Attackers will accelerate their investments in cookie theft
Ian Pratt, HP Global Head of Personal Systems Security
Generalized MFA deployment will accelerate threat actors’ switch to stealing cookies and tokens instead of passwords. This means threat actors will need to act swiftly from time of theft, utilizing the stolen cookie before it expires to insert backdoors that then grant them persistent access. Online marketplaces will expand to enable this with rapid trading and exploitation.
Defenses against cookie and token theft are not mature and are inconvenient for users. This means that we will see attacks involving such theft becoming increasingly commonplace. This is particularly serious for privileged users such as sysadmins, who frequently use web browsers to access high value administrative web sites, such as EntraID, InTune, or AWS web portals, where cookie theft creates an easy path to a catastrophic enterprise breach.
Issuing sysadmins with a second PC, a Privileged Access Workstation (PAW), is today’s recommended best practice, but is far from universally implemented, and there are plenty of examples where PAWs themselves have become compromised.
For critical applications, enterprises are going to need to look toward additional layers of defense, such as strong isolation and application security posture attestation.
Cybercriminal Groups Will Rely on AI Agents to Automate Reconnaissance and Target
Organizations
Alex Holland, Principal Threat Researcher in the HP Security Lab
“In 2026, we expect to see organized crime groups automate workflows and outsource more tasks using AI agents in their attacks, especially preparatory tasks like researching victims to target. Beyond this, rapid improvements in large language models and agentic AI systems are expanding their role in the attack lifecycle. Threat actors will no longer limit their AI use to basic automation or phishing content creation. They will also start using AI to assist with complex tasks like vulnerability discovery.
“AI assistance will help threat actors to scale their operations, making campaigns more efficient by reducing the resources and skills attackers need to breach targets.
“Against a barrage of AI-assisted attacks, even the best detection tools will miss some threats. Instead, organizations need to ensure threats can be contained, isolated and remediated, safeguarding their fleets, maximizing uptime and ultimately securing the future of work.”
Physical Attacks on Devices Will Become Cheaper and Easier for Cybercriminals
Boris Balacheff, Chief Technologist for Security Research and Head of the HP Security Lab
“Hybrid work is accelerating the commoditization of attacks enabled by physical access to devices. This is because devices are more exposed as employees are more mobile and distributed, and the tools needed for device tampering become increasingly accessible and affordable. Next year, IT leaders should anticipate this will continue, with easy-to-use exploitation kits and investment by threat actors into new physical attack techniques. In response, security auditors will increasingly focus on how organizations deploy best practices to protect data and device integrity across their fleets of devices.
“Employees today work in cafés, bars, hotels, and conference centers across the globe, using shared infrastructure and peripherals, and giving threat actors ample opportunity to tamper with a device when its owner steps away. With physical tampering, threat actors can seek to exfiltrate data, grasp control of compromised devices to gain broader access to enterprise networks, and even mount destructive attacks to brick devices that are not designed with self-healing built in from the ground up.
“To ensure the Future of Work is secure, organizations will need to prioritize hardware with security and resilience built in at every level. They will need to look for device security capabilities to help protect hardware and firmware integrity, as well as data security, from physical attacks, and learn to integrate hardware-level authentication and attestation into their zero-trust architecture strategies.”
Organizations will Finally Take Notice of IoT, Edge, and Print Security After a String of Attacks
Steve Inch, Global Senior Print Security Strategist at HP Inc.
“After a year of high-profile attacks against connected devices, organizations will finally prioritize security for devices at the network edge. For example, security vulnerabilities allowed for remote takeovers of printers, highlighting the risks of leaving printers unprotected.
“For too long, printers have been the lowest priority on every security team’s list. Many organizations lack basic visibility and control over print infrastructure. This creates security blind spots – from exploitation attempts to insider threats, outdated firmware, malicious updates and misconfigurations, such as open ports or unchanged default credentials.
