Cyber Security Tribe

“The biggest threat I see starting this year and continuing is the erosion of trust. It varies from AI powered disinformation (AI powered phishing to deep fakes) to a loss of trust in data integrity due to post quantum crypto risks to nonrepudiation of actions by an AI Agent acting on behalf of a user.”

"Every security leader should be prioritizing the pressure-testing of Non-Human Identity. Service accounts, API keys, pipeline credentials, and AI agents are proliferating at a pace that governance simply cannot match. These identities are often over-privileged, long-lived, and insufficiently monitored. For most enterprises, this has become the primary perimeter concern rather than a secondary one."

"In 2026, it's not any one threat that concerns me most, it's the pace at which they're moving. Threat actors are moving faster than most organizations are built to handle, and AI is only widening that gap. Add in the geopolitical chaos bleeding into corporate environments, and you've got a threat landscape that looks nothing like what most programs were designed for. The organizations that come out ahead won't be the ones with the biggest budgets, they'll be the ones who can cut through the noise, make sound decisions with incomplete information, and act before the window closes."

""In my view, the biggest threat to organizations in 2026 is distraction. With news cycles moving at full speed, it’s easy for leaders to chase the “threat of the month”, latest zero-day or newest AI model and lose sight of the fundamentals that determine resilience. Most breaches still stem from familiar weaknesses, such as identity gaps, poor hygiene, misconfigurations, and inconsistent security operations. Organizations that fail to consistently execute the fundamentals never properly manage their cyber risk and operate with a false sense of security that crumbles under pressure."