New research from Retail & Hospitality ISAC and IANS highlights AI as a source of innovation, driving increased investment and expanding CISO responsibilities as organizations maintain stable finances and staffing levels.
Vienna, Va., April 1, 2026 /PRNewswire/ – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) and IANS today announced the release of the 2026 CISO Benchmark Report, providing a comprehensive look at how cybersecurity leaders in the retail and hospitality sectors are keeping up with economic pressures, evolving threats, and the rapid rise of artificial intelligence (AI).
The 8th edition of the Retail & Hospitality ISAC CISO Benchmark Report, produced in partnership with IANS, provides insights from over 200 industry CISOs on finance, workforce and the impact of AI.
Based on data from over 200 Chief Information Security Officers (CISOs) working in the retail and hospitality industry, the report reveals that while cybersecurity budgets and staffing have remained stable, AI has emerged as the most important new challenge and opportunity facing security teams.
AI is becoming a Major Source of Conflict
This year, AI tops the list of points of contention for CISOs, ahead of ransomware and phishing. Seventy-one percent of respondents identified AI as a major concern, citing risks such as data leakage, human misuse, and inadequate regulatory oversight. At the same time, organizations are increasingly incorporating AI into their security operations, particularly for detection, analysis and reporting.
Despite these advances, CISOs stressed that AI is only adding to, not replacing, existing threats, adding complexity to an already existing cybersecurity landscape.
Aggregate Growth Reflects Economic Reality
The report shows that cybersecurity estimates are growing moderately rather than experiencing significant change. By 2025, defense spending has increased from 0.57% to 0.75% of revenue, while IT spending has risen from 3.2% to 3.9%. Looking ahead, 54% of CISOs expect budget increases in 2026, although many expect increased benefits.
In particular, nearly 90% of CISOs expect spending on AI-related security projects to increase, often by allocating existing funds rather than adding new funds.
Employees Remain Stable as Efficiency Comes First
The size of security teams is expected to remain largely unchanged through 2026, with organizations prioritizing efficiency over expansion. Although 35% of CISOs plan to add full-time employees, many expect to maintain current headcount and leverage AI to improve productivity. Contract jobs may decrease, especially in larger businesses.
Expanding the Role of the CISO
The report highlights the continued evolution of the CISO role, with responsibilities expanding beyond traditional security roles to areas such as AI governance, product security, and enterprise risk management. Seventy percent of CISOs reported that AI is included in their level of responsibility.
At the same time, structural challenges, such as competing IT priorities and budget constraints, remain top barriers to implementing security benchmarks.
Download a copy of the report here.
About RH-ISAC
The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) is a trusted community for sharing cybersecurity information and intelligence among retailers, restaurants, hotels, in casinosfood retailers, consumer goods manufacturers, and other consumer-facing companies. RH-ISAC brings together information security teams at the strategic, operational, and tactical levels to work together on issues and problems, share timely and actionable threat intelligence, best practices, and standards among others – all with the goal of building an improved security for the retail and hospitality industry through collaboration. rhisac.org
About IANS
IANS helps cybersecurity leaders act faster and make better decisions by providing expert insight and practical guidance from more than 170 experienced practitioners, benchmarking data, rich events, opportunities to share information with peers, and specialized consulting services. Learn more from IANS.
Media:
Annie Chambliss
[email protected]
202.431.9106
SOURCE of Sales and Accreditation ISAC
#CISO #Benchmark #Report #Finds #Driving #Era #Cybersecurity #Risk #Investment #Sales #Adoption