Artificial Intelligence (AI) topped the agenda for cybersecurity and business leaders when it comes to cyber budget allocations, addressing cyber talent shortages, and bolstering cyber defence capabilities over the next 12 months.
PwC’s 2026 Global Digital Trust Insights survey, released yesterday, revealed this. The survey, which interviewed 3,887 business and tech executives from across 72 countries and territories, also found that only around half of security and operations leaders say their organisation is ‘very capable’ of withstanding cyber-attacks, with only six per cent said they’re ‘very capable’ across all areas surveyed, even as new and emerging technologies including AI and quantum computing transform the cyber risk landscape.
PwC said less than or roughly half of organisations claimed they are “very capable” to address areas including weak authentication and access controls (55 per cent), vulnerable connected products/devices (48 per cent), with legacy systems (45 per cent) and supply chain vulnerabilities (43 per cent) among the weakest spots among the areas surveyed.
Consulting and Risk Services Leader, PwC Nigeria, Femi Osinubi, said: “As organisations in Nigeria advance on their digital transformation journey, the need for resilient cybersecurity strategies has never been more critical. AI presents a significant opportunity to strengthen cyber defence, with success dependent on addressing the skills gap and integrating these technologies into broader risk frameworks. Nigerian businesses must invest in AI-driven solutions while upskilling local talent. Combining technology and skills is key to protecting Nigeria’s digital economy and infrastructure.”
Global Cybersecurity and Privacy Leader, PwC US, Sean Joyce, said: “New and emerging technologies and a rapidly evolving and digitally interconnected global ecosystem and threat landscape have created a tipping point.
Cyber leaders must chart a path forward and that requires executive alignment. The most successful organisations are those where CISOs have a seat at the table and cyber is woven into business decisions. The organisations that will lead in the future are those investing in cyber, not just to respond, but to anticipate.
This year’s findings show that resilience comes from foresight, not hindsight. Organisations should ensure they are also investing in AI and cyber skills, prioritising the upskilling and re-skilling of their cyber teams in order to clearly and proactively map the cyber risks they face.”
PwC observed that, consistent with last year, nearly eight-in-10 (78 per cent) organisations said their cyber budget will increase over the coming year, highlighting the continuing importance organisations are placing in bolstering their cyber security capabilities as the risk landscape continues to evolve. Nearly one-third (32 per cent) of these said their budgets would likely increase six-10 per cent.
Looking within cyber budget priorities, investment in AI (36 per cent) was the top priority over the next 12 months, ahead of cloud security (34 per cent), network security (28 per cent) and data protection (26 per cent), as AI’s rapid advance continues to transform the digital landscape.
When looking at the AI security capabilities organisations are prioritising over the next 12 months, nearly half (48 per cent) of security leaders are prioritising AI threat hunting capabilities, with more than one-third prioritising other capabilities such as agentic AI (35 per cent).
The report noted that as organisations contend with a rising array of cyber risks, they are also increasingly putting a number behind it. Half now report using cyber risk quantification to measure financial impact to a significant or large extent, up from 44 per cent last year.
This comes as more than a quarter (27 per cent) of businesses said their most damaging data breach in the past three years cost their organisation at least $1 million, consistent with last year’s responses. The most exposed include enterprises with $5 billion or more in revenue (41 per cent), US-based companies (37 per cent), and TMT sector companies (33 per cent).
MEANWHILE, cybersecurity workforce shortages continue to impede progress as organisations operationalise AI, secure complex environments and prepare for the next generation of threats.
Half (50 per cent) of respondents said a lack of knowledge in the application of AI for cyber defence, or lack of relevant skills (41 per cent), were the biggest internal challenges to implementing AI for cyber defence over the last 12 months.
