Last year was defined by AI hype, new attack models, and intensifying global tensions. As 2026 begins, security teams are asking what the next phase will look like. Will AI continue to accelerate risk, or will controls and governance finally catch up?
CSO spoke to 10 security leaders about their predictions and aspirations for 2026.
Governance scrambles to keep pace with AI
As AI becomes deeply embedded in day-to-day business operations, security leaders are being pushed to scale governance models far faster than before. For Barry Hensley, CISO at Brown & Brown Insurance, this translates to strengthening data guardrails by expanding data loss protection and monitoring, tightening identity controls, and introducing governance across both human and machine identities.
That push towards structure and oversight is also reshaping how organizations define security at scale. As United Airlines CISO Deneen DeFiore puts it, 2026 security will be less about perimeter defense and more about operational resilience at scale. “Threat actors will increasingly use generative AI to automate reconnaissance, social engineering, and exploit chaining, while defenders will rely on AI to prioritize risk, accelerate detection, and reduce response times,” she says. “The differentiator won’t be whether organizations use AI, but how well they govern, tune, and trust it.”
Meanwhile, Repurpose It CISO Noel Toal predicts that AI risk frameworks will increasingly reach board level. He believes these frameworks will give directors the structure and confidence to ask harder questions about AI exposure, triggering audits and help unlock long-needed security funding.
DeFiore also expects governance conversations to shift beyond traditional risk management and towards continuous cyber resilience. “Boards and regulators are already asking not just, ‘Can you prevent an attack?’ but “Can you continue operating when one happens?’” She believes that changes will drive deeper investment in identity security, segmentation, recovery testing, and third-party resilience rather than point solutions.
AI agents to reshape the threat landscape
But those same AI technologies are also changing the threat landscape. Toal points to a recent Anthropic report that documented the first large-scale AI-enabled cyberattack as an early warning sign. “I guarantee attackers will be more focused on using AI agents for what they want than a lot of businesses, because businesses in general are still very slow to adopt AI agents.”
In response, Toal says organizations will need to secure their ownAI agents with the same rigor applied to human users. “We’ll have to treat internal AI agents as identities, and monitor what they access, when they run, and whether their behavior makes sense,” he says. Without that shift, he cautions, organizations risk unleashing tools inside their networks that attackers could readily turn against them.
Challenger CISO Katie Payten agrees the rise of agentic AI fundamentally expands the identity attack surface. “The perimeter isn’t just the external perimeter anymore; identity is the perimeter.” She adds that as organizations deploy AI agents internally, governance must extend beyond human users. “Knowing what your agent has access to, how it’s making decisions, and taking responsibility for that will be essential.”
As AI becomes more deeply integrated, the sensitive data these systems rely on will become “an increasingly attractive target”, with more AI-enabled attack methods “poised to occupy a growing share of the threat landscape,” according to Michael Garvin, CISO at Jaggaer. As a result, he believes data security posture management will also become more important. “Because AI depends on large volumes of high-quality, sensitive data, organizations will need better visibility into how that data is accessed, classified, and protected.”
For Gergana Winzer, partner and cyber security mid-market lead at KPMG, the real threat with AI is not just scale, but autonomy. She warns that AI-driven attacks will increasingly make their own target and execution decisions, reducing the need for human involvement. “Everything can be automated today, not only on the side of companies, but also on the side of the criminals,” she says, raising questions about how AI-enabled threats could extend beyond the digital realm into the physical world through AI-powered drones, for instance.
Security teams will consolidate visibility and automate response
When asked about what else 2026 could mean for the global security industry, Ramsay Healthcare CISO Manal Al-Sharif believes AI will play a crucial role in helping consolidate telemetry into a single view. “When you bring everything in, it’s easy to triage and prioritize,” she says. “Having that single point of view means you’re correlating everything at the same time, so you know where you’re exposed most … [and] before those threats become incidents.”
Garvin expects security strategies to evolve inside SOCs as AI becomes more embedded. “The biggest shift will be the deeper integration of AI into defensive security operations. Organizations will increasingly invest in securing AI models and data pipelines, and they will evolve penetration testing and adversarial testing approaches to evaluate AI systems with the same rigor applied to traditional applications.”
Nadia Veeran-Patel, CISO at LRMG, has already seen this reshape incident workflows firsthand. “Our analysts were looking at incidents individually as they came through as alerts, but when AI brought them together as a collection, you suddenly realize those alerts are actually a series of events that led to something bigger.”
DeFiore also expects a fundamental shift in how security teams operate day to day. In 2026, she wants teams spending less time reacting to alerts and more time on anticipation and enablement, by using automation, better data, and tighter integration with IT and business partners to reduce friction and accelerate decision-making.
She adds what’s equally important is continued investment in people and culture. “Technology evolves quickly, but resilient organizations are built by teams that are well-trained, empowered, and aligned to a shared mission,” she says. “Creating clarity around risk ownership and decision-making is just as critical as any tool we deploy. Ultimately, success looks like a security program that enables innovation, withstands disruption, and earns trust at every level of the organization, from the boardroom to the front line.”
Toal expects AI-driven orchestration to become a defining feature of modern SOCs in 2026, as AI increasingly isolates compromised endpoints, blocks malicious IPs, rolls back ransomware in real time, and maps an attacker’s path. “The mean time to response would be vastly reduced. Instead of taking hours to respond to an incident, you could start to respond hopefully within seconds … [and] engage properly.”
