cyber-resilience automation	Fundraisings	February 26, 2026	SecurityWeek

How is the cybersecurity market doing now?

How do we define the cybersecurity market?

We define the cybersecurity market as the set of technologies and services whose primary purpose is to protect digital systems, data, and users from cyber threats.

We include security software (e.g., identity, endpoint, network, cloud, application, and data security), as well as dedicated security services such as managed detection and response, security operations, penetration testing, incident response, and security awareness training.

We exclude general IT infrastructure and services (e.g., basic hosting, generic backup and disaster recovery, IT outsourcing, and purely physical security) unless they are specifically designed and marketed as cybersecurity offerings.

This is also the definition we use in our report covering the cybersecurity market.

How big is the cybersecurity market in 2026?

Based on our analysis, the cybersecurity market is worth approximately $240 to $245 billion in 2026, growing about 50% faster than overall IT spending.

This is not a random guess, if you want to know how we have come up with this estimate, you can read our cybersecurity market size analysis here.

To put that number in perspective, the cybersecurity market is now larger than the global advertising technology market (around $180 billion) and is approaching the size of the semiconductor equipment market (around $260 to $280 billion).

The cybersecurity market scores 55 out of 100 on maturity, 85 out of 100 on competitive intensity, and 78 out of 100 on fragmentation, which means it is still a fast-moving, crowded space where no single vendor controls more than 10% of spending.

How fast will the cybersecurity market grow in the future?

The cybersecurity market is expected to grow at roughly 10 to 12% per year through 2030, based on converging estimates from Gartner, IDC, and Mordor Intelligence.

At an 11% annual growth rate, the cybersecurity market would reach about $365 to $380 billion by 2030 and roughly $680 to $720 billion by 2036.

That growth rate sits between enterprise software (10 to 12%) and cloud computing (16 to 22%), which makes sense because the cybersecurity market straddles both worlds.

What does current funding activity look like in the cybersecurity market?

Our team, who continually updates our cybersecurity market pitch deck, is keeping a close eye on the market and tracking key signals.

One of those signals is fundraising activity across startups. Each month, we refresh this page with a list of startups of the cybersecurity market that have raised funding, and we also publish a quarterly analysis here.

Is funding momentum accelerating or cooling in the cybersecurity market these days?

In Q1 2026, notable cybersecurity startup rounds included Gambit's $61M emergence from stealth, depthfirst's $40M Series A, and Memcyco's $37M Series A, showing that investors are still actively backing cybersecurity startups with strong AI and automation stories.

Compared to the broader trend, cybersecurity venture capital hit $11.6 billion in 2024 (a 43% year-over-year increase), and Q1 2026 signals suggest that momentum is continuing as AI-driven security tools attract fresh capital.

Deal sizes in Q1 2026 skewed toward mid-stage rounds in the $37M to $61M range, suggesting investors are favoring startups that already have working products rather than pure early-stage bets.

Which categories and business models are attracting capital in the cybersecurity market?

These categories and business models of the cybersecurity market are receiving important fundraising currently:

• Gambit raised $61M for cyber-resilience and recovery automation, betting that organizations need better post-breach tools, not just prevention.
• depthfirst raised $40M to use AI agents for finding software vulnerabilities, tapping into the growing demand for application security as AI-generated code expands.
• Memcyco raised $37M for digital impersonation prevention, addressing the rising wave of phishing and account-takeover attacks before they happen.

The common thread across Q1 2026 cybersecurity funding is clear: investors are backing startups that use AI to solve specific, painful problems rather than broad horizontal platforms.

Who's writing the most checks in the cybersecurity market?

These investors are being very active when it comes to fundraising in the cybersecurity market:

• CrowdStrike acted as both an acquirer and strategic investor, snapping up SGNL and Seraphic in the same month to build out its identity and browser security stack.
• Palo Alto Networks made multiple moves, completing the CyberArk acquisition and announcing intent to acquire Koi for agentic endpoint security.
• Google wrote the biggest check of the quarter by closing the $32 billion Wiz deal, signaling that hyperscalers see cybersecurity as a must-own capability.

Q1 2026 was dominated by strategic buyers rather than traditional venture capital firms, which suggests the biggest cybersecurity players are in land-grab mode for AI and identity security capabilities.

Any big acquisitions or IPOs in the last three months in the cybersecurity market?

These are the big acquisitions and IPOs that happened recently in the cybersecurity market:

• Google completed its $32 billion acquisition of Wiz on March 11, making it the largest cybersecurity M&A deal ever and bringing Wiz into Google Cloud.
• Palo Alto Networks completed its acquisition of CyberArk on February 11, adding identity security as a core pillar of its platformization strategy.
• CrowdStrike announced the acquisition of SGNL on January 8 to build real-time identity authorization across humans, machines, and AI agents.
• CrowdStrike announced the acquisition of Seraphic on January 13 to turn any browser into a secure enterprise browser connected to its Falcon platform.
• Palo Alto Networks announced intent to acquire Koi on February 17 to address agentic AI risks on endpoints.

Five major cybersecurity acquisitions in a single quarter shows that the biggest players are racing to build full-stack security platforms before the AI era reshapes the competitive landscape.

How are companies in the cybersecurity market performing overall?

We are watching this market everyday, because we need to constantly update our pitch deck. Here is a couple of things we have noticed.

