Cyber Gaps Cost Mexico Firms Millions Despite Rising Budgets

While 66% of Mexico’s organizations plan to increase their digital security budget in 2026, 47% reported security breaches costing up to US$10 million in the last three years, reveals the Digital Trust Insights 2026 report from PwC. However, only 40% exhaustively measure the potential financial impact of these cyber risks.

“The cybersecurity risk landscape continues to expand as technologies advance, economies transform, and markets evolve,” reads the report. “This may involve positioning cybersecurity and data protection as strategic differentiators, integrating controls, governance, and risk management to mitigate threats, drive business, and increase resilience.”

Mexican organizations report feeling significantly less prepared for "hack-and-leak" operations, with 44% citing it as a primary challenge, compared to only 21% globally. This challenge is followed by cloud-related threats (40% in Mexico vs 33% global) and attacks on connected devices (30% in Mexico vs 28% global). 

The report identifies clear opportunities for improvement in data privacy and trust, particularly in correcting cloud misconfigurations, insufficient access controls, and managing digital supply chain dependencies.

Additionally, the geopolitical environment is reshaping cybersecurity governance. In response, companies in Mexico are increasing investment in cyber risk and modifying operational policies. This scenario demands reinforcing controls in the cloud and the supply chain from the design phase.

Investment Priorities: Cloud and AI

In direct response to the identified threats, budget allocations for 2026 reflect a clear focus, PwC reports. Forty six percent of executives in Mexico prioritize cloud security in their budget, a figure consistent with the 40% who identify cloud threats as a primary challenge.

The five main investment priorities in Mexico are cloud security (46%), AI (37%), threat management (32%), managed cybersecurity services (26%), and data protection and trust (25%).

These expenditures are driven by three main factors: technological modernization (51%), data protection (48%), and the improvement of existing technological investments (37%). The report emphasizes that strengthening cloud security is a key enabler for safely scaling AI solutions, which requires identity and access management (IAM) and continuous data protection.

AI presents a dual perception in the Mexican market. On one hand, AI-powered malware is the top concern for 69% of respondents, followed by AI attacks on the supply chain (62%) and deepfake risks (51%). On the other hand, organizations are proactively adopting AI for defense, primarily in AI threat hunting (63%) and vulnerability assessments (44%).

However, the report reveals a critical governance gap: only 37% of organizations in Mexico said they have implemented responsible AI practices in their cybersecurity strategy. This finding is central, as the potential of defensive AI is intrinsically linked to a strategy based on governed data and clear principles of responsibility.

The barriers to this adoption are not purely technological. Five out of 10 respondents cited a lack of experience in using AI for cyber defense as their main internal barrier. Four out of 10 mentioned the lack of relevant skills and that their leaders are not yet clear on the value of AI in this area. For defensive AI to be effective, it requires a comprehensive strategy based on three pillars: solid governance of data and models, an ecosystem of expert talent, and efficient security processes.

CISO Evolution and the Strategic Agenda

The gap between strategy and execution places new demands on leadership. The report documents the evolution of the Chief Information Security Officer (CISO) role, shifting from a technical custodian to a strategic orchestrator.

This transformation is reflected in collaboration levels: 43% of area executives interact weekly with the CISO. Collaboration is high in key decision-making areas:

• Investment planning with the CFO (58%).

• Technology and infrastructure deployment with the CIO/CTO (58%).

• Data classification and encryption review with the CDO (58%).

• Regular reports and meetings with the board of directors (50%).

This integration aims to position cybersecurity as a strategic function aligned with the business. There is a trend toward proactivity: 57% of executive leaders indicated they invest more in preventive than reactive measures. To close talent gaps, 55% plan to develop their employees (upskilling and reskilling) and 56% will integrate advanced capabilities such as AI.

The report concludes with a strategic agenda to transform cybersecurity from a cost center to a growth enabler. The main recommendation is to eliminate the strategy-execution gap. Organizations are urged to empower the CISO as an architect of digital trust and to transform technical communication into business decisions, presenting vulnerabilities in terms of business impact to materialize strategic investments. Key priorities include implementing cloud security from the design phase and investing in data hygiene before deploying AI, allowing companies to monetize digital trust as a strategic differentiator.