News Desk
BROOMFIELD, Colo: Exabeam, a global leader in intelligence and automation that powers security operations, today announced the findings of its new multinational report, From Adoption to Accountability: The New Economics of AI in Cybersecurity. Based on a survey of 750 IT decision-makers responsible for security in organizations with 500+ employees across 12 countries, the research reveals a critical paradox. While cybersecurity budgets surge with unprecedented growth, security leaders race ahead on AI transformation while falling behind on measurement, justification, and strategic alignment.
According to the study, 95% of organizations in the Kingdom of Saudi Arabia (KSA) are confident cybersecurity investments are delivering business value. 97% of KSA organizations believe their current cybersecurity budget aligns with the threats they expect to face in 2026.
However, AI simultaneously holds three contradictory positions in budget planning for the KSA: it’s the top driver of increases (39%), the second investment that would be cut if budgets are tightened (42%) and the most challenging spend to justify to business stakeholders (22%). 75% also say AI is already improving speed and accuracy in security operations, with 38% believing that data enrichment and contextualization will be most impacted by AI in 2026.
“Security leaders are getting mandates to invest in AI, but nobody’s given them a way to prove it’s working. You can’t measure AI transformation with pre-AI metrics,” said Steve Wilson, Chief AI and Product Officer at Exabeam. “The problem isn’t that security teams lack data. They’re drowning in it. The issue is they’re tracking the wrong things and speaking a language the board doesn’t understand. Those are the budgets that get cut first. The window to fix this is closing fast.”
Unprecedented Budget Growth Driven by AI Transformation: For Saudi Arabia, cybersecurity investment trends in 2026 represent a significant shift, with AI and automation emerging as the primary catalyst for budget expansion (39%), followed by talent acquisition and workforce development needs (35%) and cloud infrastructure, mainstream business use of AI, and replacing legacy tools each contributing 32%. Organizations in the KSA are considering how cybersecurity and AI investment impacts the entire infrastructure, from channeling technology, to closing workforce gaps.
The Value Demonstration Gap Creates Vulnerability: While 95% of Saudi security leaders express confidence that their investments are delivering business value, 20% cite a lack of board understanding of the link between cybersecurity investment and business resilience as one of their biggest challenges in defending spend. 23% of Saudi security leaders found the biggest challenge to be an overemphasis on compliance compared to risk reduction. The disconnect reveals a critical vulnerability: 65% of security leaders report using quantified ROI and 58% use outcome metrics, yet boards and executives still don’t understand the connection between security investments and business risk.
The problem isn’t a lack of information, but a mismatch between security metrics and business-decision metrics. Security teams are relying on traditional security measurements that don’t translate into the business impact language boards need to evaluate investment decisions.
Regional Variations Show Diverse AI Adoption Strategies: Regional differences in AI adoption are striking. Saudi Arabia demonstrates the most aggressive position, with 75% reporting AI is already improving security operations, nearly triple the rate of Japan (27%) and the Netherlands (30%). These variations reflect different organizational priorities. Saudi Arabia’s figures align with broader national digital transformation initiatives, while European and Asian organizations emphasize careful evaluation and workforce preservation before scaling deployment.
“In Saudi Arabia, AI is being leveraged as a strategic advantage. The region’s willingness to embrace AI in cybersecurity is positioning it as a leading global hub, in line with regional initiatives including Saudi Vision 2030,” said Mazen Adnan Dohaji, Senior Vice President and General Manager, IMETA at Exabeam. “What stands out in the KSA is the improvements the region has already seen from AI adoption. Looking ahead, future investment will depend on closing the gap between operational success and the ability to clearly articulate financial or risk-reduction value at the executive level.”
Closing the Justification Gap: The cybersecurity industry is experiencing a rare moment of budget abundance, yet this creates a sustainability challenge. Security leaders are investing heavily in AI transformation while simultaneously struggling to articulate its business value to boards and CFOs. This isn’t a sustainable dynamic — budget abundance creates expectations, and organizations that can’t demonstrate clear value from AI investments risk seeing those budgets retracted when economic conditions shift.
The organizations that will thrive are those that recognize deployment is only half the challenge. Success requires developing new frameworks for measuring AI impact, creating outcomes-based metrics that tie security performance directly to business resilience, and establishing executive-ready communication that translates technical improvements into business impact language.
To access the full report, From Adoption to Accountability: The New Economics of AI in Cybersecurity, visit: https://www.exabeam.com/from-adoption-to-accountability
Methodology: This report is based on research conducted by Sapio Research on behalf of Exabeam in December 2025. The survey captured insights from 750 IT decision-makers responsible for security in organizations with 500+ employees. Respondents represented 12 countries across Europe (UK, Ireland, France, Germany, Netherlands), North America (USA, Canada), and Asia-Pacific and Middle East regions (India, Saudi Arabia, Singapore, Japan, Australia), spanning key sectors including technology, financial services, manufacturing, healthcare, retail, telecommunications, and government.