Are there any standout success metrics or financial results in the cybersecurity market?

Q1 2026 delivered some of the strongest financial results the cybersecurity market has ever seen:

• CrowdStrike reached $5.25 billion in ending ARR and crossed $1 billion in annual net new ARR for the first time, posting $1.31 billion in quarterly revenue.
• Palo Alto Networks reported $2.6 billion in quarterly revenue, with Next-Generation Security ARR hitting $6.3 billion, and the company raised its full-year guidance again.
• SentinelOne crossed the $1 billion revenue milestone and reached full-year operating profitability, with ARR growing 22% year over year.

All three major cybersecurity platform vendors posted strong growth alongside improving profitability, which confirms that the cybersecurity market rewards scale and platform depth.

Have there been any major partnerships in the cybersecurity market?

Several important cybersecurity partnerships were announced in Q1 2026:

• SentinelOne expanded its strategic collaboration with Google Cloud on March 25, covering EDR, AI app security, and threat intelligence in a multi-year deal.
• Palo Alto Networks built an AI-factory security alliance with Nokia and others on March 2, aiming to secure the physical and digital foundations of sovereign AI infrastructure.
• SentinelOne and Cloudflare expanded their partnership on March 16 so SentinelOne's AI SIEM can ingest Cloudflare telemetry for stronger detection and automated response.

The pattern is clear: cybersecurity partnerships are increasingly about plugging into hyperscaler and infrastructure ecosystems, not just co-marketing agreements.

Have there been any notable technology or infrastructure breakthroughs in the cybersecurity market?

Q1 2026 saw meaningful cybersecurity product launches focused on securing AI agents:

• Palo Alto Networks launched Prisma AIRS 3.0 on March 23, covering agent discovery, risk assessment, red teaming, governance, runtime protection, and an AI Agent Gateway.
• Cisco expanded its AI Defense platform and launched AI-aware SASE on February 10, adding supply-chain governance, runtime protections, and post-quantum-ready networking.

Both launches show that cybersecurity vendors are moving beyond simple AI visibility toward full lifecycle control of AI agents, which could become a standalone product category soon.

Have any companies restructured or shifted pricing or business model in the cybersecurity market?

We did not spot any major restructuring, pricing changes, or business model shifts during Q1 2026 in the cybersecurity market.

Are there any other notable wins or successes in the cybersecurity market?

We did not identify any other major wins or successes beyond what is already covered above during Q1 2026 in the cybersecurity market.

What is the overall sentiment in the cybersecurity market right now?

Are there any notable recent opinion pieces, thought leadership about the cybersecurity market?

One major piece of thought leadership stood out in Q1 2026:

• Gartner published its top cybersecurity trends for 2026 on February 5, highlighting agentic AI oversight, regulatory volatility, and post-quantum cryptography as the three themes that will shape enterprise security budgets this year.

Gartner's trend list matters because it influences how CISOs and boards prioritize their cybersecurity spending over the next 12 to 24 months.

Are there any interesting and recent market research reports about the cybersecurity market?

Two notable cybersecurity market research reports were published in Q1 2026:

• Check Point published its 2026 Cyber Security Report on January 28, revealing that organizations faced an average of 1,968 cyberattacks per week in 2025, up 70% since 2023, with AI helping attackers move faster.
• Recorded Future released its 2026 State of Security report on February 12, arguing that cyber operations have become a core tool of geopolitical power, tightly linked to espionage, coercion, and persistent state pressure.

Both reports paint the same picture: the cybersecurity threat landscape is getting worse, not better, which supports continued strong spending on defense tools and services.

Have there been any regulatory changes, policy updates, or new compliance requirements in the cybersecurity market?

One significant cybersecurity regulatory development happened in Q1 2026:

• The European Commission proposed a revised EU Cybersecurity Act on January 20, 2026. The package aims to strengthen resilience, reduce fragmentation across member states, improve ICT supply-chain security, and simplify cybersecurity certification while giving ENISA a stronger role.

If adopted, this new regulation could change how cybersecurity products are built, tested, certified, and sold across Europe, creating both compliance costs and new business opportunities.

Who is the author of this content?

NEW MARKET PITCH TEAM

We track new markets so founders and investors can move faster

We build living “market pitch” documents for emerging markets: from AI to synthetic biology and new proteins. Instead of digging through outdated PDFs, random blog posts, and hallucinated LLM answers, our clients get a clean, visual, always-updated view of what’s really happening. We map the key players, deals, regulations, metrics and signals that matter so you can decide faster whether a market is worth your time. Want to know more? Check out our about page.

How we created this content 🔎📝

At New Market Pitch, we kept seeing the same problem: when you look at a new market, the data is either missing, paywalled, or buried in 300-page reports that feel like they were written in the 80s. On the other side, LLMs and random blog posts give you confident answers with no sources, and sometimes they just make things up. That’s not good enough when you’re about to invest real money or launch a company.

So we decided to fix the experience. For each market we cover, we build a structured database and update it on a regular basis. We track funding rounds, fund memos, M&A moves, partnerships, new products, policy changes, and the real activity of startups and incumbents. Then we turn all of that into a clear “market pitch” that shows where the opportunities are and how people actually win in that space.

Every key data point is checked, sourced, and put back into context by our team. That’s how we can give you both speed and reliability: fast coverage of new markets, without the usual guesswork.