“These security gaps give threat actors a potential launchpad to not only compromise a printer and the data it holds but also other devices on the network. In the year ahead, organizations and governments will demand that endpoint devices like printers come with continuous and active system monitoring throughout their lifecycle.
“To defend the Future of Work, organizations need to secure their complete device ecosystem, including their printers. They should prioritize the ability to automate print fleet security compliance and automatically assess fleet firmware vulnerability status, minimizing IT overhead in 2026.”
Quantum Resistance will Become a Vendor Requirement
Thalia Laing, Principal Cryptographer at HP Security Lab
“A year on from the introduction of new NIST standards for quantum-resistant asymmetric cryptography, public sector and critical infrastructure companies are going to accelerate planning and vendor engagements to chart a path towards migration. This process will reveal the scale of the challenge: with NIST intending to deprecate RSA-2048 by 2030 and all RSA and Elliptic Curve Cryptography by 2035, many vendors are likely to seize the opportunity to move directly from RSA 2048 to quantum resistant algorithms, particularly in critical industries and long-life systems, such as hardware.
With ongoing advances in quantum computing, the prospect of a quantum computer capable of breaking asymmetric cryptography within a decade is becoming increasingly plausible. The US government’s decision to set a quantum-resistance deadline of 2027 for new National Security System devices signals this urgency.
“To become quantum resilient, organizations must start by preparing their long-lived hardware, including their printers and PCs. With a typical commercial PC refresh averaging at just over 4 years and an even longer lifespan for office-class commercial printers – devices procured in 2026 have the potential to be in use within the timeframe of a cryptographically relevant quantum computer.
“From 2026 onwards, quantum resilience will increasingly influence hardware procurement decisions. This will increase pressure on device manufacturers to future-proof their devices by embedding quantum resistant cryptography into their products, while pushing for the protection of long-life data. By embedding quantum resilience now, organizations can maintain trust in the
technologies shaping the Future of Work.”
The Spotlight draws over Identity, Provenance, and Persistent Control
Peter Blanchard, Document Workflow Security Strategy Principal at HP Inc.
“In 2026, we’ll see efforts within enterprise security shift from fragmented identity frameworks and perimeter-based controls to a unified, data-centric model. Today’s zero-trust implementations often create complexity and fatigue, with identity scattered across users, apps, and devices. This fragmentation leads to blind spots, inconsistent enforcement, and poor user experience. The next phase will prioritize consolidation: centralized identity orchestration that simplifies access, strengthens governance, and reduces operational risk.
At the same time, we’ll see security move from focusing on point of entry, to managing the custody of data throughout its lifecycle. Organizations will need visibility into where data originates, how it is used, and who has access – even after it leaves their boundaries. Identity and policy will travel with the data, embedded through persistent controls, telemetry, and rich metadata. Dynamic permissions such as ‘can I share this?’ will evolve into continuous oversight, ensuring compliance online and offline.
Provenance and lifecycle control will become critical in the age of AI, where transparency and trust are non-negotiable. By embedding identity, custody, and governance controls into the core of digital ecosystems, organizations will achieve stronger, adaptive security that protects without adding friction, safeguarding the Future of Work.”
HP Debuts AI-Powered Unified Collaboration Ecosystem at InfoComm 2026
Posted in Commentary with tags HP on June 19, 2026 by itnerdAt InfoComm 2026, HP Inc. introduced AI-powered communication and collaboration solutions designed to transform how work gets done.
As organizations operate across increasingly distributed environments, HP is advancing its collaboration ecosystem — powered by the HP Workforce Experience Platform (WXP) — to deliver better experiences focused on connecting people, workspaces, and solutions.
Unified Insights and IT Management
HP is giving IT teams unified visibility and control across collaboration spaces, compute, and print solutions through a single pane of glass with the integration of HP Poly Lens and WXP Collaboration (formerly Vyopta) into the HP Workforce Experience Platform (WXP). This expanded offering provides greater visibility across workspaces through an interactive digital replica of the environment called HP Poly Lens Room VisualizerAI.
