European organisations are increasing spending on security for autonomous AI systems, according to analysis by CONTEXT. The shift is emerging as a new driver of cybersecurity investment across the region.
Its Q2 2026 forecast found identity-focused security models were among the fastest-growing areas of cybersecurity spending in the first quarter. The research suggests priorities are changing as businesses deploy AI agents that can operate without direct human oversight and gain access to corporate systems, data and workflows.
That is creating a new class of digital identity inside company networks. Unlike traditional security tools built around users, devices or network boundaries, these systems are designed to monitor and control software entities that can make decisions or act independently.
Joe Turner, vice president of research at CONTEXT, said businesses were adapting to a broader definition of cybersecurity risk.
"The development marks a meaningful shift in how businesses are approaching cybersecurity," Turner said.
He said the change reflected an expansion in what companies now need to protect: "As the boundaries of what needs to be protected expand beyond people and devices to include autonomous AI agents making independent decisions across corporate infrastructure."
Software shift
The findings also show a broader move towards zero-trust security models and automated compliance tools. CONTEXT said this points to a different kind of spending cycle from earlier periods, which were often driven by data breaches or routine hardware replacement.
Instead, the current market appears to be shaped by structural changes in corporate technology use. Growing adoption of AI systems, combined with tighter regulation, is pushing companies to reassess how they manage access, monitor behaviour and prove compliance.
Several European rules are expected to add to that pressure. NIS2, DORA and the AI Act are all set to increase compliance-related spending in the second half of the year as organisations prepare for stricter requirements and the risk of financial penalties.
This regulatory backdrop is a major reason CONTEXT expects cybersecurity software growth to accelerate through the rest of the year. Although software growth in the first quarter was 1.4% year on year, that figure masked stronger underlying demand.
The comparison with the same quarter a year earlier was unusually difficult. In the first quarter of 2025, cybersecurity software revenues rose by nearly 20%, making it one of the strongest quarters in recent years and setting a high base for subsequent growth comparisons.
Against that backdrop, even modest expansion suggests budgets remain resilient despite competing demands from personal computer and infrastructure spending. The data indicates that security software retained priority even as many organisations faced broader technology cost pressures.
Identity risk
The report argues that AI systems with direct access rights should increasingly be treated like privileged employees or contractors. If an AI agent can access financial systems or customer records, it becomes part of the identity and access management challenge rather than a separate technical issue.
"The nature of what organisations need to secure is changing faster than most security strategies have kept pace with," Turner said.
He added: "An AI agent with access to financial systems or customer data is a security risk in the same way a privileged human user is. The tools to manage that are still maturing, but investment is starting now, ahead of the regulatory deadlines that will make it non-negotiable."
The figures also underline an ongoing divide between software and hardware in the cybersecurity market. Cybersecurity hardware sales fell 5.7% in the first quarter as buyers favoured software-based approaches over traditional appliances and perimeter products.
CONTEXT expects that divergence to continue, with hardware becoming a narrower part of the market. Demand for physical security infrastructure is likely to be concentrated in sovereign systems, industrial resilience projects and settings where compliance rules require more specialised deployments.
The company tracks more than £200 billion in annual technology sales transactions through its market intelligence systems, giving it a broad view of purchasing patterns across the global technology sector.