Kiplinger reports that despite rising costs and economic headwinds, businesses are maintaining or increasing spending on artificial intelligence and cybersecurity projects, making these two categories effectively recession-proof in the current IT budget environment.
According to Kiplinger (June 2, 2026), rising costs are threatening certain segments of IT spending, but artificial intelligence and cybersecurity are two big exceptions. Businesses are unwilling to cut these projects even as other IT investments face scrutiny. This signals a structural shift in enterprise priorities, where AI and security are now considered non-discretionary, mission-critical expenditures.
The data suggests that enterprise buyers view AI investments as essential for competitive positioning and operational efficiency, while cybersecurity spending is driven by escalating threat landscapes and regulatory compliance requirements. This dual mandate creates a resilient demand floor for vendors in these segments, insulating them from broader macroeconomic volatility.
This trend has significant implications for enterprise technology strategy and vendor selection. Companies that fail to maintain AI and cybersecurity investments risk falling behind on both innovation and risk management, potentially incurring higher costs from security breaches or lost market share.
Base Case: Over the next 12–18 months, AI and cybersecurity budgets will grow at 10–15% annually, while other IT categories see flat or declining spend. This will accelerate consolidation among vendors that can offer integrated AI+security solutions.
Bull Case: If economic conditions worsen, AI and cybersecurity could absorb an even larger share of IT budgets as companies double down on automation and defense, potentially driving 20%+ growth in these segments.
Bear Case: A prolonged recession could force companies to defer some AI projects with longer ROI timelines, though cybersecurity spending is likely to remain resilient. The risk is that AI hype leads to overinvestment in unproven use cases, creating a correction when expected returns fail to materialize.
| Dimension | AI Projects | Cybersecurity Projects | Other IT Projects |
|---|---|---|---|
| Budget Priority | High – non-discretionary | High – non-discretionary | Medium – discretionary |
| Cost Sensitivity | Low | Low | High |
| Primary Driver | Competitive advantage, efficiency | Threat landscape, compliance | Cost optimization |
| Recession Resilience | High | Very High | Low to Medium |
| Expected Growth (2026–2027) | 10–15% | 10–15% | 0–5% or decline |
This bifurcation creates a clear strategic imperative: enterprises should prioritize AI and cybersecurity investments while scrutinizing other IT spend. Vendors that can demonstrate clear ROI in these two areas will command premium pricing and longer contract terms. The risk for enterprises is that they underinvest in foundational IT infrastructure (e.g., networking, storage) that supports AI and security workloads, creating bottlenecks that limit the effectiveness of their priority investments.
Thesis Invalidation: A major cybersecurity breach linked to an AI system, or a high-profile AI project failure that leads to significant financial loss, could trigger a pullback in both categories. Likelihood: Possible Observable Signal: Regulatory actions or class-action lawsuits related to AI failures, or a spike in cyber insurance premiums for AI-enabled systems.
Counterpoint: A skeptic would argue that the current resilience of AI and cybersecurity spending is a lagging indicator, reflecting budget commitments made before the full impact of rising costs was felt. As companies face margin compression, they may cut even these priority projects, especially if they fail to deliver measurable ROI within 12–18 months. This view has merit because many AI projects are still experimental, and cybersecurity spending can be optimized through better risk management rather than blanket investment. However, the thesis holds because the threat landscape continues to escalate, and AI adoption is being driven by competitive necessity, not optionality.
Alternative Interpretation: The same data could indicate that businesses are simply reallocating IT budgets from legacy systems to AI and security, rather than increasing overall IT spend. This would mean the total addressable market for IT is not growing, but shifting, which could create winners and losers among vendors without expanding the overall pie.
Based on Kiplinger's analysis, these two categories are resistant to cost-cutting pressures. → Allocate at least 30–40% of IT budget to AI and security in FY2027 planning, and establish clear ROI metrics to justify continued investment.
As budgets concentrate, vendors offering combined capabilities will gain pricing power. → Conduct a vendor assessment within Q3 2026 to identify platforms that can deliver both AI and security functionality, reducing integration costs and vendor lock-in risk.
While spending is resilient, the risk of overinvestment in unproven AI use cases is real. → Implement a portfolio review by Q4 2026 to sunset low-ROI AI projects and reallocate funds to high-impact initiatives, ensuring that AI spend remains defensible during any future downturn.