Happy New Year 2026

AndyC 3 January 2026

Happy New Year 2026
Happy New Year to my colleagues, partners, and the wider security community!
As we step into 2026, I hope you all had a restful festive break.

Happy New Year 2026

Happy New Year 2026
Happy New Year 2026

Happy New Year to my colleagues, partners, and the wider security community!

As we step into 2026, I hope you all had a restful festive break. While the holidays are a time to disconnect, for those of us in the trenches of cyber defense, the start of a new year always brings a unique mix of reflection and anticipation.

We are entering a year where the ‘roadmap’ isn’t just a document it’s our survival guide. Before we dive into the deep technical shifts of the coming year, I want to thank you for being part of this journey.

Here’s to a 2026 defined by resilience, innovation, and staying one step ahead of the curve.

Dr Erdal Ozkaya

Happy new year 2026
Happy new year 2026

10 key trends in cybersecurity for 2026:

  1. AI-Driven Threats:

Expect a rise in AI-driven attacks, including autonomous AI agents that can autonomously plan and execute cyberattacks, significantly increasing the sophistication of threats.

2. Identity-Centric Attacks:

Organizations will face a surge in identity-focused attacks, as attackers exploit gaps in how identities are managed and secured.

3. Resilience Over Prevention:

There will be a shift towards building resilient systems that can recover from catastrophic incidents rather than focusing solely on prevention.

4. Hyper-Personalized Phishing:

AI will enable more sophisticated phishing campaigns that analyze communication styles and craft contextually relevant messages.

5. Increased Ransomware Incidents:

Ransomware attacks are projected to increase, with organizations facing challenges in managing the costs and impacts of breaches.

6. Integration of AI into Security:

Organizations will need to integrate AI into their security strategies, ensuring that AI tools are developed and governed to protect against potential risks.

7 Emerging Quantum Technologies:

The development of quantum computers will introduce new challenges and opportunities in cybersecurity, requiring organizations to adapt their security measures.

8. Geopolitical Tensions:

Cybersecurity will increasingly be influenced by geopolitical and ideological tensions, leading to more complex and targeted attacks.

9. Continuous Monitoring and AI-Driven Detection:

Organizations will need to implement continuous monitoring and AI-driven detection capabilities to stay ahead of evolving threats.

10. Shift in Compliance Focus:

Compliance will evolve from a mere check-in to a competitive advantage, requiring organizations to adapt their security practices accordingly.

These trends highlight the dynamic nature of cybersecurity and the need for organizations to remain vigilant and innovative in their approach to protecting against emerging threats.

So, how does this data shape our future? Based on the trajectory of 2025, here is what I told the SECON audience to prepare for.

1. The Era of “Agentic AI” Attacks

In 2024 and 2025, attackers used AI to write better phishing emails. In 2026, they will use AI Agents. These are autonomous software loops that can be given a goal—“Scan this network, find a vulnerability, and exploit it”—and they will execute it without human intervention.

  • The Threat: The speed of attacks will move from “human speed” (minutes/hours) to “machine speed” (milliseconds).
  • The Defense: We cannot fight machines with humans. We will need Autonomous SOCs (Tier-1 AI Analysts) that can detect and patch holes in real-time.

2. “Shadow AI” Becomes the Main Leak Vector

I asked the room: “Who here uses ChatGPT or Gemini at work?” Half the hands went up. Then I asked: “Who is authorized to do so?” Half the hands went down. This is Shadow AI. Well-meaning employees are pasting code, legal contracts, and customer PII into public LLMs to “get work done faster.” In 2026, we will see the first major breaches caused not by a hack, but by Prompt Leakage—where proprietary data pasted into a public model is regurgitated to a competitor.

3. The “Harvest Now, Decrypt Later” Reality

With NIST finalizing Post-Quantum Cryptography (PQC) standards, the clock is ticking. Sophisticated adversaries are stealing encrypted data now—data they can’t read yet—and storing it. They are waiting for quantum computers to mature (likely in the next 5-10 years) to break that encryption.

The Action: If you have data that needs to stay secret for 10+ years (healthcare, state secrets, trade secrets), you need to be looking at Crypto-Agility today.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

The definitive 2025 cyber rewind and 2026 roadmap

The definitive 2025 cyber rewind and 2026 roadmap

AndyC 3 January 2026
Two U.S. cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case

Two U.S. cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case

AndyC 3 January 2026
Covenant Health data breach after ransomware attack impacted over 478,000 people

Covenant Health data breach after ransomware attack impacted over 478,000 people

AndyC 3 January 2026
The Kimwolf Botnet is Stalking Your Local Network

The Kimwolf Botnet is Stalking Your Local Network

AndyC 3 January 2026
Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails

Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails

AndyC 3 January 2026
IBM warns of critical API Connect bug enabling remote access

IBM warns of critical API Connect bug enabling remote access

AndyC 3 January 2026

You may have missed

The definitive 2025 cyber rewind and 2026 roadmap

The definitive 2025 cyber rewind and 2026 roadmap

AndyC 3 January 2026
Happy New Year 2026

Happy New Year 2026

AndyC 3 January 2026
Two U.S. cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case

Two U.S. cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case

AndyC 3 January 2026
Covenant Health data breach after ransomware attack impacted over 478,000 people

Covenant Health data breach after ransomware attack impacted over 478,000 people

AndyC 3 January 2026
The Kimwolf Botnet is Stalking Your Local Network

The Kimwolf Botnet is Stalking Your Local Network

AndyC 3 January 2026

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.