Cybersecurity: nine threats in 2026

“The rapid rise of generative AI calls for extra awareness,” says Andy Quaeyhaegens from Netskope. “When implementing AI applications, it is essential to know who is using them and what data can be accessed by the algorithms. It is also important to carefully control privileges, because AI systems access sensitive information on behalf of the user. AI-specific threats, such as prompt injection attacks, also constitute a new risk class. These attacks allow an attacker to manipulate an AI assistant to steal internal, sensitive data without the user being actively involved.”

Attacks are shifting from social engineering of people to social engineering of data and systems. Whereas traditional social engineering exploits human trust, this new form abuses the implicit trust that digital systems and AI applications have in the data and signals they receive.

Jesper Olsen at Palo Alto Networks clarifies: “Cybercriminals know that many people no longer question decisions made by AI applications. They gradually and subtly manipulate the output, without the user noticing. This leads to disinformation and misplaced trust in AI applications.”

The expert sees another important element of trust. “In the event of a disaster, every organization relies on its backups. However, due to the use of AI applications, there is a high probability that a lot of data has been altered without detection since the last backup. Organizations assume that everything will function as before when they restore a backup, but that may not be the case. A comprehensive overview of all AI applications and clear rules is indispensable.”

Hacker groups are increasingly targeting our country. “At first glance, this seems to be a concern for government agencies rather than SMEs. Nevertheless, they often end up being involved,” according to Tom Horré, Strategy Lead Security at Proximus NXT.

“It works both ways. As a supplier of utilities or logistics services, an attack on your company could disrupt the entire supply chain. That's why major customers expect their partners to have their security in order as well. At the same time, as a supplier, you don't want to be the victim of an attack on a customer who is of great strategic value to hackers. Agility and understanding interdependencies are crucial.”

Hackers are increasingly targeting infrastructure and edge devices, such as routers, firewalls, IoT devices, and cloud gateways. “This gives them persistent and difficult-to-detect access to networks and data flows,” says Ronald den Braven at Cisco Talos.

“I see this as a shared responsibility. Our job as suppliers is to provide the best solutions. For businesses, there is a need for a holistic view across all switches, devices, and applications. Without a clear overview, you cannot adequately assess your protection against threats and take appropriate action. There are often no concrete plans in place to counterattacks: do you switch off a device or patch it immediately? Rules and best practices are usually readily available but are not always applied consistently. In 2026, there is a great deal of work to be done in this area.”

• Lieven Van Rentergem is a Security Engineer at Check Point.
• Andy Quaeyhaegens is a Cybersecurity Expert at Netskope.
• Jesper Bork Olsen is Chief Security Officer at Palo Alto Networks.
• Lien Deleenheer is Security Specialist Sales Manager at Microsoft.
• Joshua Goldfarb is Field CISO at F5.
• Yves Lemage is Director of Systems Engineering Belux at Fortinet.
• Ronald den Braven is responsible for Product Management at Cisco Talos.
• Tom Horré is Strategy Lead Security at Proximus NXT.