“The cybersecurity labor model is being quietly rebalanced,” said Ram Varadarajan, chief executive of Santa Clara-based cybersecurity firm Acalvio. “Organizations are not eliminating people, but they are reducing reliance on manual analysis in favor of automation that operates at machine speed.”

Alfred Huger, co-founder and chief product officer at AI cybersecurity firm Command Zero, said he expects chief information and security officers to focus on effectiveness over head count in 2026. “Most are evaluating how AI can elevate their existing teams before making hiring decisions,” Huger said.

The numbers

U.S. companies across all sectors posted 9,215 new cybersecurity jobs in November, down from 10,925 in October and 12,071 in January 2025, according to information-technology trade group CompTIA. There were a total of 24,612 job openings for cybersecurity workers in November, compared with 26,786 at the start of the year, the group said. Across all tech jobs, AI-related openings accounted for nearly half of the active tech-job postings in November.

After booming in the wake of the Covid-19 pandemic, 2025 corporate security budgets grew by an average 4%, a five-year low, according to a survey by Artico Search and cybersecurity firm IANS. Growth in cybersecurity staffing slowed to 7% in 2025, down from 12% the previous year, Artico and IANS said.

“Budgets are tight, and CISOs know that,” said Seth Spergel, managing partner at cybersecurity startup investor Merlin Ventures. “CISOs expect, and are expected, to gain efficiencies from the next generation of software. In some cases that means reducing lower-value roles,” Spergel said. Lower-value cyber jobs can include entry-level positions tasked with day-to-day security operations, such as IT auditors or compliance analysts.

Robb Reck, chief information, trust and security officer at Pax8, a small-business marketplace, said most CISOs are taking a “wait and see approach” to cyber hiring. Beyond market conditions, they are keeping a close eye on how AI is performing in automating routine security processes, while strategically deploying AI to handle repetitive tasks like threat detection and alert correlation, Reck said. A strict gauge of return on investment from these deployments will determine where spending goes in the year ahead, he said.

More with less

Even as economic uncertainty drives flat to modestly higher budgets, chief financial officers are expecting cyber teams to demonstrate measurable risk reduction, said Diana Kelley, chief information security officer at AI security and governance platform Noma Security. “The pressure is not simply ‘spend less’, but ‘prove value,’” Kelley said.

Gary Brickhouse, CISO of GuidePoint Security, said most employers are coming to terms with the reality that AI helps security teams perform more effectively by improving insights, accelerating access to information and automating execution. But they also know that human oversight remains essential, Brickhouse said.

“AI provides speed and scale, but security operations require auditable decisions, nuanced judgment, and the ability to adapt to novel threats,” he said.