Our conversations with CIOs and CTOs are becoming more grounded, more pragmatic, and in many cases more sceptical of hype as we look forward to 2026.

The question is no longer which technologies are emerging, but which investments will genuinely reduce risk, enable growth, and stand up to scrutiny.

To understand what is truly sitting at the top of leadership agendas, we asked technology leaders in our network where their focus lies. Is it cybersecurity? AI and data? Or something else entirely?

The answers point to a clear shift in mindset. Technology strategy is increasingly about execution, accountability, and foundations, not experimentation for its own sake.

Cybersecurity Is a Leadership Issue, Not a Line Item

Cybersecurity continues to dominate near-term priorities, particularly for small and mid-sized organisations.

Several leaders described persistent weaknesses driven by cost pressure, limited access to experienced InfoSec professionals, and a culture that still treats security as “someone else’s problem”. Too often, responsibility is pushed into IT teams without broader organisational ownership.

There was also strong caution around misplaced confidence in cloud platforms. While hyperscalers provide resilient infrastructure, they do not remove accountability. Configuration, access control, and data governance remain firmly the responsibility of the organisation. This also fed a growing concern surrounding digital sovereignty. Dependence on a small number of US-based hyperscalers introduces strategic and operational risk that many organisations are only beginning to confront. Addressing this is complex, unglamorous work that requires specialist capability and clear ownership, not just tooling.

For many CIOs, the challenge is not knowing what needs to be done, but having the right expertise available to embed security into platforms and processes from the outset.

AI Is Only as Valuable as the Foundations Beneath It

AI remains high on the agenda, but the tone from technology leaders is notably more measured.

Rather than seeing AI as a shortcut to transformation, CIOs consistently described it as an amplifier. When core processes are well defined and data is accessible, high quality, and current, AI can unlock real value. When those foundations are missing, it exposes weaknesses faster than it solves them.

Several leaders noted that much of what enables successful AI adoption is not new. Robust systems architecture, disciplined data operations, and clear process ownership have always been critical. AI simply raises the bar on how well these elements need to work together.

There is also increasing realism around cost and sustainability. Questions are being asked about long-term ROI, infrastructure overheads, and whether organisations can justify permanent investment in highly specialised skills when AI initiatives often move in phases rather than straight lines.

As a result, many CIOs are approaching AI through contained, outcome-led initiatives rather than open-ended programmes, ensuring accountability sits with delivery rather than experimentation.

Data Remains the Constraint on Scale

Data was repeatedly highlighted as both the biggest opportunity and the biggest blocker.

For organisations scaling their operations, fragmented data estates, inconsistent definitions, and legacy platforms continue to slow progress. Without structured, governed data, ambitions around analytics, automation, and AI quickly stall.

Several respondents referenced the recurring cycle of new data paradigms, each promising to unlock value but often falling short when foundational discipline is lacking. The principle remains unchanged. Poor data in will always mean poor outcomes out.

In this context, many leaders are prioritising targeted interventions. Fixing specific data pipelines, modernising architecture aligned to core processes, and focusing on measurable improvements rather than wholesale reinvention.

These are not initiatives that benefit from vague ownership or open timelines. They require clearly scoped work, specialist skills, and delivery accountability.

Technology Must Serve Commercial Outcomes

Across all responses, there was a consistent emphasis on technology as an enabler of commercial objectives.

CIOs and CTOs described their role less as custodians of platforms and more as partners to the business. Aligning systems to revenue growth, margin improvement, and operational efficiency is now the primary lens through which technology investment is judged.

This has driven a focus on simplification. Consolidating platforms, reducing duplication, integrating systems more effectively, and choosing scalable solutions over complexity. Success is increasingly measured by what is delivered, not how many people are hired.

Several leaders also acknowledged the limitations of permanent hiring models for specialist work. When needs are highly specific, time-bound, or outcome-driven, flexibility becomes more valuable than headcount.

Why Delivery Models Matter More in 2026

Taken together, these priorities point to a broader shift in how technology leaders think about execution.

Security, AI, and data initiatives all share a common requirement. They need the right capability, applied at the right time, with clear accountability for outcomes.

As organisations head into 2026, many CIOs are quietly rethinking how work gets delivered. Rather than relying solely on permanent hires or ad hoc contracting, there is a growing appetite for defined, outcome-led delivery models that align cost, risk, and responsibility.

Statement of Work approaches fit naturally into this mindset. They allow organisations to bring in specialist capability to address specific challenges, embed best practice, and deliver measurable results, without carrying long-term overhead or diluting accountability.

In a year where foundations matter more than hype and execution matters more than intent, this way of working reduces risk and increases clarity.

The question for technology leaders is no longer whether cyber, AI, or data should be prioritised. It is whether the organisation has the delivery model in place to turn those priorities into outcomes that the business can sustain.

For CIOs and CTOs planning for 2026, that decision may prove just as important as any technology choice they make.