22 September 2025
A recent report from Gartner predicts that by 2030, preemptive cybersecurity solutions will account for half of all IT security spending worldwide.
These advanced technologies utilise artificial intelligence and machine learning to detect and neutralise threats before they can cause harm. Gartner highlights that such tools encompass predictive threat intelligence, sophisticated deception techniques, and automated moving target defense capabilities, marking a significant shift in cybersecurity strategies.
Carl Manion, Managing Vice President at Gartner, emphasised that preemptive cybersecurity is poised to become the new standard for organisations operating within the interconnected layers of the global attack surface grid (GASG). He warned that traditional, reactive approaches — such as reliance on disaster recovery (DR) measures — are no longer sufficient against AI-enabled cyber adversaries. Instead, organisations must adopt proactive countermeasures capable of acting independently and preemptively to neutralise threats, or risk exposing themselves to escalating dangers.
This shift is driven by the rapidly expanding attack surface, fuelled by the rise of generative AI (GenAI). Gartner projects a surge in cybersecurity vulnerabilities, with over one million documented Common Vulnerabilities and Exposures (CVEs) expected by 2030—a 300% increase from the estimated 277,000 CVEs forecasted for 2025. This indicates an increasingly complex cybersecurity landscape that demands more sophisticated defenses.
A key focus highlighted by Gartner is the development of Autonomous Cyber Immune Systems (ACIS), which aim to use decentralised intelligence and tactical defenses to adapt proactively to threats. Although still in early stages, Gartner considers ACIS the future of digital defense, capable of responding swiftly and autonomously to emerging threats, rather than relying solely on reactive measures. Manion described ACIS as an essential evolution, asserting that deploying intelligent, decentralised, and adaptive cybersecurity frameworks is no longer optional but imperative for safeguarding a hyperconnected world.
Gartner also notes a strategic move toward highly specialised security solutions tailored to specific sectors, application types, or attacker tactics. These solutions will be driven by domain-specific AI models and agentic AI, enabling precise and effective defenses where generic products fall short. Opportunities exist for vendors to focus on niche markets such as healthcare, finance, manufacturing, and critical infrastructure, or to secure particular application types like industrial control systems, cloud-native applications, and AI/ML pipelines.
The report emphasises that collaboration and interoperability within the cybersecurity ecosystem will become increasingly vital. Because no single vendor can address the entire scope of the GASG, partnerships and integration across specialised solutions will be essential. For example, a vendor focusing on preemptive healthcare IoT security may need to work with other providers securing electronic health records or cloud platforms, fostering the development of standardised APIs and data formats to facilitate seamless cooperation.
Looking ahead, Gartner predicts that the broad transition toward preemptive and automated cybersecurity will reshape vendor offerings, organisational strategies, regulatory frameworks, and industry alliances. As AI-driven threats continue to evolve, the adoption of highly integrated, proactive defense systems is expected to become the primary line of defense for enterprises worldwide, safeguarding against the ever-expanding digital attack surface.
