What will the cybersecurity landscape look like in 2026 and beyond?
As we enter 2026, the cybersecurity battleground continues to shift, presenting internet users and organizations with a mix of threats and challenges. Karolis Arbaciauskas, head of product at the cybersecurity company NordPass, offers his expert outlook for the year ahead.
“Artificial intelligence will sharpen the tools of both attackers and defenders, while the integrity of global supply chains will face increasing scrutiny,” says Arbaciauskas.
According to Arbaciauskas, the cybersecurity landscape is generally poised for a period of evolution, characterized by both technological advancements (including AI) and persistent, fundamental vulnerabilities.
Here are Arbaciauskas’ key cybersecurity predictions for 2026:
AI integration — Smarter and more widespread
The integration of artificial intelligence (AI) capabilities by both threat actors (red teams) and defensive security practitioners (blue teams) will continue. On the offensive side, AI will be predominantly leveraged to enhance reconnaissance operations, enabling higher-fidelity data collection and intelligence gathering. The cybersecurity community is also starting to worry that threat actors might soon figure out a way to use AI for automated vulnerability discovery and start scanning networks and applications for flaws and misconfigurations.
Supply chain attacks will increase
In the enterprise field, supply chain attacks might become an even bigger problem than they are now. The trend is emerging — mature organizations increasingly strengthen their cybersecurity, so for bad actors it is becoming easier to penetrate companies through vendors.
I would advocate prioritizing investment in resilience against this attack vector. More attention should be paid to the technical part of vendor assessment and the final agreement. Prior to onboarding any third-party service provider, organizations should implement comprehensive vendor risk assessment protocols. This evaluation should include verification of SOC Type 2, ISO 270001, penetration testing outcomes, and documented security practices.
Negligence – One of the biggest challenges ahead
The most significant challenges that private users and organizations will face this year will stem from common security deficiencies rather than novel attack methodologies. The threat landscape will remain substantially shaped by threats caused by our own negligence, such as infrastructure and application misconfigurations, insufficient digital hygiene, weak credential management, password reuse, and lack of MFA.
For businesses, an underaddressed risk may come from malicious actors inside the company. Rogue employees or privileged administrators possess authorized access enabling them to bypass security controls. And they often maintain that access even after leaving the company. It is worrying that, according to a survey commissioned by PasswordManager.com last year, about 40% of workers used passwords from a former employer after leaving the company.
Moreover, the threat extends beyond disgruntled or laid-off employees with a vendetta. Last year, media outlets reported on multiple instances of foreign state-linked operatives digitally infiltrating Western companies. Consequently, organizations should dedicate more attention and resources to mitigating these sophisticated threats.
The great corporate migration to browsers
As more and more companies indicate that browsers are the main workspace, where their employees spend most of their time, we will see more security focused extensions and browsers, including new enterprise browsers and tools.
Passwords will remain the first line of defense
Together with industry researchers we have been studying password-related behavior and data leaked to the dark web for 7 years now, and unfortunately, we see no significant improvement in digital hygiene globally. At least for now, it looks like passwords will remain the first line of defense against digital intruders and one of the weakest links in the security chain at the same time. Credentials will remain the predominant initial access vector enabling cyber incidents.
Passkey adoption will increase but will not overtake passwords
As advocates of passkey authentication, we initially projected more rapid and widespread adoption, given the technology’s inherent phishing-resistant properties and superior security architecture. While actual adoption rates have proven slower than anticipated, the trajectory remains consistently positive. Major platform providers like Apple, Google, and Microsoft have integrated native passkey support across their ecosystems.
Consumer-facing services such as PayPal, eBay, and Amazon are progressively implementing passkey authentication options as well. We also see more enterprise organizations that are beginning to deploy passkeys within their workforce.
However, several barriers continue to impede accelerated adoption. Consumer awareness and comprehension of passkey technology remains limited, account recovery workflows present usability challenges, and cross-platform interoperability issues persist. These factors constitute the primary obstacles to mainstream adoption. Based on current trajectory analysis, passkeys remain multiple years from achieving predominant status as a consumer authentication method.
Regulation will determine increased spending
Regulations and compliance requirements in the European Union (for example, the EU Cyber Resilience Act and NIS2) signal a broader shift toward standardized mandated cybersecurity. This will probably create some additional challenges for CISOs and stimulate an increase in general cybersecurity spending but is expected to have positive implications for overall ecosystem resilience.”
Related
This entry was posted on January 20, 2026 at 9:39 am and is filed under Commentary with tags Nordpass. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Guest Post: AI’s dual edge, supply chain peril, and passkeys vs. passwords
What will the cybersecurity landscape look like in 2026 and beyond?
