It’s coming to the end of the year which means it’s prediction season. I’ll be gathering up all of the predictions for 2026 bringing them to you for your reading pleasure. Here are three predictions from Craig Birch, Technology Evangelist & Principal Security Engineer and Dmitry Sotnikov, Chief Product Officer at Cayosoft:
#1 AI tool sprawl will fuel a rise in shadow AI and a push to standardization. As organizations quickly adopt new AI tools, many are finding that identity chaos is becoming a big concern. This is fueled by employees in a rush to adopt AI tools to support business productivity but are doing so under their own personal accounts. These AI -powered tools are taking advantage of often over-provisioned access, and performing unintended tasks without much formal oversight and control. This is particularly concerning for IT management, where consequences can be dramatic and affect multiple employees and applications. With employees managing too many logins and the rise of inconsistent access rights, IT teams are losing visibility over who has access to what – resulting in security blind spots due to the complexity and fast evolution of AI systems. IT teams will be forced to find solutions to gain better visibility and control to address and mitigate these vulnerabilities effectively. create security blind spots, forcing IT to uncover more ways for visibility and control and ultimately close this gap.
In 2026, this AI tool sprawl will drive a major push toward identity standardization, with enterprises consolidating access control and governance around Active Directory and Entra ID as their single source of truth. The era of “plug-and-play” AI adoption will give way to a new focus on governance, compliance, and secure integration. Dmitry Sotnikov, Chief Product Officer, Caysoft
#2 Organizations will start closing the AD security age gap. Active Directory is still the foundational infrastructure for most enterprises, with 90% of organizations still using it as their primary identity provider. With many of the admins who know AD recovery and management nearing retirement, a real capability gap will emerge. We will see an increased focus on security teams prioritizing Active Directory (AD) recovery, and with that, I predict an increased adoption of solutions that prove and increase the speed of recovery, and reduce the likelihood of failure. In 2026 we will also see organizations turn to AI to help address the people training challenge runbook validation where it makes sense. However, it’s too early to rely solely on AI to close this critical gap, therefore, I also predict traditional recovery companies will purchase identity companies to increase their capabilities and gain a foothold in this market space.” Craig Birch, Technology Evangelist & Principal Security Engineer, Caysoft
#3 Instant recovery will define resilient enterprises. The Vodafone outage showed how quickly disruption can cripple connectivity and trust. People and businesses across the UK were reminded how fragile dependencies can be in a connected world. In 2026, downtime tolerance will vanish. Customers and employees will expect systems that recover instantly. In practice, this means embedding instant recovery mechanisms—auto-rollbacks, standby environments, and transparent failover paths—into identity and access infrastructure. Enterprises that bake this resilience into their identity infrastructure will win in uptime, trust, and operational continuity. Craig Birch, Technology Evangelist & Principal Security Engineer, Caysoft
Like this:
Like Loading...
Related
This entry was posted on November 10, 2025 at 8:42 am and is filed under Commentary with tags Cayosoft. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
2026 Predictions From Cayosoft
It’s coming to the end of the year which means it’s prediction season. I’ll be gathering up all of the predictions for 2026 bringing them to you for your reading pleasure. Here are three predictions from Craig Birch, Technology Evangelist & Principal Security Engineer and Dmitry Sotnikov, Chief Product Officer at Cayosoft:
#1 AI tool sprawl will fuel a rise in shadow AI and a push to standardization. As organizations quickly adopt new AI tools, many are finding that identity chaos is becoming a big concern. This is fueled by employees in a rush to adopt AI tools to support business productivity but are doing so under their own personal accounts. These AI -powered tools are taking advantage of often over-provisioned access, and performing unintended tasks without much formal oversight and control. This is particularly concerning for IT management, where consequences can be dramatic and affect multiple employees and applications. With employees managing too many logins and the rise of inconsistent access rights, IT teams are losing visibility over who has access to what – resulting in security blind spots due to the complexity and fast evolution of AI systems. IT teams will be forced to find solutions to gain better visibility and control to address and mitigate these vulnerabilities effectively. create security blind spots, forcing IT to uncover more ways for visibility and control and ultimately close this gap.
In 2026, this AI tool sprawl will drive a major push toward identity standardization, with enterprises consolidating access control and governance around Active Directory and Entra ID as their single source of truth. The era of “plug-and-play” AI adoption will give way to a new focus on governance, compliance, and secure integration. Dmitry Sotnikov, Chief Product Officer, Caysoft
#2 Organizations will start closing the AD security age gap. Active Directory is still the foundational infrastructure for most enterprises, with 90% of organizations still using it as their primary identity provider. With many of the admins who know AD recovery and management nearing retirement, a real capability gap will emerge. We will see an increased focus on security teams prioritizing Active Directory (AD) recovery, and with that, I predict an increased adoption of solutions that prove and increase the speed of recovery, and reduce the likelihood of failure. In 2026 we will also see organizations turn to AI to help address the people training challenge runbook validation where it makes sense. However, it’s too early to rely solely on AI to close this critical gap, therefore, I also predict traditional recovery companies will purchase identity companies to increase their capabilities and gain a foothold in this market space.” Craig Birch, Technology Evangelist & Principal Security Engineer, Caysoft
#3 Instant recovery will define resilient enterprises. The Vodafone outage showed how quickly disruption can cripple connectivity and trust. People and businesses across the UK were reminded how fragile dependencies can be in a connected world. In 2026, downtime tolerance will vanish. Customers and employees will expect systems that recover instantly. In practice, this means embedding instant recovery mechanisms—auto-rollbacks, standby environments, and transparent failover paths—into identity and access infrastructure. Enterprises that bake this resilience into their identity infrastructure will win in uptime, trust, and operational continuity. Craig Birch, Technology Evangelist & Principal Security Engineer, Caysoft
Share this:
Like this:
Related
This entry was posted on November 10, 2025 at 8:42 am and is filed under Commentary with tags Cayosoft. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.