After two years of contraction and cautious recovery, cybersecurity investment surged back in 2025 marking the sector’s strongest funding year since 2021, according to a new report from Pinpoint Search Group.
The cybersecurity recruitment firm tracked $13.97 billion in funding across 392 deals in 2025, a 47% increase from the $9.5 billion raised in 2024. Deal volume also jumped sharply, up from 304 rounds a year earlier, signaling renewed investor confidence after a prolonged market reset.
While funding still hasn’t returned to the $20.6 billion peak of 2021, the report notes that 2025 investment levels are now roughly on par with 2022, firmly establishing last year as the strongest period of the post-correction cycle.
Early-stage activity dominates the rebound
One notable shift: early-stage startups accounted for the majority of activity. 246 of the 392 funding rounds in 2025 went to early-stage companies, representing nearly two-thirds of all deals.
That trend suggests company formation remains healthy and that investors are again willing to back new cybersecurity platforms, even as scrutiny around go-to-market execution and real customer demand remains high.
“With almost $14 billion raised, 2025 was the strongest funding year for cybersecurity vendors since 2022,” said Mark Sasson, founder and managing partner at Pinpoint Search Group. “The outlook for cybersecurity founders for 2026 looks strong, with renewed investor confidence and the return of large, conviction-driven rounds.”
AI reshapes where capital flows
Pinpoint’s data highlights several structural forces driving the rebound, chief among them the rapid adoption of AI in enterprise environments.
As organizations race to deploy AI tools, governance and control frameworks are struggling to keep pace. That gap has made Governance, Risk, and Compliance (GRC) startups particularly attractive to investors, as companies look for ways to manage AI-driven risk, oversight, and compliance at scale.
Identity and Access Management (IAM) also remained a core investment theme in 2025. With cloud environments growing more complex and third-party access expanding, enterprises are prioritizing identity control, and investors are following the spend.
Industrialized cybercrime keeps demand high
The backdrop to all of this remains an increasingly aggressive threat landscape. Pinpoint points to the continued industrialization of cybercrime, including ransomware, fraud, and large-scale data theft, as a major driver of enterprise security budgets.
Those attacks cost organizations and in some cases, national economies billions in 2025, reinforcing cybersecurity as a board-level priority rather than discretionary IT spend.
That dynamic makes cybersecurity vendors particularly attractive in a tighter capital environment: demand is persistent, budgets are resilient, and risk tolerance for underinvestment is low.
What 2026 could look like
Looking ahead, Pinpoint expects continued selectivity rather than a return to the “growth at all costs” mindset of 2021. Investors are likely to focus more heavily on execution, revenue efficiency, and clear alignment with enterprise priorities, even as large rounds make a comeback in the right conditions.
The takeaway: cybersecurity may not be back to its bubble-era highs — but 2025 made it clear the sector is once again a top destination for serious capital.