As we enter 2026, the cybersecurity battleground continues to shift, presenting internet users and organizations with a mix of threats and challenges. Karolis Arbaciauskas, head of product at the cybersecurity company NordPass, offers his expert outlook for the year ahead.
“Artificial intelligence will sharpen the tools of both attackers and defenders, while the integrity of global supply chains will face increasing scrutiny,” says Arbaciauskas.
According to Arbaciauskas, the cybersecurity landscape is generally poised for a period of evolution, characterized by both technological advancements (including AI) and persistent, fundamental vulnerabilities.
Here are Arbaciauskas’ key cybersecurity predictions for 2026:
AI integration — Smarter and more widespread
The integration of artificial intelligence (AI) capabilities by both threat actors (red teams) and defensive security practitioners (blue teams) will continue. On the offensive side, AI will be predominantly leveraged to enhance reconnaissance operations, enabling higher-fidelity data collection and intelligence gathering. The cybersecurity community is also starting to worry that threat actors might soon figure out a way to use AI for automated vulnerability discovery and start scanning networks and applications for flaws and misconfigurations.
Supply chain attacks will increase
In the enterprise field, supply chain attacks might become an even bigger problem than they are now. The trend is emerging — mature organizations increasingly strengthen their cybersecurity, so for bad actors it is becoming easier to penetrate companies through vendors.
I would advocate prioritizing investment in resilience against this attack vector. More attention should be paid to the technical part of vendor assessment and the final agreement. Prior to onboarding any third-party service provider, organizations should implement comprehensive vendor risk assessment protocols. This evaluation should include verification of SOC Type 2, ISO 270001, penetration testing outcomes, and documented security practices.
Negligence – One of the biggest challenges ahead
The most significant challenges that private users and organizations will face this year will stem from common security deficiencies rather than novel attack methodologies. The threat landscape will remain substantially shaped by threats caused by our own negligence, such as infrastructure and application misconfigurations, insufficient digital hygiene, weak credential management, password reuse, and lack of MFA.
For businesses, an underaddressed risk may come from malicious actors inside the company. Rogue employees or privileged administrators possess authorized access enabling them to bypass security controls. And they often maintain that access even after leaving the company. It is worrying that, according to a survey commissioned by PasswordManager.com last year, about 40% of workers used passwords from a former employer after leaving the company.
Moreover, the threat extends beyond disgruntled or laid-off employees with a vendetta. Last year, media outlets reported on multiple instances of foreign state-linked operatives digitally infiltrating Western companies. Consequently, organizations should dedicate more attention and resources to mitigating these sophisticated threats.
The great corporate migration to browsers
As more and more companies indicate that browsers are the main workspace, where their employees spend most of their time, we will see more security focused extensions and browsers, including new enterprise browsers and tools.
Passwords will remain the first line of defense
Together with industry researchers we have been studying password-related behavior and data leaked to the dark web for 7 years now, and unfortunately, we see no significant improvement in digital hygiene globally. At least for now, it looks like passwords will remain the first line of defense against digital intruders and one of the weakest links in the security chain at the same time. Credentials will remain the predominant initial access vector enabling cyber incidents.
Passkey adoption will increase but will not overtake passwords
As advocates of passkey authentication, we initially projected more rapid and widespread adoption, given the technology’s inherent phishing-resistant properties and superior security architecture. While actual adoption rates have proven slower than anticipated, the trajectory remains consistently positive. Major platform providers like Apple, Google, and Microsoft have integrated native passkey support across their ecosystems.
Consumer-facing services such as PayPal, eBay, and Amazon are progressively implementing passkey authentication options as well. We also see more enterprise organizations that are beginning to deploy passkeys within their workforce.
However, several barriers continue to impede accelerated adoption. Consumer awareness and comprehension of passkey technology remains limited, account recovery workflows present usability challenges, and cross-platform interoperability issues persist. These factors constitute the primary obstacles to mainstream adoption. Based on current trajectory analysis, passkeys remain multiple years from achieving predominant status as a consumer authentication method.
Regulation will determine increased spending
Regulations and compliance requirements in the European Union (for example, the EU Cyber Resilience Act and NIS2) signal a broader shift toward standardized mandated cybersecurity. This will probably create some additional challenges for CISOs and stimulate an increase in general cybersecurity spending but is expected to have positive implications for overall ecosystem resilience.”
Share this:
Like this:
Related
This entry was posted on January 20, 2026 at 9:39 am and is filed under Commentary with tags Nordpass. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.