Spicy Bets for 2026
- We see at least one AI SOC exit to private equity and become the backbone of a services rollup
- By end of year, perverse marketing incentives mean the industry has still not consolidated on a single definition of what the heck an agent is anyways. “Agent” morphs into a marketing label across products with wildly different capabilities.
- At least 50% of AI Pentest companies won’t turn out to have a moat that’s durable in the face of foundation model advances
- At least one F100 has a major problem with deepfake impersonation of its senior execs
- Gartner will see a decline in their subscription revenue
- AI Security acquisitions will underperform revenue underwritten by acquirers
- Cybersecurity spend outside of CISOs (e.g., business unit) grows faster than traditional infosec budgets
- Security category where a unicorn will emerge: SIEM and/or Identity
- At least one cybersecurity product unicorn is revealed to be 95% professional services despite heavy AI and/or SaaS branding
- LLMs become trusted less for decisions and more for explanations
- Junior security roles decline faster than junior dev roles
If you’re building something in this space, feel free to reach out to jpark@forgepointcap.com and kshih@forgepointcap.com.
This blog is also published on Margin of Safety, Jimmy and Kathryn’s Substack, as they research the practical sides of security + AI so you don’t have to.
