Cybersecurity has evolved from a behind-the-scenes technical issue into a major macroeconomic topic and a key part of the 2026 VC market. Global cybercrime is projected to cost the world $10.8 trillion by 2026, according to Cybersecurity Ventures. If it were an economy, it would rank behind only the US and China. For investors and policymakers, the focus has shifted beyond managing risk to dealing with system-wide exposure and building a strong preventive infrastructure.
This shift is visible in funding. As digital infrastructure becomes tied to national security, cybersecurity is now grouped with space and dual-use technologies within the broader defence and resilience sector. Dealroom data shows it was one of the most funded defence verticals in 2025. In the US alone, startups raised $335 million, breakout-stage companies — $1.8 billion, and scaleups — $4.9 billion.
M&A activity was also strong. Google's $32 billion bid for cloud security firm Wiz helped set the pace for consolidation, followed by Palo Alto Networks' $25 billion acquisition of CyberArk, which specializes in identity and access management.
A broad look: cybersecurity in a global VC market
Global VC spending in cybersecurity totaled $13.97 billion across 392 funding rounds in 2025, according to PitchBook data analyzed by Pinpoint Search Group. That’s a 47% increase from $9.5 billion in 2024 and a 30% rise from 304 deals, making 2025 the strongest year since 2022, though still below the 2021 peak of $20.6 billion.
Early-stage — seed and Series A — rounds made up 63% of deals but raised less capital, while 30 mega-rounds above $100 million captured 49% of total funding despite representing only 8% of deals. This suggests investors are mostly looking for scale, backing high-growth platforms that can combine security across cloud, identity, and AI-driven environments.
At the segment levels, identity and access management plus security operations drew the most capital in 2025. In contrast, more mature areas such as endpoint and network security saw weaker standalone VC interest, as companies shifted towards broader platforms, reducing venture backing in those single-solution tools.
Several of the largest rounds raised during the year illustrate this shift toward scale and consolidation.
- Saviynt, a cloud-native identity governance and administration platform, closed a $700 million Series B;
- ReliaQuest secured $500 million in growth funding to expand its threat detection and response capabilities;
- Cyera raised $500 million in a Series E for its cloud-native data security platform, followed by an additional $400 million Series F in January 2026;
- Cato Networks raised $359 million to scale its cloud-native networking and security platform;
- Digital identity provider ID.me closed a $340 million Series E.
Exit and M&A activity also remained strong in 2025
The clearest example came in March, when Alphabet acquired Wiz for $32 billion, pivoting the cloud security leader from IPO plans into Google Cloud. The scale of the deal, reportedly including a $1 billion employee retention pool, showed how strategically critical cloud-native security platforms have become for hyperscalers facing enterprise and regulatory pressure. Outside of Google, Palo Alto Networks led as the top acquirer by value, purchasing CyberArk in July for $25 billion for identity security, alongside a $3.35 billion deal for Chronosphere in November to bolster observability.
These moves signal an aggressive phase of platform consolidation in cybersecurity, as industry leaders such as Google and Palo Alto Networks race to assemble end-to-end security stacks.
In the public market, Netskope’s September IPO, which raised roughly $900 million and valued the company at over $8 billion, marked the largest cybersecurity listing of the year and one of the most significant exits in the sector since 2021.
Cybersecurity VC market in Europe
According to Pitchbook, as of 2025, European startups have raised approximately €2.7 billion across 266 deals, outpacing investment levels in 2024. Unlike many other sectors that are contracting or stagnating, cybersecurity is showing visible momentum across the continent.
These market figures reflect two important trends on the ground:
- The first is security demand tied to AI adoption.
Attackers increasingly deploy AI for even more harmful and sophisticated security breaches. In turn, investors are placing bets on startups that harness AI as an operational leverage. Dublin‑based Tines raised $125 million in a Series C this year for its automation platform, which autonomously triages alerts, distills incidents, and suggests remediation steps in enterprise environments.
Israeli companies such as Seemplicity and Legion are pushing this further with autonomous AI agents designed to reduce exposure windows faster than human teams can. Noma Security, another company with a $100 million round, focuses on defending agentic AI systems themselves, recognising that the very technologies that are attracting capital could also face cyber threats.
- The second driver is defense and national security.
Cyber warfare is now a budget priority across European capitals: the EU this year allocated €145.5 million specifically to strengthen cybersecurity capabilities for small and medium-sized enterprises and public administrations. Venture capital is following suit. Israeli firm Dream closed a $100 million Series B to expand software protections for critical national infrastructure, and Rome‑based Exein, which embeds cybersecurity onto small and industrial devices, cited increased defence spending as a catalyst for domestic growth after its €70 million Series C.
How AI is reshaping the cybersecurity landscape
Looking at the largest cybersecurity deals globally and across Europe, there is a common theme we see reflected in the numbers as well as in the narrative about the industry — AI. It is now the defining force both in the anticipated threats and in the ways companies aim to fight them. As attackers and defenders both embed autonomy and continuous learning into core systems, traditional security models are proving insufficient.
As Forbes notes, agentic AI systems are greatly accelerating the pace of cyber attacks. What takes humans days to accomplish can now be done in minutes. Autonomous agents can continuously probe networks, generate polymorphic malware, and execute sophisticated phishing campaigns enhanced by deepfake audio and video. These dynamics are amplified by AI-as-a-service marketplaces that make these tools accessible even to low-skill actors. The industry now treats these widely available attack tools as a basic risk, which means defenses have to operate at the same speed and flexibility.
In turn, on the defensive side, security teams and vendors are abandoning incremental automation for AI‑native architectures — platforms that learn normal behavior, detect deviations autonomously, and act at machine pace. PitchBook’s data shows that by late 2025, AI‑centric companies accounted for more than 50 % of global cybersecurity VC deals. Across funding stages, VC markets have rewarded AI cybersecurity models with premium valuations, faster fundraising cycles, and larger tickets than their non-AI peers.
Several of the year’s largest financing rounds illustrate how broadly AI is being applied across the security stack:
- Consumer-focused Aura raised $140 million in a Series G round to scale its AI-orchestrated protection platform. Built around its proprietary Aura Intelligence system, the company has leaned into automation and personalization as a way to manage increasingly complex consumer threat surfaces. In enterprise data security,
- Cyera has emerged as one of the clearest beneficiaries of the AI wave. Its platform uses machine learning to classify sensitive data, assess exposure, and enforce policy dynamically across cloud environments. After a rapid succession of late-stage rounds through 2025, the company entered 2026 with a $400 million Series F that valued it at $9 billion.
Identity has become another fault line. As synthetic fraud and deep fakes proliferate, knowing who or what is behind an interaction is no longer trivial. Persona’s $200 million Series D reflected that shift, backing its API-first identity verification infrastructure designed to authenticate both humans and AI agents. The company has framed the moment as an “identity authenticity crisis”.
What to expect in 2026?
Taken together, these shifts point to a cybersecurity market entering a more structural phase. In 2026, the defining challenge will not be the novelty of new threats, but their normalization. Autonomous attackers, synthetic identities, and industrialised cybercrime will be part of the baseline environment in which organizations operate. That pushes security out of the back office and into core business strategy, alongside decisions about infrastructure, identity, data governance, and risk ownership. The companies that hold up best will be those that assume constant pressure, design for machine-speed conflict, and treat cybersecurity as a condition of doing business rather than a defensive add-on.
