2025 wasn’t the year of artificial intelligence (AI), but it could be remembered as the year rapid AI and AI agent adoption increased risk. Recent reports also suggested that ransomware wasn’t the cause of catastrophic cybersecurity failures, but it exposed weak cybersecurity fundamentals.
As we start a New Year, what trends and challenges will those working in the cybersecurity field face?
ClearanceJobs reached out to several experts, and here is what they had to say.
A Shift From AI Exploration
AI is now part of our daily world. In the macro view, it will continue to transform industries, boost productivity, and reshape daily life. Specifically in cybersecurity, AI will continue to evolve. However, we’re well past the introduction of AI.
“2026 will represent a clear shift from AI exploration to sustained operational deployment, particularly around AI agents and agentic systems,” said Jacob Krell, senior director, secure AI solutions and cybersecurity at Suzu Labs.
Krell told ClearanceJobs that organizations will increasingly move beyond single-model copilots toward systems composed of multiple autonomous or semi-autonomous agents that can reason, plan, and act across real business workflows.
As this agentic adoption accelerates, new cybersecurity trends could emerge.
“First, there will be a significant demand for AI-native cybersecurity capabilities,” Krell explained. “Traditional security tools are not designed to govern systems that make autonomous decisions, dynamically chain tools, or operate continuously with evolving context.”
This gap could drive a new class of AI-native security capabilities, including AI red teaming, agent behavior monitoring, toolchain and permission governance, integrity and hallucination controls, and safeguards that allow agents to operate with greater capability while preserving confidentiality, integrity, and availability.
Ryan McCurdy, vice president of cybersecurity provider Liquibase, told ClearanceJobs that AI could turn low-skill attackers into credible database adversaries.
“AI-driven database attacks will become board-level, not just CISO-level, concerns in 2026, as attackers use autonomous tools to move from ‘script-kiddie chaos’ to highly targeted, data-layer campaigns that exploit small misconfigurations, vulnerabilities like MongoBleed, and unmanaged AI agents,” said McCurdy. “Boards will respond by demanding continuous, platform-agnostic database governance and provable audit trails as core preconditions for AI investment, not optional hygiene.”
AI will remain both the biggest accelerator and the biggest wildcard.
“Threat actors will increasingly use AI agents to automate reconnaissance, phishing, lateral movement, and malware development, making attacks faster, adaptive, and harder to detect,” suggested Nigel Gibbons, director and senior advisor at cybersecurity consultancy firm NCC Group: “Expect an early wave of ‘agentic malware’ and AI-augmented ransomware campaigns. Instead of just encrypting systems, ransomware will shift towards greater dynamics in stealing, manipulating, and threatening to leak or alter sensitive data, targeting backups, cloud services, and supply chains.”
A Lower Bar for Hackers
The barrier to launching a targeted cyberattack will be lowered.
“Attackers will increasingly use AI copilots and autonomous agents to read CVEs, generate exploits, build scanners, and automate post-exploitation against databases with little prior expertise,” said McCurdy. “Recent vulnerabilities that leak credentials and tokens from exposed MongoDB instances will be industrialized by these AI-driven workflows, turning what once required advanced skills into ‘one-click’ campaigns against the data layer.”
Operational technology (OT) and AI will further dominate growth opportunities in 2026
“These technologies represent untapped threat vectors with significant potential for disruption. The lack of widespread understanding around OT environments and AI-driven systems creates a perfect storm for attackers. Organizations will invest heavily in securing these areas as they realize the risks extend beyond IT into critical infrastructure and decision-making algorithms,” said Gary Cannon, transport practice lead at NCC Group.
“The evolving accountability landscape for CISOs will surprise many,” Cannon told ClearanceJobs. “Historically, breaches were seen as ‘experience-building’ events for security leaders. By late 2026, that narrative will shift.
Breaches tied to poor decisions or underinvestment will have real consequences, including stalled careers.
“Organizations will demand proactive risk management, measurable outcomes, and transparency,” Cannon added. “Cyber security will become a shared responsibility across the C-suite, with stronger regulatory frameworks and even personal liability for executives in certain jurisdictions.”
New Boundaries and Execution Paths
The way that attacks are carried out is also expected to evolve.
“Rather than exploiting classic software vulnerabilities, adversaries will focus on manipulating agent trust boundaries and execution paths,” said Krell. “This includes hosting malicious MCP (model context protocol) or tool servers, poisoning agent-accessible resources, abusing over-permissioned agents, and steering agent workflows to achieve attacker objectives. In many cases, the attack surface will be the agent’s decision-making process itself rather than the underlying infrastructure.”
