As the year closes, Barracuda’s experts have outlined key trends that will define cybersecurity in 2026, offering insights into how enterprises in India can prepare for a future where intelligent automation, governance and human expertise work hand in hand.
Key perspectives from Barracuda’s experts include:
- With hyper-personalised phishing and social engineering, we are going to see highly convincing, context aware phishing emails that are way beyond the capability of role-based defences and could circumvent behavioural-based defences as well.
- Multi-layered ransomware and extortion attacks will become a new normal, as attackers will craft tailored ransomware and take multiple swipes at compromised systems and organisational data.
- AI-driven SOCs, ‘co-pilot’ AI models and automated playbooks will compress response time, but they won’t replace human judgement. Managing AI itself will require new governance and oversight skills and structures. Automation may take a front seat, but in the short term the dependency on humans will continue to prevail.
- Quantum readiness will become a board-level concern, particularly in sectors like banking and healthcare, defence. Organisations will come up with quantum/crypto awareness programs and quantum resilient architecture and software engineering will become more common.
- Generic skillsets in coding and testing will give way to niche domain and skill concepts. Upskilling and reskilling existing employees will be gamechangers for organisations.
- Supply chain attacks will continue to rise and organisations will demand greater transparency and visibility into vendors.
- Employee security awareness training will also need to become hyper-personalised to counter sophisticated, context-aware threats. Cyber resilience will become critical for organisations, focused on operational continuity and data integrity, with immutable storage options and hyper micro segmentation to minimise the blast radius of a successful attack.
- Regulatory bodies are increasingly focusing on the need for organisations to demonstrate operational resilience. This includes having robust plans in place to maintain critical functions during and after a cyber incident.
“Tools don’t create cyber resilience, strategy does. For example, when AI becomes part of how you detect, respond and learn, it transforms operations, it stops being an add-on and becomes force multiplier and help to address sophisticated AI driven ransomware attacks,” shares Rohit Aradhya, VP and Managing Director, App Security Engineering at Barracuda Networks, “In an age of AI and quantum disruption, the best defence won’t be technology, it will be a security-aware culture of learning, agility, adaptability and purpose driven talent.”
