Getting Ready for 2026

The New Year will bring new supply chain vulnerabilities, attack dynamics and approaches to trust.

Dec 11, 2025
Cybersecurity In A Bubble

In addition to all the promise and potential a new year holds, 2026 also offers some unique challenges for the industrial cybersecurity sector. Below are predictions from leading voices throughout the industry.

Frank Balonis, CISO and SVP of Operations at Kiteworks

Predictions:

  • Cross-border data transfer compliance will shift from back-office review to point-of-exchange enforcement. Manufacturing runs on global supply chains, and that means data is constantly crossing borders—design files to contract manufacturers in Asia, quality data to partners in Europe, compliance documentation to customers everywhere. The old approach of moving data first and sorting out transfer mechanisms later is a liability waiting to happen.
  • I think 2026 is when manufacturers finally embed compliance checks directly into their exchange workflows. When engineering sends CAD files to a supplier, the system validates the transfer mechanism before the file leaves—not three months later when legal is scrambling for audit documentation. The pressure is real: GDPR enforcement isn't slowing down, the EU AI Act adds new wrinkles around where training data can travel, and U.S. state privacy laws keep multiplying. For manufacturing CISOs managing data flows across dozens of countries and hundreds of partners and automating cross-border compliance into the actual tools, isn't optional anymore. 

George Prichici, VP of Products, OPSWAT

Predictions:

  • Files are evolving—security isn’t. Security teams remain focused on productivity files such as Office documents and PDFs, in which embedded hyperlinks and encrypted content continue to pose real risks. But this focus can leave blind spots elsewhere. Today’s “files” increasingly include Python scripts and malicious npm packages – many of which slip past traditional content inspection tools. Attackers are aware of this gap and are actively exploiting it.
  • Trust emerges as a primary vulnerability. Third-party vendors and “trusted” integrations remain soft targets. CISOs are realizing that focusing budgets solely on endpoints, identity, or edge security creates imbalance: a fortified front door, but an open side entrance. The path forward is not zero trust for everything, but smarter, consistent processes that elevate defenses across all channels, including partners, APIs and supply chains.

Bottom Line: Security leaders must redefine what constitutes a threat, scrutinize every data exchange, and enforce AI governance before innovation turns into exposure.

Asha Kalyur, VP of Marketing, Zenarmor

Prediction: The next frontier is invisible MFA, trust that just happens. Your device, location, and behavior become your key. You won’t “log in”, you will simply exist in a continuously verified state. Security won’t feel like a checkpoint anymore, it will feel like air: always there, always working, completely effortless. That is where Zero Trust transcends security: secure by design, invisible by default.

Almog Apirion, CEO and Co-Founder, Cyolo 

Predictions:

  • Shadow AI and compromised AI agents will emerge as a new insider-threat class. With the growing reliance of engineers, operators, and third party vendors on AI co-pilots, AI agents with OT system access will use shared credentials to perform autonomous actions with minimal oversight.
  • Organizations will need to govern AI the same way they govern humans, with enterprises ensuring the same levels of identity oversight, network segmentation, and strict session supervision for AI agents as for high-risk human users.
  • Hard segmentation between OT and IT within OT will become non-negotiable. Breaches in 2025 highlighted lateral movements across IT and OT without boundaries. AI-driven automation and unmanaged AI tools increase this risk significantly. In 2026, identity-based separation, isolated vendor zones, and controlled machine-to-machine access in addition to supervised pathways will shift from ‘best practice’ to operational necessity for any remote or automated action.
  • Downtime will be caused more by access weaknesses than direct OT intrusions. Over 75 percent of OT incidents now originate in IT environments, with ransomware threat-actors exploiting remote access and identity control gaps. In 2026, enterprises will prioritize securing remote access, vendor connectivity, and identity-based controls to OT assets.
  • Legacy systems and reactive maintenance will cause unplanned downtime. Manufacturers logged an average of 360 hours of downtime in 2025. In 2026, modernization will be prioritized as an operational necessity with supervised access and oversight of remote diagnostics to improve maintenance workflows that enable operational continuity in legacy OT.

