
This data viewpoint draws on the ‘HFS Horizons: Cybersecurity Services, 2025’ report to examine how firms across industries are engaging with cybersecurity providers. The focus is on the banking, manufacturing, retail, telecom, and energy industries that show the most client case activity, shedding light on how their needs are shaping the future of cybersecurity services. These industries are not just reacting to threats but influencing how providers are enabling innovation, delivering outcomes, and structuring engagement.
- Enterprises across industries are embedding AI and GenAI into threat detection, alert summarization, and automated response. In banking and financial services, AI-driven fraud detection and biometric authentication are now baseline expectations. Manufacturers and telecom firms are integrating AI into MDR and SOC operations to reduce response time and operational load. Retailers and utilities are using AI-powered analytics to secure omnichannel systems and critical infrastructure. The real ask now is explainable, production-ready GenAI that supports both detection and security of AI systems.
- The shift to zero trust security architectures is now foundational. Enterprises want protection that cuts across identity, data, applications, and OT systems. This need is especially clear in the manufacturing and energy sectors, where IT and OT systems are converging and exposing new security gaps. In telecom, the rise of 5G and IoT calls for stronger authentication and unified policy enforcement. Buyers expect vendors to bring passwordless IAM, faster deployment, and hands-on support to make zero trust work, even in older or fragmented environments.
- Evolving regulations such as DORA, NIST 2.0, and SEC are pushing enterprises to adopt embedded compliance frameworks, automated GRC, and sector-specific controls. This is especially pronounced in banking, energy, and retail, where audit-ready blueprints, automated evidence generation, and localized support for jurisdiction-specific mandates are table stakes. As enterprises race to stay ahead of fast-changing rules, providers that can localize compliance and quantify risk stand out.
- Industry-specific expertise is no longer optional. Providers are building OT security playbooks, regulatory frameworks, and custom controls that reflect real-world threats, specifically in the BFSI, manufacturing, and energy sectors. This focus on vertical alignment helps clients manage risk more effectively and realize faster outcomes from cybersecurity investments.
- Boards and executive teams demand measurable outcomes and defensible ROI, not just activity metrics. CISOs must justify spending with clear business impact, making risk quantification and outcome-based metrics critical.
The Bottom Line: Enterprises and their service providers must move beyond traditional managed services to become strategic partners focused on digital trust and business continuity.
The shift from reactive, technical protection to proactive, business-aligned resilience is essential. Those that invest in solution-driven collaboration, co-innovation, and joint initiatives will be best positioned to drive sustainable growth and secure a competitive advantage.