Cybersecurity in 2026 is accelerating amid growing threats, geopolitical fragmentation and a widening technological divide.
Artificial intelligence (AI) and geopolitics are among the key drivers of changes in cyber security trends in 2026, according to the latest Global Cybersecurity Outlook report by the World Economic Forum.
AI is anticipated to be the most significant driver of change in cybersecurity in the year ahead, according to 94% of survey respondents. This growing recognition is translating into concrete action across organizations. The percentage of respondents assessing the security of AI tools has nearly doubled from the previous year, from 37% in 2025 to 64% in 2026.
AI is reshaping the cybersecurity landscape across three interconnected dimensions. First, the widespread integration of AI systems introduces an expanded attack surface, creating novel vulnerabilities that traditional controls were not designed to address. Second, defenders are harnessing AI to strengthen their cyber capabilities – augmenting detection, accelerating incident response and automating high-volume analytical tasks. Third, threat actors are leveraging AI to enhance the scale, speed, sophistication and precision of their attacks, driving a new generation of automated exploitation and targeted social engineering.
At the same time, AI vulnerabilities are accelerating at an unprecedented pace: 87% of respondents identified AI-related vulnerabilities as the fastest-growing cyber risk over the course of 2025.
In 2026, geopolitics remains the top factor influencing overall cyber risk mitigation strategies. Some 64% of organizations are accounting for geopolitically motivated cyberattacks – such as disruption of critical infrastructure or espionage.
Geopolitical instability and armed conflicts are reshaping the cyberthreat landscape, creating complex and unpredictable conditions for organizations. As global fragmentation deepens – driven by conflicts, sanctions and technological rivalry – cybersecurity is emerging as a critical extension of geopolitical competition. The large-scale power outage experienced in the Iberian Peninsula, while not in itself the result of a cyberattack, highlighted the impact a cyberattack could have on such critical national infrastructure.
Ongoing instability in the wake of the war in Ukraine has coincided with a rise in hybrid attacks, using drones to target European airports and other critical infrastructure, along with the spread of disinformation, which have further destabilized the regional security landscape. Beyond Europe, escalating geopolitical rivalries and conflicts across the Indo-Pacific, Middle East and Africa require organizations to maintain heightened vigilance as risks intensify across regions and industries. Of particular concern to participants in focus groups for this report was the use of advanced offensive cyber capabilities by nation-state actors to hack telecommunications networks in the US.
Notably, 91% of the largest organizations have changed their cybersecurity strategies due to geopolitical volatility.
In the context of geopolitical volatility, confidence in national cyber preparedness continues to erode, with 31% of survey respondents reporting low confidence in their nation’s ability to respond to major cyber incidents, up from 26% last year. Confidence levels vary greatly across regions. Respondents from the Middle East and North Africa express a high degree of confidence in their country’s ability to protect critical infrastructure (84%), while confidence is lower among respondents in Latin America and the Caribbean (13%).