Prepare for the 2026 threatscape with thought leaders' insights

Walking the AI tightrope: Implementing AI-first security -- with caution

AI is revolutionizing cybersecurity by enhancing threat detection, response automation and security operations. However, it also presents significant risks, as cybercriminals are taking advantage of AI to launch phishing campaigns, create deepfakes and execute automated exploits.

Managing AI risks is a key cybersecurity theme for 2026. Security leaders across industries should begin implementing AI governance and usage controls as a foundation to help manage the risk effectively.

Rob Clyde, past chair of ISACA and chairman of Crypto Quantique, stated that "AI is by far the most disruptive technology we've seen since the internet," underscoring the transformative yet potentially destabilizing power of AI in the cybersecurity domain. He highlighted how most organizations are unprepared for AI-related threats and advocated for investing in AI-powered tools that can help detect and block phishing, social engineering and deepfakes, rather than relying solely on user training.

While AI offers immense potential, leaders must exercise caution as they integrate it into their security strategies. Alex Holden, CISO at Hold Security, warned against blindly trusting AI as a cybersecurity tool, stating that "we need to trust but verify. AI makes mistakes and will continue making mistakes in the foreseeable future." Holden's perspective serves as a reminder that while it can enhance security, AI must be implemented thoughtfully and monitored rigorously.

Despite their limitations, AI-first security architectures are key to combating AI-driven threats. Evgeniy Kharam, cybersecurity architect and advisor, presented a clear call to action: "We must adopt AI-first security strategies immediately." He said that traditional defenses are no longer sufficient in the face of adversaries using AI to outwit conventional security measures. He shared a practical model for measuring control effectiveness against AI-aided tactics and emphasized the importance of continuous validation and operationalizing control optimization to reduce risk.

Human-centric security: The first and last line of defense

Security leaders must remain focused on the human element even with AI advancements generating the most buzz. While new tools and systems are critical to defending against increasingly sophisticated cyberattacks, the effectiveness of those tools depends entirely on the people using them. Human error is still a leading cause of breaches, and factors such as stress, cognitive fatigue and burnout significantly increase incident response times. In 2026, security leaders will need to address these human challenges to build a resilient and security-conscious workforce.

According to Verizon's "2024 Data Breach Investigations Report," 68% of breaches involve a human element, highlighting the importance of robust training and support systems. Vincent Amanyi, founder of Boleaum Inc., called for cultivating security champions within organizations to bridge gaps between technical teams and business units. He advocated for establishing security champions committees, stating that "humans are naturally the first line of firewall in enterprise security management." By empowering employees to take ownership of security, organizations can create a culture where cybersecurity is everyone's responsibility.

Sandra Estok, founder and CEO of Way2Protect, expanded on this idea by introducing an updated formula for mean time to recovery that incorporates human cognitive factors. She emphasized the importance of using stress management and mindfulness strategies to enhance decision-making clarity during incidents. "Humans are the first and the last line of defense," Estok said, highlighting the psychological dimensions of cybersecurity and the need to address them proactively.

Ralph Villanueva, cybersecurity compliance supervisor at Carnival Corporation, focused on transforming security awareness training to address human error. He advocated for role-specific training and behavior-based metrics to ensure employees are equipped to handle threats effectively. "It takes a village to protect a village," Villanueva stated, emphasizing the collective effort required to build a resilient security posture.

Bolstering cloud security in the face of growing complexity

Cloud environments are becoming increasingly complex. This complexity introduces new vulnerabilities, such as compromised identity, API exploitation and misconfiguration risks that security leaders must factor in while building their strategies.

According to Gartner, by 2026 90% of organizations will adopt hybrid and multi-cloud strategies, adding even more layers to their security environments. Pankul Chitrav, application release engineer at TD Bank, discussed the convergence of AI-powered attacks and multi-cloud visibility challenges. She explained the value of implementing zero-trust architectures and AI-driven detection systems to anticipate and recover rapidly from breaches. "The mindset should shift from avoiding breaches to anticipating and recovering rapidly," Chitrav said, advocating for a proactive approach to cloud security.

Baking governance and resilience into operations

Adopting strategies that account for low-probability but high-impact events is a sound approach for incorporating resilience into business operations. This can include implementing secure-by-design principles, establishing strong governance structures and aligning security initiatives with business objectives.

Steve Yates, chairman of the Resilience Association, explored the concept of high reliability organizations as a strategic response to the 2026 threatscape. He emphasized the need to plan for low-probability, high-impact events, stating that "resilience is not optional; it's vital." Yates' insights highlighted the importance of preparing for the unexpected and embedding resilience into organizational frameworks.

Governance structures and continuous monitoring are also fundamental for addressing the risks inherent in AI models, such as drift and bias. Oksana Denesiuk, senior product manager at Kaiser Permanente, said that organizations need to balance innovation with security because "AI is no longer a frontier; it's an attack surface." Denesiuk's perspective underscores the dual role of governance in enabling innovation while mitigating risks.

Meanwhile, driven by the explosion of devices and hybrid work environments, endpoint management and security are more unwieldy than ever. Gabe Knuth, analyst at Omdia, a division of Informa TechTarget, emphasized the need for tool consolidation and foundational improvements before using AI and automation. "If endpoint management and security feel harder, you're not alone. Things are more complex than ever before," Knuth remarked, urging organizations to simplify their security frameworks to address growing challenges.

Planning for the 2026 threatscape

The year ahead promises to bring security leaders transformative trends that will demand immediate attention. To gain deeper insights and actionable strategies from industry leaders, watch the full 2026 Threatscape Summit event now.

Ana Salom-Boira is an editorial manager within Informa TechTarget's Editorial Summits team. With an eye for identifying emerging trends, Ana collaborates with industry thought leaders to craft content that cuts through the noise, delivering the insights and education IT teams need to navigate the ever-evolving technology landscape.