Top cybersecurity trends for 2026 – from the BHMEA community

At Black Hat MEA 2025, we asked cybersecurity leaders from our community to share one trend that will shape cybersecurity in 2026. 

Yes, almost everyone (but not quite everyone) said AI. But they each pointed to different issues within it: infrastructure shifts, human judgement, autonomous agents, cloud scale, and the controls needed to stop it all unravelling.

Here’s what they told us – in their own words. 

AI stops being a feature and becomes the environment

For several CISOs, 2026 is the year AI fully stops being a bolt-on and starts behaving like core infrastructure.

Rich Batch (CISO at AT&T) framed the shift in terms of operational impact: 

“One of the biggest trends that will shape 2026 will be around how organisations are utilising and enabling AI, to not only drive efficiencies, but also improve cyber defence.”

That same infrastructure-level view came through from investors as well as practitioners. Dr. Chenxi Wang (Managing General Partner at Rain Capital) pointed to the tension many organisations are already struggling with:

“Without a doubt, it’s AI. How the cybersecurity field is dealing with AI as an infrastructure transformation – and still keeping our cybersecurity measures and controls, but enabling innovation at the same time.”

This is less about buying AI tools, and more about whether security teams can adapt their models (governance, controls, risk ownership) to a world where AI systems are embedded everywhere by default.

AI in security operations moves from promise to pressure

If 2024 and 2025 were about pilots and proofs of concept, 2026 looks more like the year AI becomes unavoidable inside security teams themselves.

Jaya Baloo (COO and CISO at AISLE) sees a longer arc – but one that starts now:

“The trend that everyone’s talking about – that will shape not only 2026 but up to 2030 – is what it means to have this AI future. AI enabled security operations, AI assisted vulnerability remediation, all these amazing use cases we have for using AI with cybersecurity...I think that’s going to be the defining theme of the next couple of years.”

Once AI-driven remediation and detection are viable, not using them could start to look like negligence rather than caution. CISOs will be judged not just on whether they deploy AI, but on whether they do so safely, transparently, and at speed.

The human element gets sharper 

Alongside the automation narrative, several speakers were explicit that 2026 will still hinge on people.

Jericho Beason (CISO at WM) was confident about the critical role that human talent will continue to play: 

“The human element will be more important than ever before. AI is coming to accelerate and automate a lot of things, but nothing can overpower the ingenuity or the good decision-making of a human.”

This is a useful antidote to the idea that AI replaces judgement. In practice, 2026 may expose organisations that automate without investing in decision-making, training, and accountability – especially when AI systems fail in novel ways.

AI agents raise the stakes for both attackers and defenders

If AI as infrastructure is the baseline, autonomous agents are where things get uncomfortable.

Lance James (Founder and CEO at Unit 221B) focused on speed and asymmetry:

“Unfortunately I’ll have to use the AI word, of course. But I’ll get specific about it. I think AI agents in attack and defence will be the next thing. Getting control and figuring out how we can actually understand our environments, and how we can use AI to be just as fast as the attackers.”

The key phrase here is ‘getting control’. Autonomous systems that act faster than humans create a governance problem as much as a technical one. In 2026, boards will start asking if they have the capacity to stop AI when it behaves unexpectedly.

Securing AI becomes a discipline in its own right

While much of the conversation focuses on using AI for defence, other experts are already looking at the reverse problem: how to secure AI systems themselves.

Niel Harper (Chief Trust Officer at Hugo) said:

“It’s obviously going to be AI. A lot of people are talking about AI, but we're also seeing AI used in advancing cybersecurity technologies, automating a lot of the manual stuff. People are talking about how we can secure AI as we know it today.”

This points towards new controls, new assurance models, and new failure modes (from data poisoning to model misuse) that many security programmes are not yet structured to handle.

Cloud scale changes the regional threat equation

Not every trend was AI-centric. For organisations operating in the GCC, cloud adoption itself is becoming a security catalyst.

John Brown (Director, Key Accounts at Darktrace) highlighted this regional context:

“Cloud adoption. For sure. With the arrival of the hyperscalers in Saudi Arabia, and just in general in the Gulf...cloud adoption has been a little bit slower here than internationally for various reasons, but I think cloud adoption, and the emergence of the marketplace will transform and enable much quicker frictionless cybersecurity journeys. It will enable organisations (public and private sector) to keep pace with the ever-growing hostile AI-powered threat landscape.”

The takeaway is that scale cuts both ways. Cloud enables faster defence – but only if security architectures evolve alongside it.

Zero trust moves from strategy to necessity

Finally, Norah Aldeghaim (Digital Identity and Access Management Senior Manager at Riyadh Airports Company) was unequivocal:

“Zero trust is the real task now. Even in small environments, they have to adopt zero trust.”

In an AI-driven, cloud-first, agent-heavy world, implicit trust becomes indefensible.

A year for systems

Across roles, regions, and perspectives, the BHMEA community agrees on one thing: 2026 will reward organisations that treat AI, cloud, and trust as systemic design problems – not tool purchases.

The most resilient organisations will be the ones that govern best, train their people well, and accept that cybersecurity is now inseparable from how the business itself is built.