Cybersecurity Sector Insights | Q2 2026
Cybersecurity is entering a new phase of strategic importance for enterprise and SME firms alike. As companies’ digital footprint expands further into cloud, hybrid IT and AI-enabled operating models, their IT environments become more complex, interconnected and harder to protect against intrusion and malicious activity. This further increases the sustained need for security solutions that can protect critical systems across fragmented architectures.
Cybersecurity Sector Insights | Q2 2026
AI has enshrined itself as the defining force reshaping the sector. Firstly, it provides attackers with the ability to scale faster, automate large parts of the attack lifecycle and increase the sophistication of phishing, fraud, exploit development, etc. Secondly, AI has become an essential tool for defensive cyber teams to prioritise alerts, detect anomalies and accelerate responses to threat actors to handle a rising number of cyber attacks that are increasingly difficult to handle manually.
As attackers increasingly rely on identity-based attack methods through capturing of valid credentials, exploiting excessive permissions and trusted access paths, the sector has continued its shift from reactive to preventive and identity-led defence. Aided by the introduction of further regulation such as NIS2, DORA and the Cyber Resilience Act, cybersecurity is increasingly treated as a board-level risk and compliance topic. Thus, cyber spend becomes more resilient and focused on a strong technology stack that delivers control, auditability and integration across complex IT environments.
In public markets, cybersecurity continues to stand out driven by product differentiation and necessity, organic growth, scale and profitability, while strategic buyers remain highly active in M&A with private equity players exhibiting increased interest in the sector. Consolidation is primarily being driven by the need to add specialist capabilities and address priority areas such as cloud security, identity or AI-enabled defence.
Overall, we believe these forces to be supportive of further investment activity and strategic interest in differentiated cybersecurity companies.
How AI is reshaping the Cybersecurity Landscape
The global cybersecurity landscape is being reshaped not only by a persistently high threat environment, but increasingly by the structural complexity of modern enterprise IT. As organisations scale across hybrid and multi-cloud environments, they are expanding and thus fragmenting the attack surface that security teams must monitor, control and defend. Today, 88% of organisations operate across hybrid or multi-cloud environments, while 81% rely on two or more cloud providers to run critical workloads, placing architectural scale and fragmentation at the centre of cybersecurity complexity.
Organisations face a threat environment defined by its consistency and broadening scope. Microsoft processes more than 100 trillion security signals, blocks 4.5 million net new malware files, screens 5 billion e-mails and analyses 38 million identity risk detections daily, illustrating the scale and breadth of the threats organisations must now defend across increasingly distributed environments.
At the same time, attacks continue to exploit familiar but highly effective pathways, while becoming faster, more evasive and increasingly identity-led as expanding attack surfaces create more high-value targets, including AI agents. Phishing remains the dominant intrusion vector at 60%, yet malicious code is deployed in only 23% of successful phishing cases, meaning that attackers increasingly move across interconnected systems through legitimate access paths that are harder to detect and contain than overt malware.
Intrusions increasingly span multiple enterprise layers…
…with identity as the most frequently involved attack surface
MCF perspective
The key implication in the evolving cybersecurity landscape is not simply higher cyber risk, but a shift towards integrated, platform-led security solutions. Rising architectural complexity, faster attack cycles and lower-visibility intrusions are increasing the value of vendors that can simplify operations and improve visibility across identity, cloud, data and response at scale across fragmented IT and enterprise environments.
These dynamics are likely to concentrate budget and strategic interest around broader platforms with clear operational relevance. More isolated point solutions risk losing relevance unless they remain clearly differentiated, mission-critical or embedded in a control layer that cannot easily be replicated by larger platforms.
Sources: Fortinet (2026); Microsoft (2025); Palo Alto Networks Unit 42 (2026); ENISA (2025)
Download
The full report includes an in-depth analysis of how AI is reshaping the tech cybersecurity landscape, a public valuation update, M&A and Financing activity, and the DACH deal pipeline. It can be downloaded at the top of the page.
Contact us
If you have any questions about the report or would like to view the DACH deal pipeline, do not hesitate to get in touch with
Daniel Wahlmann, Director | Tech, Cybersecurity Lead