As this year comes to a close, many experts have begun to look ahead to next year. Here are several predictions for how companies will manage security in 2026.
Suja Viswesan, vice president of technology at IBM
Shadow agents will accelerate data exposure faster than we can detect it: As autonomous AI agents begin to operate independently across enterprise environments, often outside sanctioned workflows, they access sensitive data with minimal human oversight. These agents replicate and evolve without leaving clear audit trails or conforming to legacy security frameworks. They move faster than conventional monitoring can follow. This creates a new exposure problem: businesses will know data was exposed but won’t know which agents moved it, where it went, or why. Systems that can trace agent data access across machine-to-machine interactions will become essential.”
Gabrielle Hempel, security operations strategist at Exabeam
In 2026, as AI systems face more legal scrutiny and data governance becomes a boardroom issue, the organizations that thrive will be the ones with security and legal teams operating as partners, not adversaries. The era of throwing incidents over the wall to legal after they’ve already spiraled is ending.
This convergence will result in a surge of Cybersecurity Legal Liaison roles, hybrid specialists who understand both the MITRE ATT&CK framework and the Federal Rules of Civil Procedure. This will ensure that SOC teams no longer operate in a legal vacuum. They will need to understand what’s permissible, who’s on the hook when things go wrong, and where disclosure obligations kick in.
Tom Findling, co-founder and CEO at Conifers
Hackers are using AI agents that can adapt to defenses and perform complex task sequences to enable an attack. These AI systems will move from experimental to fully operational by 2026. Agentic AI malware will explore environments, adapt to thresholds, and exploit vulnerabilities faster than any human-driven campaign, and will be able to run continuously to overload static defenses. As a result, security teams using static thresholds or manual investigation will find their tools obsolete. The next generation of defenses will need to include AI systems that can learn, reason, and respond in real time.
Renuka Nadkarni, chief product officer at Aryaka
AI adoption is creating entirely new classes of attack surfaces—spanning underlying infrastructure, sensitive data pipelines, and the models themselves. Each layer is vulnerable in different ways and demands its own defensive techniques. In practice, AI is simply a new class of traffic, and securing it calls for the same foundational controls we apply to any critical workload: access enforcement, threat protection, data-loss prevention, and continuous monitoring.
No single point solution can span this entire landscape. But by treating AI as a new traffic category, unified SASE architectures can address a broad portion of these risks. SASE will play a central role in the future of AI security—delivering multi-layered, distributed protections embedded throughout the security stack, rather than isolated in a standalone tool. SASE plays a significant role in the future of AI security with multi-layered, distributed, and embedded across the entire security stack—not concentrated in one tool.
Mayur Upadhyaya, CEO and co-founder at APIContext
Gartner’s prediction that over 40% of global organizations will suffer incidents from unauthorized AI tools by 2030 isn’t just plausible, it’s conservative if proactive measures aren’t taken.
The real risk is not just data leakage, it’s the creation of unmonitored, persistent access points. Agentic tools using APIs to “self-serve” critical functions can easily connect to undocumented MCP endpoints, leaving no audit trail and bypassing existing security controls. Most enterprises don’t yet have a strategy for managing this class of interaction and that’s where the danger lies.
Without guardrails for AI identity, scope, and delegation, these tools can quickly create systemic risk. Just as we learned to monitor user access and API usage, we now need the same discipline for autonomous agents. This isn’t just about blocking tools, it’s about making trusted access observable and enforceable”.
Frédéric Rivain, chief technology officer at Dashlane
Zero-knowledge architecture, a security framework that ensures that only users have knowledge and access to their data, is moving from a nice-to-have to a must-have. Customer and regulator expectations are converging. In 2026, enterprises will require zero-knowledge architectures in which the service provider cannot access customer data, and private information remains with users. Not only does this increase the security of users’ information, but it’s also better business, reducing liability and building customer trust.
The post 6 security predictions for 2026 appeared first on SD Times.
from SD Times https://ift.tt/6CAfZFm
Comments
Post a Comment