As we look ahead to 2026, it’s clear that the cybersecurity landscape will only grow more unpredictable. The past year reshaped how we think about both threats and defense, driven by rapid advances in generative and agentic AI, an increasingly complex cloud ecosystem, and the merging of nation-state and criminal tactics.
We asked our experts and researchers across disciplines to share their top predictions, in their own words, for the year ahead. From the expanding risks of AI blind spots and identity exploitation to the evolution of phishing and the geopolitics of cyber conflict, their insights reveal one simple truth: the most successful defenders in 2026 will be those who best understand the humans — and the AI — behind every threat.
Across every prediction, one theme stands out: 2026 will be the year where visibility, adaptability, and human judgment matter most. AI will amplify both threat and defense, but technology alone won’t save us. The real advantage will come from people — understanding them, protecting them, and empowering them to make smarter decisions in a world where attackers and AI are evolving side by side.
AI Agents Will Become the New Insider Threat
By 2026, autonomous copilots may surpass humans as the primary source of data leaks. Enterprises are rushing to roll out AI assistants without realizing they inherit the same data hygiene issues already present in their environments. Over-permissioned SharePoint folders, unclassified documents, and outdated access rules will allow these copilots to surface sensitive data to users who were never meant to see it.
These agents are not simply tools; they will become identities in their own right, with each one carrying a trust score, behaving as a peer actor in the ecosystem. The old model of phishing will be replaced by “prompt paths,” or avenues through which an agent is tricked or misled into extracting and exposing data. Security teams will no longer focus solely on human actors; they will be forced to treat their AI agents as first-class identities, managing their privileges, monitoring their behaviors, and scoring their risks.
- Ravi Ithal, Chief Product and Technology Officer, AI Security
Agentic AI Will Both Dominate and Redefine Security
This might be the easiest and most difficult new year’s prediction to make. To predict that AI (and more specifically Agentic AI) will dominate in 2026 is easy. However, the ramifications may not be as expected or as predictable.
As organizations rush to deploy agentic systems to handle everything from customer support to security automation, they’ll soon discover that adoption comes with a steep learning curve. Data quality, security, and privacy challenges will slow full-scale implementation, while system interoperability will add friction. Successful agentic adoption has the potential to significantly change the landscape and, in essence, become the landscape. But only those who approach it with governance and patience will thrive.
- Patrick Joyce, Global Resident CISO
Detection Engineering in the Age of AI-as-a-Service
If 2025 was the year of QR phishing, 2026 will be the year attackers have to try harder to make weird QR codes. Defenders are good at detecting the normal variety, so attackers have already tried splitting the QR into chunks, using ASCII block characters to create QR codes, even randomly adding colorful "paint splatters" to confuse scanners. I'm sure they will keep innovating crazy QR codes for us to solve.
But the bigger shift we're watching is the misuse of legitimate websites that offer quick AI-built web content. Although they are meant for good, cybercriminals never let a free account go to waste: they can simply type a description of a lure that promises anything from access to secure documents to a way to view some fictitious road toll bill or a fake court summons, and the AI will create convincing, very official-looking content with a button that leads straight to phishing or malware. Defending against these AI-generated lures will require smarter sandboxes and human-like interaction that can see through the legitimate AI web-hosting site to find the threats buried just under the surface. 2026 will see defenders with help from their AI tools wrestle with threat actors and their AI to find out who is more adaptable.
- Randy Pargman, Senior Director of Detection Engineering
AI Blind Spots Will Become the Next CISO Nightmare
Going forward, one of the biggest blind spots for CISOs will be the lack of visibility into where and how AI is being used, especially by third parties, vendors, and partners. As AI becomes increasingly agentic, organizations may unknowingly interact with AI systems without realizing it. Even with strict internal policies, companies often have limited insight into the AI practices of their extended ecosystem. This lack of transparency poses serious risks, particularly around data access and control. Ensuring visibility into who has access to what data, and how it's being used, will be more critical than ever.
- Molly McLain Sterling, Senior Director, Global Cybersecurity Strategists
AI Will Be Both the Tool and the Target
In 2026, expect to see AI woven into nearly every stage of the attack chain. Threat actors will use large language models to craft multilingual phishing lures, build scripts and injects, and spin up realistic fake websites in seconds using AI-powered web builders. But the bigger story isn’t just how attackers use AI; it’s how defenders misuse it.
As organizations rush to replace critical security and engineering functions with AI-driven automation, they’ll introduce new vulnerabilities faster than they can secure them. We'll see more breaches not because AI makes attackers smarter, but because it makes organizations overconfident. And as enterprises integrate agentic AI tools into workflows, these systems themselves will become prime targets, exploited for the valuable data and access they hold.
- Selena Larson, Staff Threat Researcher
Cloud Security Faces Its “FIDO Downgrade” Moment
Expect attackers to target the very foundation of cloud security: authentication. We’re calling it the “FIDO downgrade year” where adversaries will focus on reverting secure authentication methods to less secure ones.
AI will play a major role here - helping attackers automate persistence, lateral movement, and data access in addition to OAuth applications manipulation. I also anticipate a rise in abuse of legitimate services like AWS and GCP for IP rotation.
At the same time, phishing will become frighteningly personal. AI-driven tools will make it easy for threat actors to tailor lures in real time, based on each target’s data. Underground marketplaces will be full of professional-grade phishing kits powered by AI. And as new connectivity like satellite internet expands access, we’ll see new regions and threat actors entering the game.
- Yaniv Miron, Senior Manager, Cloud Threat Research
Espionage Actors Go Dark and Get Personal
In 2026, I expect espionage campaigns to grow stealthier, more personal, and harder to detect. We’re already seeing some nation-state aligned actors moving away from traditional phishing emails and toward encrypted messaging apps like Signal and WhatsApp, where they can build trust through casual, credible conversation before launching their attack.
We’re also seeing a growing focus from South Asian and Indian threat actors targeting Western organizations — particularly those involved in technology, defense, and policy. These campaigns are increasingly sophisticated, often timed around key geopolitical events or trade negotiations.
At the same time, attackers are stealing nontraditional credentials through device code phishing campaigns and using legitimate remote management tools and cloud platforms to blend seamlessly into normal network traffic. In 2026, the most effective espionage won’t be loud or flashy — it’ll be invisible, hiding in plain sight behind the tools and platforms we trust every day.
- Alexis Dorais-Joncas, Head of Espionage Research
