CThe year 2026 will be a turning point for the cybersecurity industry – technologically, politically and regulatorily. Leading experts from Europe paint a clear picture: artificial intelligence will profoundly change the threat landscape, identities will become a central security anchor, supply chains and AI models will come under greater scrutiny, and Europe will face a fundamental reorganisation of its digital infrastructure.
The use of AI will have a particularly significant impact – on both the attacker and defender sides. According to Andreas Süß (aDvens), attackers will increasingly use AI in 2026 to generate highly personalised phishing attacks and adaptive deception manoeuvres in real time. At the same time, he expects an increase in state-orchestrated disinformation campaigns based on credible-looking deepfakes.
The consequence: digital sovereignty will become a key security policy issue in order to make societies more technically and strategically independent. Regulation is also gaining momentum. With the NIS 2 Implementation Act, the obligation to secure critical systems will be significantly tightened in 2026.
As Jochen Sauer (Axis Communications) explains, this will transform video security in particular: camera systems will no longer be considered purely surveillance solutions, but rather cyber-physical platforms that must be encrypted, auditable, AI-supported and deeply integrated into SOC processes. Cyber resilience will thus become a key quality benchmark.
At the same time, the focus is shifting towards identity security. The classic perimeter hardly plays a role in modern OT and networked industrial environments, emphasises Létitia Combes (BxC Security). Attackers are increasingly targeting human and machine identities, which is why certificate management and automated PKI processes are becoming the foundation of secure machine communication.
The danger from within is also growing. For Henrik Nitsche (Jamf), securing BYOD devices through containerisation will be unavoidable in 2026 in order to contain the increasing insider threats. Since employees already have legitimate access, company data must be strictly separated from private areas in order to effectively limit risks.
A new form of attack is also coming to the fore: the manipulation of AI training data. Pieter Arntz (Malwarebytes) expects a massive increase in such supply chain attacks, in which attackers place subtle backdoors in data sets or deliberately distort models. Transparency and continuous integrity checks throughout the entire AI lifecycle are therefore becoming business-critical.
In view of the geopolitical situation, digital sovereignty is taking on a strategic dimension. Daniel Fried (Object First) no longer sees data control as a compliance task, but as a factor of power: Companies are investing in traceability, data mapping and immutable backups, while ‘trusted cloud’ concepts are becoming key selection criteria. Monir Gueblaoui (Scrive) argues similarly, interpreting the recent disruptions to global cloud providers as a wake-up call: Europe must develop its own secure digital ecosystems in order to remain resilient and competitive in the long term.
Finally, a mega-topic will take centre stage in 2026: post-quantum security. Claus Gründel (Swissbit) warns that companies must start converting their systems to quantum-resistant cryptography now at the latest – especially in long-lasting industrial and IoT environments where hardware is rarely replaced. At the same time, supply chain transparency will become a key quality and security factor.
Conclusion: 2026 will be a year in which AI, identity, sovereignty and compliance will determine cybersecurity strategies. Companies that invest now will lay the foundation for robust, more resilient and more sovereign digital ecosystems.
