AI innovation is moving at an unprecedented rate, and geopolitical tensions show no signs of easing. Forrester identifies these factors as two primary forces reshaping the threat landscape, placing additional strain on CISOs who are already stretched thin managing increasingly complex security programs.

Anthropic’s Claude Mythos Preview and Project Glasswing are early signals of how radically areas such as vulnerability discovery, remediation, and exploitation are about to change. Simultaneously, the escalating US-Iran conflict has already translated into real world impact, driving a spike in disruptive cyberattacks; from the Stryker incident to Iranian-linked actors targeting PLCs across US critical infrastructure.

AI has been a consistent thread running through the last three editions of Forrester’s top threats report. AI‑driven threats have evolved across the past three years as follows:

  • AI is more than LLMs and ChatGPT. Back in the top threats report for 2023, when ChatGPT was still the public’s first real handshake with large language models, we flagged data integrity as the standout risk. The concern here was the trust placed in these AI systems.
  • AI has been weaponized. In the 2024 edition of the report, the focus shifted from trust to misuse. We called out how generative AI was being weaponized for enabling narrative attacks via disinformation, growing concerns around deepfakes, and concerns over AI responses due to prompt engineering, injection attacks, or the increased risk of sensitive data spillage.
  • AI supply chain risk emerged. In 2024, we also flagged AI software supple chain risk as a threat (Spoiler: this concern hasn’t gone away, and it shows up again in this year’s report with updated findings). This is driven by adoption of open‑source models and frameworks such as those found in Hugging Face and GitHub.
  • Deepfakes are maturing and evading detection. For the 2025 iteration, deepfakes showed up again, not due to novelty but because of how easy they have become to produce as creation capabilities continued to outpace detection. However, the net new threat categories were tech exuberance over GenAI as models proliferate and deployment options increase, and the rise of GenAI driven extortion.

To support security leaders as they prepare to defend against new and emerging threats, Forrester has released the report, Top Cybersecurity Threats In 2026. This annual publication outlines the most critical risks organizations need to plan for.

What’s New In This Year’s Report?

Read the full report here: Top Cybersecurity Threats In 2026

This report is based on trends and observations from the market at large and the threat landscape. We expect enterprises to experience one or more of the following in 2026:

  1. Near autonomous attacks from a nation-state. Easy access to AI models enables nation‑state threat actors to automate and scale more sophisticated exploitation at unprecedented speed. Recent cases, such as Anthropic’s report on the China-linked actor using Claude code to conduct a cyber espionage campaign and, the disclosure by Google’s Threat Intelligence Group about cases of attackers misusing Gemini highlight this trend. Hence, defenders must prepare to defend against autonomous attacks and adopt agentic security capabilities anchored in trust, cost, and utility.
  2. Concerns over agent threats. Personal agents “claw” their way into enterprises via browser hooks and inbox access, turning into shadow operators that access data and perform actions at machine speed outside of governance and visibility, leaving CISOs accountable for increased exposure with limited control. Security leaders must inventory agents, enable policies, actions, and tests while governing use through dedicated vendor platforms.
  3. Nonnegotiable AI software supply chain. Building on its 2024 inclusion as a threat category, agentic AI turns things such as tools, models, skills into a sprawling and fast‑changing supply chain risk. Organizations must adopt a dedicated AI supply chain playbook that enables aspects such as inventorying all AI components, requiring AI‑BOM transparency, applying supply‑chain controls, and enforcing least‑agency for agents.
  4. Provenance and IAM risks of AI agents. AI agents force a shift from legacy IAM to agent‑specific identity, provenance, and access controls, with standards maturing rapidly and accelerating the adoption of commercial solutions. Organizations must control and govern internal, inbound, and outbound AI agent identities, access and their activities by implementing agent‑specific IAM. For inbound agents, inspect inbound API requests and check provenance to manage access to MCP servers and tools; for more complex scenarios, use externalized AI agent authorization tools.
  5. Digital sovereignty spans regions and tech stacks. Pushes for digital sovereignty can backfire and introduce nascent and fragmented tech stacks. This leaves security leaders vulnerable, especially in regulatory demands. Treat sovereignty-driven providers as a supply chain risk by performing stress‑tests, evaluating compensating controls, and mandating CISO sign‑off.

To learn more about these threats and how to respond to them, read the full report.

For any questions about the threat landscape, book an inquiry or guidance session with me or one of my colleagues.