It's prediction time. And every year, hundreds of security experts send their predictions to journalists. This year was no different. Here, we picked the best of those that came in over the transom. We stayed away from some of the more common predictions: quantum computing, AI-driven phishing and autonomous attacks, deepfakes rising, and so on. Everyone has those listed and we’ve all read them a dozen times. We picked these not because they are necessarily the most pressing, but because we found them unique, urgent, or somewhere in between. And we believe they will have significant impacts on security professionals in the year ahead.
Here are the five we chose:
The AI regulatory hammer drops. One of the most significant regulatory shifts will be moving some AI regulations from nice-to-have to must-have. Diana Kelley, CISO at Noma Security shares how the EU AI Act is entering its enforcement phase, requiring companies to classify AI systems by risk tiers and maintain auditable records of which model made a decision, what data it used, and who approved it. And in Asia, Japan's AI Promotion Act and South Korea's AI Framework Act both establish transparency and risk-based controls for AI. At the same time, Singapore's AI Verify framework provides a standardized, open-source framework for testing and demonstrating responsible AI.
In the US, California enacted the "Transparency in Frontier Artificial Intelligence Act," establishing first-in-nation rules for high-power AI models, public disclosure of safety processes, and incident-reporting obligations. "While we don't yet have a sweeping federal AI regulation akin to the EU AI Act, the landscape is changing quickly. Together, these signal a shift toward traceable, accountable AI," Kelley says.
Attackers will accelerate their investments in cookie theft and MFA circumvention. The near-universal use of multi-factor authentication (MFA) means attackers will increasingly target ways to circumvent it. "This means threat actors will need to act swiftly from the time of theft, utilizing the stolen cookie before it expires to insert backdoors that then grant them persistent access. Online marketplaces will expand to enable this with rapid trading and exploitation," predicts Ian Pratt, HP global head of personal systems security.
"Defenses against cookie and token theft are not mature and are inconvenient for users," he continues. Pratt adds that attacks involving such theft are becoming increasingly commonplace. This is particularly serious for privileged users such as sysadmins, who frequently use web browsers to access high-value administrative websites, such as EntraID, Intune, or AWS web portals, where cookie theft creates an easy path to a catastrophic enterprise breach.
For critical applications, enterprises will need to look to additional layers of defense, such as strong isolation and application security posture attestation, Pratt advises.
Regulatory risks surrounding the EU's NIS2 and DORA regulations will tighten. NIS2 (Network and Information Security Directive 2) is the EU's updated cybersecurity framework that mandates organizations operating critical infrastructure and essential services implement risk management measures, incident reporting, and minimum security standards across all member states. It replaced the original 2016 NIS Directive and became mandatory by October 2024. NIS2 potentially impacts all companies operating in the EU.
Whereas DORA (Digital Operational Resilience Act) is another EU regulation that specifically covers most financial entities as well as "essential" digital third-party service providers, requiring them to establish digital operational resilience through ICT (information and communication technology) risk management, third-party vendor assessments, incident reporting, and stress testing to ensure they can withstand and recover from cyber and operational disruptions. It entered force in January 2023, with compliance "mandatory" as of January 17, 2025. However, enforcement has been "phased in operational priority."
Next year, says Jan Ursi, VP Global Channels at KeepIt, that changes. "Compliance expectations will become embedded in nearly every SaaS data protection RFP. Requirements tied to NIS2 and DORA will shift from "requested" to "assumed," especially in finance, energy, healthcare, and the public sector. Organizations will insist on local digital sovereignty: data stored in-region, zero sub-processors, and guaranteed access even if the original SaaS platform is unavailable," Ursi explains.
Foundation models become an attack vector themselves. Aaron Shelmire, chief threat research officer and co-rounder at Abstract Security sees next year as the year we witness intrusions that poison commercial foundation models or exploit the mistakes AI models make.
Shelmire points to Anthropic's research that found "Next year, there will be multiple situations where attackers poison common training sets to seed malicious content for common patterns. Attackers could post repeated malicious snippets to different repositories, solving common problems. These snippets could exfiltrate credentials to a drop site, leading to many vibe-coded apps sending their secrets to bad actors," Ursi predicts.
Shelmire adds that these attacks could take multiple vectors:
Training Data Poisoning: allowing actors to add malicious code to code gen apps, or malicious links as references in AI-interfaces.
Prompt Injection Worms: that replicate via prompting generative features in additional platforms, like the early JavaScript worms.
Slopsquatting: by registering malicious packages on common typos or AI-slop-generated code.
In 2026, Cybersecurity defenses will be transformed by AI-driven IT Asset Management. We'll end on a prediction that would undoubtedly be good news if it comes to fruition. Since the very earliest days of information security, asset management — tracking all assets in use within organizations — has remained one of the biggest challenges. Security professionals can't secure what they can't manage, after all.
Russ Ernst, CTO at Blancco, predicts that AI will help finally overcome this persistent obstacle. "By embedding AI into IT asset management, enterprises can detect and isolate rogue or untracked devices before they become attack vectors while securing configuration baselines – including security settings, permissions, and configurations for systems and components," he says. "Leveraging AI for better organization-wide security protections will lighten the load on cybersecurity teams already stretched thin, improve data security, and assist with increasingly complex data privacy laws and regulation compliance," Ernst says.
Considering the rising risks of AI-driven attacks, increased regulatory pressures, and more successful MFA compromises, security pros will need any edge they can find.
