Gartner forecasts end-user spending on information security in India to total $3.4 billion in 2026, up 11.7% from 2025, as enterprises confront AI-driven threats and DPDP Act compliance pressures. Security software remains the largest and fastest-growing segment at 12.4% expansion to $1.56 billion, driven by endpoint protection platforms (EPP), security information and event management (SIEM) and cloud security solutions. Network security and security services both project 11.1% growth to $437 million and $1.44 billion respectively, with managed detection and response (MDR) leading at 15.1%.
Shailendra Upadhyay, Sr Principal at Gartner, notes CISOs are shifting to dynamic, preemptive models addressing identity-based attacks like deepfakes and credential compromise elevated by DPDP requirements.
Identity-first security rises on executive agendas
Identity threat detection and response (ITDR) gains priority as AI-enabled attacks expand surfaces, reinforced by DPDP’s accountability mandates and global AI regulations. Alex Michaels, Director Analyst at Gartner, warns of compliance complexity pressuring CISOs to enable secure innovation beyond control-centric mindsets.
Enterprises must formalise cross-functional collaboration with legal and procurement to manage regulatory volatility.
Managed services address talent and complexity gaps
Managed security services surge as scalable alternatives to in-house specialisation, optimising costs while maintaining posture against sophisticated threats. Advisory services in architecture, forensics and incident response further fuel 11.1% services growth.
The Gartner Security & Risk Management Summit in Mumbai emphasises these trends, convening CISOs for actionable strategies.
CISO priorities for 2026: resilience and agentic AI
Global regulatory shifts demand flexible strategies ensuring compliance and resilience, with boards facing personal liability for breaches. Agentic AI introduces IAM challenges requiring governance, automated credentials and policy-driven authorisation for machine actors.
CISOs must orchestrate identity evolution to secure autonomous agents proliferating across workflows.
