Watch out for these eight trends to impact cybersecurity teams in 2026
The coming year is shaping up to be one of profound transformation for cybersecurity and technology. From governments seeking to tax digital services to the rise of "AI veganism" and the death of the traditional VPN, the landscape of digital risk and innovation is rapidly shifting. In addition, as artificial intelligence becomes more deeply embedded in daily operations and personal lives, the intersection of technology, ethics, and policy is set to define the next era of cybersecurity.
Some of the key trends to watch in 2026 include:
The arrival of a digital border tax
After years of debate, the concept of taxing the global digital economy is moving from theory to reality. Governments across multiple regions are considering or have already implemented tariffs on digital services that originate outside their borders.
The logic is clear: as economies digitise, the tax base must follow. Policymakers see an opportunity to reclaim lost revenue and promote domestic innovation. For example, it has been reported that in Australia the five largest tech giants – including the likes of Google and Facebook – recorded AU$15 billion in revenue while paying only AU$254 million in tax.
The likely outcome will be a new class of intermediate services that monitor digital consumption, calculate usage-based tariffs, and collect fees in a way that's reminiscent of mobile data plans before the era of unlimited streaming.
The adoption of the neocloud
While hyperscalers such as Amazon, Microsoft, and Google continue to dominate, a new category of cloud provider is emerging to challenge their supremacy. Dubbed the "Neocloud," these firms are building AI-first architectures designed around GPU-based computing and simplified developer experiences for a variety of use cases from eCommerce to generative AI.
Traditional cloud infrastructure has often treated artificial intelligence as an add-on rather than a foundation. In contrast, Neoclouds are built from the ground up to handle AI workloads with bare-metal performance and transparent pricing. Their rise reflects a growing frustration among developers who find hyperscaler environments overly complex and opaque.
The shift does not spell the end of hyperscalers, but it does mark a strategic pivot. To remain competitive, they will need to simplify architectures, offer flexible AI capabilities, and compete not merely on scale but on usability.
Agentic AI becomes a new attack surface
In the next year, the majority of connected devices - from home appliances to enterprise systems - will incorporate "agentic AI," autonomous systems capable of acting on behalf of users, but with this ubiquity comes a darker side: the rapid expansion of potential attack vectors.
Agentic AI, by design, requires broad privileges to execute tasks. Poorly secured deployments could enable attackers to exploit excessive permissions, confuse AI agents into unintended actions, or weaponize automation at scale. Microsoft has already issued warnings of this nature for CoPilot and we expect to see more attack vectors emerge targeting embedded AI infrastructure.
The rise of AI Veganism
The coming year will see the rise of "AI veganism" - a movement among consumers and employees who refuse to use AI tools on ethical grounds. They're motivated by concerns over data exploitation, algorithmic bias, and the environmental toll of AI computing.
Some businesses are already preparing for this ethical resistance by offering transparency options, opt-out features, or human-only alternatives in their products. Others will tout "AI-free" credentials as a differentiator, appealing to a niche but vocal segment of the market.
For many organisations, particularly in cybersecurity, AI abstention will not be practical. Refusing AI-enabled protection could even shift liability back to users, forcing companies to navigate a delicate balance between inclusion, innovation, and security concerns.
Ongoing growth of the side-hustle economy
AI is also rewriting the rules of work. As automation displaces traditional roles, workers are finding new opportunities in what has become a global side-hustle economy. Millions are monetising AI tools to create content, code, or design assets on demand.
The proliferation of subscription-based AI platforms has democratised access to powerful technology, spawning thousands of microbusinesses and applications. But as the barriers to entry fall, competition will intensify, pushing creators to specialize or risk being priced out. For enterprises, the challenge will lie in retaining talent and redefining productivity in a world where the workforce is increasingly decentralised and entrepreneurial based on shadow AI.
Identity and access remain under siege
Financial institutions are bracing for a new wave of attacks dubbed "account poisoning", where criminals manipulate automated systems to insert or alter payee details and siphon funds through third-party intermediaries.
Make no mistake, this is a form of a supply chain attack where your pay cheque is altered or routed (in full or in part) to a malicious account (split tendering). The automation behind modern digital banking has inadvertently made it easier for such fraud to occur at scale simply through API requests or social engineering to stakeholders responsible for electronic disbursements.
The end of the VPN era
Few technologies have been as synonymous with remote access as the VPN, but its days appear numbered. Once a cornerstone of secure connectivity, VPNs are now seen as liabilities ripe for exploitation. Today, sophisticated attackers routinely hijack VPN credentials or compromise appliances to gain persistent access to corporate networks.
In their place, organisations are moving toward zero-trust models and privileged access management tools that verify identity and device posture continuously, rather than relying on static tunnels. In 2026, maintaining a VPN for critical infrastructure may no longer be a risk worth taking.
Physical and digital convergence
The convergence of the physical and digital worlds will also introduce new threats. For example, low-cost geolocation devices like Apple's AirTags are increasingly being misused for reconnaissance and crime. Cyber-physical attackers are leveraging them to track high-value assets, from shipping containers to personnel, turning consumer gadgets into espionage tools.
The pace of change will continue to increase during 2026. Being aware of the key trends to watch can help organisations to maintain and even sharpen their competitive edge and realise that high value targets from shipping containers to personnel can be easily tracked with low-cost commercial technology.