SMEs will become prime targets amid rising automation
Winzer adds 2026 will mark a decisive shift, with SMEs becoming primary targets for ransomware. According to the 2025 Verizon data breach report, ransomware made up 44% of all breaches globally, and SMEs represented a disproportionate percentage of victims.
“Why? Because they’re easy now … the rationale is they have limited security maturity and they cannot absorb outages, so they end up paying [the ransomware], even though the government is saying, ‘Don’t pay’. But it’s really difficult for them to negotiate because they don’t have the budget to put proper recovery plans in place.”
Winzer warns that AI-driven reconnaissance is accelerating this trend. “AI today is very capable. You can press a button and very quickly do a huge amount of damage within a few seconds.” Combined with gaps in mid-market MSSP coverage, which are “not necessarily as complete”, she says that makes it very easy for the attackers to go after SMEs.
Veeran-Patel has seen a similar escalation in criminal tactics. “We have seen attackers routinely employing what we call triple extortion, where they combine not only data encryption, data leaking/extortion, and also leveraging third parties, like customers, regulators, and vendors, to put pressure on their victims to pay the ransoms.”
Even so, Winzer is cautiously optimistic that vendors will begin delivering more tailored solutions to the mid-market. “They did not do before. Now they’re realizing this is a huge target, and it’s also an opportunity to provide services.”
Supply chains remain vulnerable as nation-state activity intensifies
Winzer sees critical infrastructure as a primary cyber battlefield. Operational environments are “far more reachable,” she says, due to IT/OT convergence, cloud-connected control systems, and remote-access pathways that remain exposed even when partial segmentation exists.
Payten warns that data risk is increasingly hidden within complex supply chains, as organizations rely on expanding ecosystems of third-party and SaaS providers. That reliance, she says, quietly compounds exposure. “We’re using so many third parties, and those third parties use their own third parties; they become fourth parties,” she says.
The challenge is not just assessing vendors at the point of engagement but maintaining visibility over where sensitive data ultimately resides. “You can’t outsource your accountability,” Payten says. “You still own the data.”
Healthcare and local councils remain high-risk targets as well, driven by low cyber budgets, sensitive population data and the high cost of downtime, Winzer adds. “Before [attackers] were going after the cash only. But now they’re looking at reputational damage, because that causes organizations to pay faster.”
Veeran-Patel expects nation-state pressure to intensify too, warning that geopolitical conflict is increasingly being played out in cyberspace. “Cyber warfare is a real thing,” she says. “Wars are no longer going to be fought on the front lines with soldiers on the ground. They are likely going to be fought with buttons.” Her concern is that many governments are still not treating the risk with the level of urgency it requires, despite signs of critical infrastructure in developing nations already being taken offline by hostile actors.
Vendors must deliver secure-by-design products
Al-Sharif believes 2026 will be the year when the industry confronts a long-ignored truth that non-malicious insiders are not the main problem. “My issue is with the technology makers,” she says. “They still give me a car with no brake, no lock, no seatbelts. They sell it to me and find a way for me to sign away my rights … my issue is that technology makers need to be held accountable for creating flawed technology.”
She predicts insecure defaults will become untenable as incidents continue to trace back to weak authentication and outdated access controls. She says the problem is especially visible in healthcare, where connected devices still arrive with default passwords and cannot be patched without voiding warranties. “I want the government to make sure there’s a way to measure how secure those devices are before I connect a life support machine to them.”
Payten echoes concerns about insecure defaults and poorly secured connected devices. From routers to smart appliances, she highlights default credentials and weak configurations remain widespread. “There are still people with default passwords on their routers … and now there are so many connected devices.”
Now is the time to prepare for post-quantum cryptography
Zoe Hearn, head of cybersecurity strategy and governance at Insignia Financial, says rising expectations from customers, regulators, and governments are pushing organizations to take a more proactive role in preparing for the post-quantum era. She points out how simply complying with emerging standards will not be enough.
“With quantum-vulnerable encryption set to be phased out by 2030, now is the time to invest in future-ready security infrastructure,” she says. For Hearn, the shift demands leadership, not just technical uplift, as quantum risk increasingly becomes a board-level conversation.
Timothy Youngblood, CISO in residence at Astrix Security and former CISO at McDonald’s and T-Mobile, shares the same concern. He expects progressive enterprises to begin mapping their quantum security in preparation of the mainstream arrival of the technology. “The more progressive enterprises are going to start to assess their quantum security gaps, who are the partners that they need to address that,” he says. “It has the potential to be another Y2K. It’s a slow-moving Y2K. Of course, people are going to be caught off guard whenever quantum becomes mainstream, and that’s coming. It’s time to assess what the strategies are.”
Toal believes boards will soon pay closer attention to quantum risk as well. He notes that attackers are already harvesting encrypted data today in anticipation of future decryption. “It might still be slightly behind AI recognition, but I think boards are going to realize they have a longer-term problem,” he says.
Auditors, he predicts, will begin raising quantum preparedness in security reviews, forcing it onto roadmaps. “If they’re not addressing the fact that a minor breach today could become a major problem in the near future, that’s a gap boards will need to reckon with.”