The cybersecurity landscape is set to evolve significantly by 2026, as agentic AI takes center stage as a primary concern for security teams. Recent polls indicate a consensus among cybersecurity experts about the growing risks associated with agentic AI, advanced deepfake technologies, and the need for enhanced security protocols.

In a recent readership poll, nearly half of the respondents identified agentic AI as the leading attack vector for cybercriminals and state-sponsored threats by the end of 2026. This perspective aligns with the increasing adoption of agentic AI in various sectors, where organizations utilize the technology for operational efficiency, predictive maintenance, and competitive advantage. However, the rush to implement agentic AI may compromise security measures, resulting in increased vulnerability.

Agentic AI: Target for Cybercrime

Rik Turner, a cybersecurity analyst, highlights the expanded attack surface created by agentic AI due to its levels of access and autonomy. He warns that the push for rapid adoption could lead to developers deploying insecure code, potentially exposing organizations to significant threats. The use of open-source AI agents and 'shadow AI' in workplaces without adequate oversight exacerbates these concerns, emphasizing the need for robust security protocols.

According to a survey by Omdia, securing AI remains a top priority for security teams, especially as attackers leverage AI technologies for broader and more sophisticated attacks. Melinda Marks, a cybersecurity practice director, points out that while organizations use AI to enhance productivity, this also increases the attack surface, introducing new vulnerabilities.

Deepfakes: A Growing Concern

Another significant finding from the poll is that approximately 29% of respondents believe deepfakes will become the primary method for cyberattackers targeting high-profile individuals and organizations, such as Fortune 500 CEOs and government officials. Turner notes that deepfakes have evolved from a niche concern to a mainstream threat, particularly highlighted by incidents involving state-sponsored campaigns.

The sophistication of deepfake technology has advanced rapidly, raising alarms among cybersecurity professionals. Organizations must prioritize rapid detection and response to deepfake attacks, as traditional preventative measures may not suffice. Marks emphasizes the importance of security fundamentals, including visibility and testing, to combat these emerging threats.

Cyber Risk as a Top Priority for Boards

In terms of corporate governance, only 13% of respondents ranked the elevation of cyber risk to a Tier 1 operational priority as the most likely development for 2026. Despite this lower expectation, Turner acknowledges its significance, suggesting that the prevalence of cyber-risk insurance may influence board priorities regarding cybersecurity.

Amy Worley, a privacy and information compliance leader, expresses hope that the rise of agentic AI will prompt boards to better evaluate cybersecurity risks. She notes that the autonomous decision-making capabilities of AI agents could lead to severe security breaches if not properly monitored. This presents an opportunity for boards to implement tailored security measures, necessitating foresight and budget allocation.

Password Elimination and Adoption of Passkeys

Lastly, the poll revealed that only 10% of respondents anticipate password elimination and passkey adoption becoming the norm in the near future. While stronger authentication methods are acknowledged, they are not currently prioritized, according to Adam Etherington, a cybersecurity practice leader. He warns that the widespread use of agentic systems necessitates urgent attention to security vulnerabilities associated with non-human identities.

Despite the skepticism around password elimination, Turner notes a positive trend in the adoption of passkeys, particularly with endorsements from major tech companies. The future of passwords remains uncertain, and whether they will fade into obsolescence or persist as a security measure is yet to be determined.

In conclusion, as organizations increasingly embrace agentic AI and face the challenges posed by evolving cybersecurity threats, it is crucial for security teams to prioritize both proactive measures and rapid response strategies to safeguard against potential risks in 2026.

Source: Dark Reading News