With these expanded collaboration focused experience analytics and room management capabilities, WXP is transforming isolated data points into actionable insights that empower IT to improve performance, optimize spaces, and enhance employee productivity.
Future-Proof Video Collaboration and Multi-Camera Experiences
HP is future-proofing meeting rooms of all sizes with its next-gen Windows based collaboration engine, HP Poly Studio Room Compute, for Microsoft Teams Rooms and for Zoom Rooms. As the first collaboration compute solution powered by the latest third generation Intel® Core™ Ultra processors with integrated NPUs, this solution is built to support emerging AI-assisted collaboration experiences while enabling long lifecycle support and streamlined room deployments.
The HP Poly Studio 5 and 7 Room Compute will be certified for Microsoft Teams Rooms and Zoom Rooms. These solutions are designed to simplify setup with color-coded ports, dedicated PoE port for the Poly TC10 touch controller, automatic pairing, quick magnetic mounting and can be easily managed with Poly Lens as part of the HP Workforce Experience Platform. The Poly Studio Room Compute devices are made up of at least 60% post-consumer recycled (PCR) plastics.
HP Poly VideoOS 5.1 delivers an elevated hybrid meeting experience while simplifying management for HP Poly’s next-gen video conferencing solutions. Designed to make hybrid collaboration feel more natural and engaging, Poly DirectorAI multi-camera technology intelligently switches between cameras to capture the best view of in-room participants. By capturing the right perspective, remote attendees feel more connected to those in the room, resulting in conversations that flow more freely across distributed teams.
HP Poly VideoOS 5.1 also delivers simplified setup and connectivity for Microsoft Teams Rooms on Android with HP Touch Controller Direct Connect, reducing complexity and helping organizations keep rooms up and running. Plus, a redesigned WebUI offers a modern, unified admin experience, making it easier to monitor and manage devices.
Immersive Audio and Productivity Tools for Hybrid Work
HP’s latest product innovations are purpose-built across the ecosystem, designed to work seamlessly together and deliver a consistent experience across every touchpoint. The new HP Poly Focus 6 Series Bluetooth headsets provide an immersive audio experience powered by Acoustic Fence 2.0, hybrid active noise cancellation (ANC), and spatial audio to help users stay focused throughout the day, across work environments.
The HP Poly Focus 6 Series offers up to 25 hours of talk time with ANC on, and wireless charging capabilities. Plus, the HP Poly Focus 6 Series is available in a sleek, foldable version for even greater flexibility and portability throughout your day. The HP Poly Focus 6 Series is certified for Google Meet, Google Voice, Microsoft Teams Open Office, and Zoom. Bluetooth Direct certifications with Microsoft Teams and Zoom ensure full functionality without a dongle.
To extend product life, the HP Poly Focus Series offers replaceable batteries and ear cushions for improved shelf-life and sustainability. The HP Poly Focus 6 Series headsets are TCO 10 certified to meet a wide scope of sustainability criteria, covering both environmental and social responsibility in the supply chain and throughout the product life cycle.
The HP Collaboration Keyboard, the world’s first programmable collaboration wireless keyboard with adjustable tilt, enhances productivity and control throughout the day. This device features dedicated keys for microphone mute, camera control, and screen sharing, plus customizable shortcuts and cross-platform compatibility provide greater flexibility. This keyboard is made with up to 75% post-consumer recycled plastic by total plastic weight.
Designed for the Future of Work
HP is empowering organizations by providing a seamless, unified collaboration experience across its ecosystem of personal devices, room solutions, productivity tools, and platforms — allowing people to connect and do their best work.
HP will be showcasing its comprehensive suite of collaboration solutions designed for the future of work at booth #C8137 and will host HP Dimension with Google Beam demos at booth #C8037.
Pricing and availability
Leave a comment »