10 cybersecurity trends to watch

Our corporate site Contact us

The rapid growth of advanced technologies and interconnected systems, alongside the widespread adoption of cloud services, has significantly broadened the potential entry points for cyberattacks. Cyber threats are simultaneously becoming more sophisticated and diverse, targeting critical assets such as sensitive data, intellectual property, business operations, and personal information.

Recent research from Marsh reveals that cyber risk leaders globally consider cybersecurity a key priority, with 66% of organisations planning to increase their cybersecurity investments in the coming year to strengthen cybersecurity technology and mitigation, incident planning and preparation, and talent acquisition.

As cyber threat actors continue to adapt and exploit new vulnerabilities, organisations should remain attentive to how the risk landscape is changing. The following cybersecurity trends can inform how risk leaders anticipate risks, strengthen defenses, and maintain cyber resilience in an increasingly complex threat environment, both now and in the future.

10 cybersecurity trends to consider in 2026

Amid well-recognised cyber risks like ransomware and phishing, several key trends are shaping the cybersecurity landscape. Below is an overview of the top 10 trends organisations should watch closely:

1. Geopolitical tensions and cyber warfare

Increasing geopolitical conflicts globally are contributing to state-sponsored cyberattacks targeting governments, businesses, and critical infrastructure. Some of the most significant disruptions exploit organisations’ basic weaknesses. Businesses must embed threat intelligence into operational playbooks, map critical dependencies, and engage legal, communications, and incident response teams in tabletop exercises.

2. Vulnerabilities associated with artificial intelligence (AI)

AI has increasingly become a valuable, strategic tool embedded into many organisations’ daily functions. While AI enhances organisational capabilities, it can also build upon existing cyber risks by enabling cybercriminals to develop more sophisticated malware that can adapt, learn, and evade detection. This can complicate threat detection and underscores the need for ongoing attention and robust defense systems to counteract the impact of AI.

3. Cloud-native security

Cloud adoption concentrates valuable data and services outside traditional perimeters. Misconfigurations, weak entitlements, and inadequate logging create persistent risk. Organisations need to enhance their cloud security posture management and adopt best practices to protect data and applications hosted in the cloud.

4. SaaS posture management

Effective SaaS governance starts with the recognition that cloud applications are business infrastructure — widely adopted by users and often operating outside information technology’s (IT) direct control — so unmanaged or “shadow” apps can expose data and bypass enterprise controls.

It’s important to identify all SaaS applications, browser plugins, and AI services in use, including IT‑unapproved apps. For each service, enforce consistent baseline controls: single sign‑on (SSO) with robust identity proofing, phishing‑resistant multi‑factor authentication (MFA), centralised audit and API logging into your security information and event management (SIEM) system, and data protections such as data loss prevention (DLP), encryption, and reliable backups.

5. The rise of zero trust architecture (ZTA)

The traditional, perimeter-based security model is becoming obsolete, and in its place is a new cybersecurity model that focuses on users, assets, and resources: ZTA. As defined in NIST 800-207, ZTA assumes no user or device is trustworthy by default. This approach enforces strict identity verification and continuous monitoring to reduce the risk of breaches.

6. Ransomware evolution

Ransomware attacks continue to grow in sophistication and frequency. Attackers are targeting critical infrastructure and demanding higher ransoms, often coupled with data exfiltration and extortion tactics, making ransomware a persistent and evolving threat that requires ongoing prioritisation.

7. Edge and next-generation network security (5G/6G and beyond)

Expanding connectivity — cellular evolution, satellites, and distributed edge compute — can increase attack surfaces and supply chain dependencies while shifting control away from traditional network boundaries. It will be increasingly important for organisations to incorporate network-level controls into architecture reviews, prioritise vendor security and supply chain assurance, and design for secure device enrollment and telemetry at the edge.

8. Identity as the control plane

MFA is now a baseline expectation, but how identities are established and how MFA is delivered matters far more. Organisations need to require strong identity proofing before issuing authenticators or performing resets, adopt phishing-resistant MFA (hardware security keys, FIDO2, platform authenticators) instead of SMS or email-based methods, and apply least privilege and session controls across SaaS and cloud resources.

9. IT and OT security

The integration of IT and OT systems creates new security challenges, including difficulties in monitoring and managing diverse systems and potential disruptions to operations. Research from Marsh and Dragos shows that OT cyber threats pose hundreds of billions in annual financial risk globally. Protecting critical infrastructure requires coordinated security strategies that address both digital and physical components.

10. Quantum computing threats

Quantum computing is gaining momentum to help process exponentially more data than traditional computers. However, this emerging field also poses a threat to current encryption standards. Organisations must consider the intersection of quantum computing and AI, as well as prepare for a future where quantum computers could challenge existing cryptographic protections.

Proactively addressing dynamic cyber threats builds resilience

Several factors are contributing to these cybersecurity trends, including the ongoing shortage of skilled cybersecurity professionals, which hampers organisations’ ability to respond effectively to threats. Industry-specific challenges also shape how trends manifest; for example, healthcare faces unique risks related to patient data privacy, while financial services must combat increasingly complex fraud schemes.

The dynamic nature of cyber threats demands continuous innovation in security measures and investment in cyber threat intelligence. Organisations that prioritise building cyber resilience through proactive risk management and employee training can better position themselves to withstand and recover from future attacks.

FAQS

A robust cybersecurity posture involves a proactive, multi-layered approach that includes strong identity verification, continuous monitoring, and advanced defenses like AI-powered detection. It also requires securing both IT and OT systems, protecting cloud environments, and preparing for emerging threats such as ransomware evolution and quantum computing. Ongoing employee training and incident response planning are equally essential.

Staying ahead demands continuous monitoring of emerging threats, recognising that cyber risks will only keep evolving. A coordinated, enterprise-wide approach is critical, helping to maintain that risk management efforts are not siloed in technology, cyber, or risk management teams.

Key actions include investing in advanced security technologies, revisiting cyber risk management strategies consistently, and emphasizing employee education and responsibility. Building a strong culture of cybersecurity awareness can help employees understand their role in identifying risks, follow best practices, and respond promptly to potential threats.

Yes. Marsh's Cyber Self-Assessment is a digital tool that examines your organisation’s cyber risks and streamlines and expedites the process of applying for cyber insurance — so you can make more informed, confident investments in cyber insurance and security.