Taken together, those trends suggest that cybersecurity in 2026 and beyond may require a different mindset. “Security teams will need to understand how AI agents reason, interact, and fail, and how those failures can be exploited,” warned Krell. “Organizations that treat AI security as a first-class discipline, rather than an extension of existing controls, will be the ones able to deploy agentic systems at scale without introducing systemic risk.”
An Asymmetric Shift to Autonomous Offense
Nick Mo, CEO of Ridge Security Technology suggested that 2026 could see a widening gap between attacker agility and defender constraints. This will further result in an asymmetric shift.
“The primary cybersecurity threat will shift from human-led, AI-assisted attacks to fully autonomous offensive agents,” said Mo. These AI entities will conduct end-to-end operations—independently performing reconnaissance, mapping attack paths, and adapting exploits in real time based on defensive responses.”
Because adversaries operate without the legal, ethical, or regulatory guardrails that bind defenders, they can achieve asymmetric speed and scale that traditional security models are ill-equipped to handle.
“This evolution turns cyber warfare into a machine-speed battle, where human-in-the-loop defenses become a bottleneck rather than a safeguard,” added Mo.
Securing AI identities and permissions will also become as vital as managing human access in 2026.
“Organizations must treat AI agents as privileged users, requiring new protocols for ‘Kill-Switch’ interventions and cryptographic decision-validation to prevent autonomous systems from exceeding their intended operational boundaries,” Mo told ClearanceJobs.
The Mobile Threat is Looming
Traditional cybersecurity threats will remain in 2026 and beyond. That will include threats to mobile devices that could come from once well-trusted sources, namely the official app stores.
“In 2026, the narrative that app store monopolies provided a unique layer of safety will be dead,” said Ted Miracco, CEO of mobile security provider Approov.
Micacco told ClearanceJobs that the “Garden” was never really a fortress. Instead, he suggested it was an instrument for extracting taxes from developers and a trusted source of apps for consumers. That trust was eroded in 2025 and will continue in the New Year.
“Malicious apps have always found ways into the official stores, and they will continue to thrive in the newly more open ecosystem. The difference in 2026 will not be that apps are less safe, but rather that the gatekeepers can no longer use ‘security’ as a pretext for rent-seeking,” said Micacco.
He further suggested that the real threat in 2026 isn’t the lack of a gatekeeper.
“It’s the sheer velocity of creation,” cautioned Micacco. “With VIBE programming and Generative AI, bad actors can now spin up malicious mobile slop apps at a scale and speed previously unimaginable. We are moving from ‘hand-crafted’ malware to ‘industrialized’ fraud. The ‘slop fest’ will hit new heights, but not because the stores are open; it will be a result of AI that has democratized the ability to scam users at scale.”
Micacco predicts that, as consumer fraud and API-based attacks skyrocket in 2026, we can expect a chorus of “we told you so” from the monopolists.
“The change in app store policies will be blamed for every breach, even if the data shows that the vulnerabilities being exploited were always there,” Micacco continued. “The policy changes will not create the threat, but once it simply removes the ‘protection’ theater that kept us from looking at the real problem: the inherent fragility of mobile APIs.”
Quick Thoughts From Experts
Several other experts provided brief warnings and recommendations for 2026.
- Brian Soby, co-founder & CTO at AppOmni: “The most pressing challenge for the security industry in 2026 is to protect SaaS applications, as the systems housing the majority of confidential data and forming the backbone of most IT environments. The first action is to recognize that SaaS applications present unique security risks. AppOmni research has found that the majority of organizations do not monitor their SaaS platforms, and do not know they have a security problem.”
- Melissa Ruzzi, director of AI at AppOmni: “True AGI may not be achieved before the next decade, but as genAI evolves, it may be called AGI – which would then force the market to create a new acronym for the true AGI. The major risk in AGI is similar to that in GenAI: a focus on functionality can obscure proper cybersecurity due diligence. 2026 will be remembered as the year that the security industry realized AI is no longer optional; it’s the only way to keep pace with the evolving threat landscape.”
- Mark Frost, principal security consultant at NCC Group: “Currently, there are no specific, government-recognized standards and accreditation for the delivery of simulated physical pentesting or the people who are authorized to carry out such tests. As such, we have cheap, short physical pentests as the ‘standard.’ This gives false positive results.”
- David Brauchler, technical director & head of AI and ML Security at NCC Group: “While 2025 was the year of the agent, 2026 will be the year of interactions. Multi-agent systems are gaining popularity with the adoption of communication standards such as the Model Context Protocol (MCP), and agents are being granted access to higher-trust operations, including online transactions via the Agent Commerce Protocol (ACP). We are likely to see agents’ capabilities, privileges, and communication complexity grow over the next year. And their risk profile will grow alongside them.”
