A “wrecking ball moment” is coming for enterprise cybersecurity — and 2026 may be the year it lands.
Whether that trigger is a major quantum breakthrough exposing years of intercepted data, a nation-state attack that cripples critical infrastructure or autonomous AI systems launching and adapting attacks faster than humans can respond, security leaders agree: incremental improvement is no longer enough.
We asked more than 20 CISOs, threat researchers and security strategists what enterprises should prepare for. Their warnings cluster around five themes: the race to post-quantum cryptography, escalating nation-state cyber operations, the dual-edged rise of offensive and defensive AI, governance gaps as AI agents proliferate and the shrinking window to detect and stop attacks. Here’s what they see coming.
The quantum clock is ticking
Chris Harris, EMEA Technical Director, Cybersecurity Products, Thales
“A ‘wrecking ball moment’ will spur rapid enterprise progress on post-quantum cryptography (PQC). Much like COVID-19 accelerated video conferencing, exposure of ‘harvest now, decrypt later’ attacks or a major quantum attack will push enterprises beyond early adopters like finance. Every software vendor will need a cryptographic Bill-of-Materials and proof of PQC adoption. Existing crypto-management platforms may evolve into full quantum-safe services, automating transitions between encryption algorithms as new threats emerge.”
Eric Prosser, CEO & Cofounder, Chandelier Labs
“If you’re a CISO and you’re focused on timing, you’re focused on the wrong problem. The problem is hack now, decrypt later. Your data is already vulnerable today. It’s how quickly you’re going to be able to cover down for it so that you can reduce your exposure in the future.
“Start your planning now. Start trying to build that map of your organization… Where is your long-lived data? Where is the stuff that’s going to be sensitive in 10, 15, maybe even 20 years still? That’s the stuff that you’re going to want to work at getting secured quicker and faster because it has the longest window of vulnerability.”
States on the attack
Megha Kumar, Chief Product Officer, CyXcel
“Before 2022, cyber’s role in full-scale warfare was mostly academic. Russia’s assault on Ukraine showed cyberspace as a battleground extending beyond information operations. In 2026, nation-states will continue to use cyber for strategic aims without firing a shot, including espionage, drone intrusions and disruption of infrastructure. As AI and quantum computing mature, states may discover novel uses for cyber weapons.”
Stephen Boyer, Cofounder & Chief Innovation Officer, Bitsight
“Operational technology (OT) remains a sleeper risk, powering critical infrastructure built before the internet era. OT and IT convergence increases compromise impact. Nation-state targeting of OT makes IT-level visibility and control essential.”
Steve Stone, SVP, SentinelOne
“China’s cyber operations show persistent access followed by potential disruption. Volt Typhoon and Salt Typhoon campaigns demonstrate scale and precision, prepositioning the cyber battlefield inside global infrastructure. Future conflicts may trigger telecom blackouts, supply-chain paralysis, maritime disruption and AI-driven disinformation. Resilience must be built before the storm.
“The line between state and criminal enterprise is blurring. North Korea’s IT workforce blends espionage with commercial freelancing, using legitimate hiring pipelines to fund illicit programs. The next insider threat may be a government operative posing as a remote hire.”
AI vs. AI
Rajeev Gupta, Cofounder & Chief Product Officer, Cowbell
“AI empowers both cyber insurance and cybercriminals. Automated, scalable attacks now require no human oversight. Companies must verify AI tools, avoid sensitive data in chatbots and implement robust AI use policies to mitigate evolving threats.”
Loris Degioanni, CTO & Founder, Sysdig
“End-to-end, agentic AI systems will become standard for vulnerability management. In the DARPA AI Cyber Challenge, autonomous systems uncovered 18 zero-day vulnerabilities and patched 61% in 45 minutes without human input. State-sponsored attackers will rapidly adopt ‘dark AI,’ increasing zero-day attacks and automated exploitation.”
Derek Manky, Chief Security Strategist, Fortinet
“Offensive AI models identify and exploit weaknesses faster than humans, creating a continuous adaptation loop. AI accelerates post-compromise operations, analyzing large datasets to prioritize extortion or resale. Integration of SecOps capabilities like NDR, EDR and CTEM is critical to detect early AI-assisted threats.”
Michael Clark, Senior Director of Threat Research, Sysdig
“Compute power will become the new cryptocurrency. Attackers may hijack infrastructure to train LLMs or run autonomous AI agents (‘LLMjacking’), shifting focus from access compromise to stealing compute. Enterprises should monitor GPU utilization and training activity like network traffic for cryptojacking.”
Bryan Cunningham, President, Liberty Defense
“AI and quantum computing will drive sophisticated cyber and infrastructure attacks. Deepfake-enabled social engineering will become commoditized. Autonomous AI agents may develop and deploy attacks at scale with minimal human involvement.”
Biren Patel, Senior Cyber Defender, Ontinue
“Ransomware timelines will shrink further in 2026. Organizations relying on manual investigation will fall behind. Automated enrichment, agentic AI support and rapid decision-making will be mandatory to stop attacks before they spread.”
Alex Quilici, CEO, YouMail
“AI supercharges voice scams. Generative tools will create customized texts, voice scripts and emails, responding to victims in real-time. Most robocalls will connect to AI bots initially. AI techniques can also detect patterns and shut down fraud at scale if proactively applied.”
AI without guardrails
Jason Soroko, Senior Fellow, Sectigo
“2026 may see the first public Fortune 500 material breach via prompt injection. LLMs deployed without guardrails can execute harmful commands or leak data. Model-signing and treating small models like firmware will become essential controls.”
Danny Brickman, CEO & Cofounder, Oasis Security
“AI-agent adoption is exploding. By end-2026, AI agents may outnumber employees in large enterprises. Governance-driven solutions are required to manage these identities and their life cycle.”
Diana Kelley, CISO, Noma Security
“Humans cannot reliably serve as the final AI safety check. Autonomous agents make thousands of decisions per minute. Organizations need deterministic controls, policy enforcement points, adaptive trust mechanisms, verifiable logs and agent observability platforms to monitor AI behavior and prevent cascading harm.”
Dana Simberkoff, Chief Risk, Privacy & InfoSec Officer, AvePoint
“2025 marked enterprise-scale AI adoption, often leaving security controls behind. Over 75% of organizations experienced AI-related breaches. Firms are now investing in automated data governance platforms to manage agentic tools, enforce policies and control access.”
John Astorino, COO, Auvik
“Shadow AI is shifting from rogue notebooks to autonomous processes acting across systems. Governance must focus on provenance, explainability, continuous monitoring, anomaly detection and policy enforcement built into workflows.”
Trey Ford, Chief Strategy & Trust Officer, Bugcrowd
“AI and security governance will drive a global, unified definition of sovereignty. By 2026, regional security jurisdictions will consolidate, providing clearer compliance criteria.”