Josh Taylor, Lead Security Analyst, Fortra

Predictions:

  • Attacks on critical infrastructure will accelerate. Nation-state and criminal actors will target energy, healthcare and transportation systems with cyber-physical impacts, turning outages and disruptions into strategic weapons. Enterprises in these sectors must treat cybersecurity as a safety imperative and plan for worst-case operational scenarios.
  • The line between APTs and criminal gangs will disappear. State-backed groups and cybercriminal gangs will blend tactics, share infrastructure, and obscure attribution, creating hybrid threats that defy traditional classifications. Defenders will need to focus on behavior, intent, and impact rather than relying on actor labeling.
  • Nation-state operations will expand to target commercial enterprises. Advanced persistent threat actors will increasingly target private-sector companies for economic disruption, IP theft, and espionage aligned with geopolitical goals. Enterprises must adopt nation-state-grade defenses and treat geopolitical risk as part of their cyber threat model. 
Read Next
Zero Trust Maxxa Satori
Cybersecurity
CISA Releases New Zero Trust Guidance
June 25, 2026
Latest in Cybersecurity
Strengthen Your Manufacturing Sales Resiliency
Sponsored
Strengthen Your Manufacturing Sales Resiliency
June 18, 2026
Ai Cybersecurity Ismagilov
Despite Increase in AI Attacks, Report Shows Pressure to Delay Compliance
June 25, 2026
Protection Background Technology Security 524882074 701x502 (1)
What CMMC Level 2 Really Demands
June 25, 2026
Deepfake Orhan Turan
Service Disruptions from Deepfakes Soar
June 25, 2026
Related Stories
Peach Istock Ai Cyber
Cybersecurity
Ensuring AI is Working For You ... Securely
Computer Crime Concept 516607038 2125x1416 (1)
Cybersecurity
Manufacturers Face Growing Supply-Chain Exposure
Industrial Cyber
Cybersecurity
When Cyberattacks Turn Physical in Manufacturing
Strengthen Your Manufacturing Sales Resiliency
Sponsor Content
Strengthen Your Manufacturing Sales Resiliency
More in Cybersecurity
Strengthen Your Manufacturing Sales Resiliency
Sponsored
Strengthen Your Manufacturing Sales Resiliency
Discover manufacturing sales and marketing strategies for today’s volatile market. Get guide now!
June 18, 2026
Ai Cybersecurity Ismagilov
Cybersecurity
Despite Increase in AI Attacks, Report Shows Pressure to Delay Compliance
While security awareness is at an all-time high, execution is not, and AI is widening the gap.
June 25, 2026
Protection Background Technology Security 524882074 701x502 (1)
Cybersecurity
What CMMC Level 2 Really Demands
A first-hand account of lessons learned that apply to any company that's part of the defense supply chain.
June 25, 2026
Deepfake Orhan Turan
Cybersecurity
Service Disruptions from Deepfakes Soar
Dark web findings show deepfakes-as-a-service could be paving the way for new email compromise attacks.
June 25, 2026
Financial Cyber
Cybersecurity
Cybersecurity's Missing Metric: Financial Impact
Understanding cyber risk in the same language used to evaluate every other risk: financial impact.
June 25, 2026
World Leaks Kulpreya Chaichatpornsuk
Cybersecurity
Tata Confirms Apple, Tesla Data Breach Claim
The breach's connective tissue also extends to the Jaguar Land Rover attack from last year.
June 24, 2026
Ep172
Security Breach Podcast
Security Breach: The Hard Realities of OT Cybersecurity
Strengthening resilience by acknowledging weak supply chain links and an expanding threat landscape.
June 24, 2026
Csc
Cybersecurity
How AI is Affecting Enterprise Security Leaders
Detailing the traditional and AI-driven cyber threats CISOs put at the top of their list.
June 23, 2026
Sbd Vadim Shechkov
Cybersecurity
Accenture Announces Major Cyber Acquisitions
The company is building on its $10B cybersecurity business with the acquisition of three major players.
June 18, 2026
Water Treatment Plant Tuachanwatthana
Cybersecurity
Iran-Linked Group Claims California Water Hack
Although the hack could have been worse, it serves as a warning throughout the industrial sector.
June 18, 2026
Hacktivist Peshkov
Cybersecurity
Ransomware Attack Highlights Maritime Cyber Risks
Additional Coast Guard findings are raising red flags for the energy sector.
June 17, 2026
Sase Supatman
Cybersecurity
Why Faster Isn’t Always Safer in Edge Environments
The expansion of edge environments brings benefits, as well as underestimated security trade-offs.
June 17, 2026
Ai Cybersecurity Ismagilov
Cybersecurity
How AI is Changing Security Risks
Why faster AI deployment appears to correlate with higher breach exposure.
June 16, 2026
Industrial Cyber
Cybersecurity
State of OT and Cybersecurity Report
Fortinet dives into how OT environments are facing growing cyber risks as connectivity expands.
June 16, 2026
Flashpoint
Cybersecurity
How Info-Stealing Malware is Creating New Risks
Inside the growing shift towards identity-based attacks and stolen credentials.
June 16, 2026