Fatima Boolani, managing director and co-head of U.S. software equity research at Citi, has highlighted a significant disconnect in the cybersecurity market as the anticipated growth in security budgets has not materialized in conjunction with the rise of artificial intelligence (AI). Speaking at the RSAC Conference 2026, Boolani noted that while AI has expanded the attack surface for organizations, it has yet to drive the budgetary increases that many investors expected. This lag is impacting the valuations of cybersecurity firms.
Boolani’s observations are particularly relevant in the context of early 2026, when multiple cybersecurity vendors reported earnings that exceeded expectations and subsequently raised their guidance. Despite this positive performance, their stock prices suffered declines. “We haven’t seen realizable growth in those budgets. We’ve definitely seen an uptick in budgetary growth, but it’s not an order of magnitude better, as you would maybe expect with AI being a vector that’s consequentially changing the attack profile or the attackable surface of the average organization,” she remarked.
The challenges faced by the cybersecurity sector are indicative of broader market trends. As organizations increasingly integrate AI into their operations, the potential for security vulnerabilities has also escalated. Boolani emphasized that while there is heightened awareness regarding these risks, the growth in budget allocations for cybersecurity measures has not kept pace with the evolving threat landscape. This has raised concerns among investors about the sustainability of the cybersecurity market’s growth trajectory.
In her discussion, Boolani also addressed the convergence of Development, Security, and Operations (DevSecOps), noting that it has stalled due to procurement barriers rather than technological deficiencies. Her insights reflect a growing recognition within the industry that while technology can enable enhanced security protocols, the financial commitments required for implementation and integration remain a sticking point for many organizations.
Furthermore, the emergence of large language models poses a competitive challenge to established Security Information and Event Management (SIEM) platforms, such as those offered by CrowdStrike and Palo Alto Networks. As these new models become increasingly sophisticated, they may disrupt traditional market dynamics, raising questions about how legacy platforms will adapt to these advancements.
Boolani’s expertise in equity research is backed by over a decade of experience at leading Wall Street firms, where she has built a strong track record in stock selection and gained trusted insights into the enterprise software and security markets. Her analysis serves as a crucial reminder of the complexities facing investors in the cybersecurity space, particularly as AI continues to evolve and reshape the landscape.
As organizations navigate the implications of AI on their cybersecurity frameworks, the call for increased budgetary support is likely to intensify. The disconnect between rising threats and stagnant budget growth presents an opportunity for stakeholders to reevaluate their strategies and investments in cybersecurity. Moving forward, sustaining investor confidence may depend on demonstrating more substantial financial commitments and innovative solutions to address the expanded attack surface that AI presents.
See also
Palo Alto Networks Launches Prisma AIRS 3.0 to Secure AI Agents in Cloud Environments
Agentic AI Raises Cybersecurity Concerns: Insights from Harvard Panel on Risks and Governance
AI Cybercrime Surge: 1,200% Increase in 2025 Signals $40B Losses by 2027
UAE Faces 700,000 Daily Cyberattacks as AI Intensifies Digital Threat Landscape
