Nearly two-thirds (66%) of organizations globally plan to increase cybersecurity investments in the coming year amid today’s evolving threat landscape, according to new research from Marsh, an insurance broker, risk advisor and business unit of Marsh McLennan.
Marsh’s recent report, “Cyber Catalyst Report: Guiding Priorities for Cyber Investments,” draws insights from more than 2,200 cyber risk leaders from 20 countries and eight global regions.
Survey results show that nearly 75% of organizations globally express high confidence in their overall cyber risk management strategy. Confidence varies by region, with organizations in India, the Middle East and Africa having the highest confidence at 83%, and those in Asia having the worst confidence at 50%.
The report shows that organizations plan to increase investment in cybersecurity defenses in 2026, with more than a quarter (26%) planning to increase their budgets by 25% or more.
Top investment priorities include cybersecurity technology and mitigation, incident planning and preparation, and talent acquisition. UK organizations lead the way in planning to increase spending on cybersecurity, with 74% intending to increase spending in the next 12 months.
“Today’s evolving threat landscape requires not only increased investment but also a strategic, holistic approach to cybersecurity,” said Thomas Reagan, head of Marsh’s global cyber practice. “Our survey clearly shows that while many organizations are increasing their budgets, true resilience comes from balancing technology, talent and preparedness, especially when it comes to managing third-party risk. This momentum is critical as ransomware and privacy breaches remain the top threats globally, reminding us that cyber defense is no longer optional but a business imperative.”
Marsh’s research also found that 70% of organizations experienced at least one major third-party cyber incident in the past year, underscoring the importance of managing third-party and supply chain cyber risks as an integral part of an overall resiliency strategy.
Additionally, 29% of respondents ranked ransomware attacks and privacy breaches as their top cyber concerns.
