Cybersecurity Trends for 2026

Trends and challenges for the new year

As the old year was rapidly coming to an end, on Thursday 11 December the last in the three-part TDL webinar retrospectives on the state of cybersecurity as it had evolved over the previous 12 months looked forward to what can be expected in anticipation of the new year.

Summary

A panel of experts and practitioners shared their thoughts on the trends and challenges in cybersecurity that they expected in 2026. The panellists explored various cybersecurity challenges, including improved security in OT (operational technology) and IoT sectors, AI governance and API-level security, while highlighting the growing risks associated with unpatched software and outdated protocols. The discussion concluded with insights on the evolving landscape of cyber threats, emphasising the importance of data governance, classification and strategic planning to address the challenges defenders face in 2026.

Background

It is the last month of 2025, and everyone is trying to anticipate what 2026 is going to bring to cybersecurity, with outlooks both negative and positive. The reports from major research organisations paint a picture of increased sophistication of attacks, relentless efforts to exploit weaknesses in humans and AI, automation of attacks provided by AI, increased hacktivism and geopolitical tensions, wider reach of attacks and many more concerning trends.

On the other hand, the same reports also highlight AI aiding in better and faster detection of attacks and malware, improved organisational processes and AI governance, better assurance tools, integrated cybersecurity platforms, automated remediation and cultural shifts that will help defenders.

Each participant was asked to comment on their view on the most important topics, challenges and new developments in cybersecurity expected in 2026 and the most important broad trends that can be anticipated. An eager question is whether AI technologies and solutions, especially agentic AI, bring a new dimension to everything from attack design to identity theft; and whether we should expect the new attacks to appear and/or the new defence mechanisms to appear, e.g., whether malware detection will change.

It is quite feasible that geopolitical factors and regulatory frameworks might have an influence on the emerging trends in cybersecurity dominated by AI. It is also realistic to assume that there will be new or expanded cybersecurity attacks in 2026 which could come from:

· Pre-quantum data harvesting

· Autonomous agents

· Organisational failure

· Cyber-physical attacks

· Denial of service

· Attacks on edge devices

On the other side of the debate, we wanted to understand what new defence techniques would have the greatest impacts, for example:

· New network technologies

· Autonomous AI agents in the service of cybersecurity protection

· Better detection and unified cybersecurity platforms

· Viable automated response

· Economic incentives

· Organisational structures

· More secure and predictable supply chains

It’s tempting to believe that the next new year will be different from the old one, but the chances are that it will mostly include the development of the current existing trends. But at this time of the year, many of us, and that includes cybersecurity professionals, make new year wishes. For example, a wishlist of the challenges to see tackled in 2026 to include:

· Lack of qualified talent

· New organisational vulnerabilities

· Sophisticated supply chain compromises

· Challenges associated with complex architectures, e.g., at the edge

· Lack of international standards in key areas?

Finally, our webinar wanted to know whether defenders will progress significantly in 2026 due to new technologies, more automation and other factors; or whether progress will be moderate at best.

If you’ve enjoyed this webinar, and all the TDL webinars throughout the course of 2025, come back in 2026 and find out how far we got it right.

Speakers

The panel consisted of the following experts in the field of cybersecurity::

· Jyotin Gambhir, Managing Director, SecureFLO

· Ashish Kundu, Head of Cybersecurity Research, Cisco Research (San Jose)

· Raj Samani, SVP, Chief Scientist, Rapid7

The session was moderated by TDL strategic advisor, Claire Vishik.

2026 Cybersecurity Trends and Challenges

The panel discussion on cybersecurity trends for 2026 started by highlighting the need for improved security in OT (operational technology) and IoT sectors, AI governance and API-level security. It was noted that there is a global shortage of cybersecurity talent, particularly in small- to medium-sized businesses and in industrial sectors like healthcare, and emphasised the importance of better monitoring, threat management and encryption in IoT and OT environments. The panellists agreed on the growing risks associated with unpatched software and outdated protocols in these sectors, also mentioning risks in other sectors like aviation, water treatment and nuclear facilities.

AI-Driven Cybersecurity Threats

The increasing threat of automated attacks were brought up in the ensuing discussion, highlighting how AI and LLMs (large language models) have amplified these threats, making it easier for attackers to generate malware and exploit vulnerabilities. It was emphasised that there is a need to address updated threat modelling that considers AI-based systems as critical assets. The challenges of post-quantum cryptography, including the migration to quantum-safe cryptography were also analysed. It was agreed that 2026 would be a significant year, with automation playing a crucial role for both attackers and defenders, and pre-quantum data harvesting remaining a concern.

Cyber Threat Evolution and Defence

The discussion moved on to the evolving landscape of cyber threats, highlighting how threat actors are increasingly accessing zero-day vulnerabilities and sophisticated tools, which are then democratised within criminal ecosystems. While advanced capabilities exist, many successful attacks rely on low-tech methods such as physical access, social engineering and insider compromise. Consequently it was suggested that defenders need to focus on broader attack surfaces, better contextualisation of alerts and improved governance, rather than solely relying on technological fixes. A personal experience was shared of a phishing attempt targeting executives, underscoring the need for organisations to remain vigilant against both high-tech and low-tech threats. It was also highlighted that, with the focus on successful attacks, billions of attacks that are stopped by existing tools and practices frequently get overlooked.

Cybersecurity Challenges in 2026

The panellists discussed the evolving landscape of cybersecurity, focusing on the challenges defenders face in 2026. They highlighted the growing attack surface, the rise of AI and machine learning in both attacks and defences, and the importance of data governance and classification. The panellists agreed that while defenders have advanced tools and technologies, attackers may have an advantage due to their focus on finding and quickly exploiting new vulnerabilities and existing weaknesses. They emphasised the need for better training, awareness and strategic planning to address these challenges. The discussion concluded on a hopeful note, acknowledging the progress made in cybersecurity and the impressive expertise gained leading to numerous successful cyber defence strategies.