TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources CYBERSECURITY OPERATIONS ENDPOINT SECURITY СLOUD SECURITY IDENTITY & ACCESS MANAGEMENT SECURITY Since 2006, Dark Reading has been at the forefront of covering cybersecurity, providing deep insights and analysis beyond the headlines. All those major news events? We were there. Shifts in technology trends? We wrote about them. Enjoy this special anniversary coverage celebrating where we've been and what's next. Cybersecurity Evolution: How We Went From Perimeter Defense to AI-Native Security The cybersecurity industry of 2006 barely resembled today's billion-dollar behemoth. As part of Dark Reading's 20th anniversary celebration, we trace the industry's evolution through a technology lens. Fahmida Y. Rashid,Managing Editor, Technology & Features,Dark Reading May 27, 2026 6 Min Read SOURCE: ALEKSEY FUNTAP VIA ALAMY STOCK PHOTO Twenty years ago, the cybersecurity industry looked completely different, with its primary focus on antivirus software and firewalls. It wasn't even on anyone's radar that there were so many devices on our networks that you could connect to and manipulate without any username or password. And while the HTTPS protocol was introduced in the 1990s, the idea that data needed to be encrypted in transit was not yet widely adopted. Today, cybersecurity is no longer a back-office function but a strategic priority for most organizations. C-suite executives and boards are beginning to realize that security and business continuity go hand in hand. The hackers who were breaking things two decades ago are now leading defense teams and running companies. Technology is at the heart of many of the changes we've seen over the years. As people embraced cloud and mobile technologies in how they work and live, cyberattackers adapted their tactics. Cybersecurity defenses also had to adjust and address the growing volume of threats. As part of our special 20th anniversary coverage, we're focusing on cybersecurity technology to understand where the industry used to be, and where it is headed. There has been significant innovation over the years, and the startup ecosystem that fuels it looks entirely different. We have whole product categories that didn't exist before, and many technologies have evolved to "next-generation" versions. And the thing about change? It doesn't stop — we are already seeing how AI is spurring the next wave of technology innovation. Click here for all the articles in our DR20 package as we roll them out throughout May. Infrastructure Changes Required New Defenses Cybersecurity was traditionally aligned most closely with the networking side of IT. The focus was on keeping attackers out of the network using technologies that either blocked traffic or granted access to specific users. The network was flat and generally tied to a single corporate campus. “It used to be that if the endpoint got flagged, IT would reimage the machine and move on. If the firewall saw the bad traffic, block the IP address and move on,” says Fernando Montenegro, vice president and practice lead for cybersecurity and resilience at The Futurum Group. But as the infrastructure became more complex — different types of devices, geographically disparate, and diverse applications — the defender's mindset had to shift. “You can have all the network security in the world, but if everyone has domain admin [privileges], there is no point.” Short History of Technology Advancements And infrastructure changed dramatically over the past two decades, starting with cloud and mobile, the rollout of Internet of Things into pretty much everything, to AI, says Richard Stiennon, founder of cybersecurity analyst firm IT-Harvest, who writes for The Security Industry Substack newsletter, and a former Gartner vice president. The early 2000s brought cloud computing and software-as-a-service to the forefront. Salesforce, arguably the first modern software-as-a-service company, was founded in 1999. Amazon established Amazon Web Services in 2002 to help developers build applications and launched both Simple Storage Service (S3) and Elastic Compute Cloud (EC2) in 2006. Organizations considered the promised cost savings, operational efficiencies, and performance improvements as they developed their cloud migration plans. Mobile was not far behind. The first BlackBerry with phone functionality debuted in 1999, the first iPhone in 2007, and the first Android (HTC Dream) in 2008. Security teams now faced the reality that the organization had many applications running on servers outside their control, and the bring-your-own-device trend meant much of the data was no longer behind corporate walls. Then came the Internet of Things — Dark Reading’s first mention of IoT dates to 2013 — and enterprise defenders had to deal with the fact that the organization’s attack surface had expanded significantly and was continuing to grow. An increasingly remote and mobile workforce made identity and data protection more prominent. Technology Drove Security Innovation Cybersecurity’s expansion is directly tied to technological innovation, Stiennon notes. New security startups were founded to address new challenges, and technology companies added security capabilities and services to their existing platforms. Security teams sought diverse telemetry to understand what was happening in their environments and partnered with managed security service providers and other solution providers to address increased complexity. A system compromise now raises a whole new set of questions: which identities were involved, which other systems were affected, and which data were accessed. Security teams assess what else the attacker can do from the compromised device and determine whether the incident falls under disclosure rules set by the U.S. Securities and Exchange Commission (SEC). They also need to make sure their data strategies remain compliant with the European Union’s General Data Protection Regulation (GDPR). Two decades ago, the industry was small enough that most people knew each other, or knew someone who could broker an introduction. Threat intelligence was collegial and relied on these informal communications channels. Then iSIGHT Partners came along in 2007, and Recorded Future in 2009. Threat intelligence became a commercial product as companies comprehensively mapped threats, tracked attacker motivations, tools, and infrastructure, and analyzed the information to predict and identify threats. But despite all of these changes, cybersecurity principles remained the same: protect the infrastructure, update systems, and train people to behave securely. “Cybersecurity today looks nothing like it did 20 years ago, but cybersecurity also looks exactly the same,” says Ross Haleliuk, a startup advisor behind the Venture in Security Substack newsletter, noting that while teams now have to think about cloud provisioning and assigning proper access privileges, they still have to apply security updates and remind employees not to reuse passwords. “Bad ideas are still bad ideas.” Software Ate the Security World, Too It wasn’t just infrastructure that changed. The security tools changed, too. “Marc Andreessen was right when he said, ‘Software is eating the world,’” Montenegro says, paraphrasing the venture capitalist’s famous 2011 Wall Street Journal essay. The essay noted that major businesses and industries are being run on software and delivered as online services, and that physical businesses are increasingly becoming digital businesses. Similarly, Montenegro notes that many of the security capabilities and functionalities shifted from hardware appliances to software and services. In cloud environments, many of those hardware appliances became virtual appliances (basically, software). The numbers illustrate this shift clearly. Gartner projected worldwide end-user spending on information security to reach $239.8 billion in 2026. Gartner currently splits spending into three subsegments — network security at $25.8 billion, security services at $92.8 billion, and security software at $121.1 billion. That’s about half of worldwide security spending going to software versus a little over 10% to network security. Forrester’s 2026 Budget Planning Guide breaks it down even further: Organizations are spending 40% of their security budgets on software, 29% on security personnel, 15.8% on hardware, and 15% on outsourcing services. Compare Gartner’s software security spending figure to 2006, when Gartner said worldwide spending on security software was $8.7 billion. The total market in 2006 was a little under $30 billion — which means software accounted for less than a third. And back in 2006, security software had a narrower definition: endpoint software such as antivirus, anti-spyware, web filtering software, anti-spamware, and anti-phishing tools; system software for encryption; and software-based firewalls, which was often included with the operating system. Security software sure looks different now. Organizations are increasingly focused on platforms rather than standalone tools, just as unified secure access service edge (SASE), zero trust network access, and extended detection and response (XDR) platforms that consolidate endpoint security and security information and event management (SIEM) capabilities. The dramatic shift towards software spending rather than network spending is fueled partly because of companies continuing to move from on-premises to cloud-based systems. According to Gartner, cloud security posture management and cloud access security brokers are some of the main drivers. Want more Dark Reading stories in your Google search results? ADD US NOW More Insights Industry Reports How Organizations Are Managing Incident Response How Enterprises Are Develo