Coinciding with World Information Security Day, Trend Micro takes stock of a decade that has completely redefined cybersecurity and forced companies and institutions to evolve at the pace of increasingly sophisticated threats.

The company has analyzed how the emergence of ransomware, the arrival of the cloud, the rise of teleworking and the explosion of generative artificial intelligence have transformed both the perimeter and the defense strategy. According to José de la Cruz, technical director of Trend Micro Iberia, “cybersecurity has gone from being reactive to becoming a continuous exercise in risk anticipation and management.”

A decade of turning points

In 2015, the cybersecurity industry was still focused on traditional preventive models that attempted to stop threats before they reached the user. The lack of visibility drove pioneering solutions such as Deep Discovery Inspector, which anticipated the current NDR approach.

The year 2016 was dominated by ransomware and gave rise to more advanced detection techniques, such as predictive machine learning. In 2017, attacks became multi-vector, combining phishing, lateral movements and server exploitation in increasingly complex campaigns.

The massive migration to the cloud in 2018 blurred the traditional perimeter and significantly expanded the attack surface. In 2019, the Zero Trust philosophy drove the development of XDR, capable of correlating telemetry from multiple sources to provide a unified view and reduce the impact of incidents.

The 2020 health crisis marked a before and after: teleworking turned devices, identities and remote services into the new corporate perimeter. XDR has established itself as a key piece in detection and response within the business cybersecurity ecosystem.

In 2021, a stage of technological rationalization began that culminated in Trend Vision One, the platform that unifies protection, detection and response in a single environment.

In 2022, organizations consolidated Zero Trust-based strategies while facing increasingly sophisticated attacks that mixed encryption, data theft, extortion, and dark web auctions.

The arrival of NIS2 and DORA placed risk management at the center of the debate in 2023. A year later, generative artificial intelligence revolutionized both defensive mechanisms and attack techniques, introducing unprecedented risks such as the malicious use of deepfakes or information leaks. Trend Micro incorporated AI into its processes to improve detection, streamline support, and ensure responsible use of generative models within corporate cybersecurity.

The 2025 experience, key to the future

During 2025, the company has signaled a qualitative leap in its Trend Vision One platform, which has evolved towards a more mature comprehensive cyber risk management capable of helping organizations comply with DORA, NIS2 or the National Security Scheme (ENS). Through greater integration with third parties and broader use of AI, the platform aims to increase efficiency and strengthen cybersecurity in increasingly distributed environments.

In Spain, this advance comes at a time when incidents are growing. According to INCIBE data, the country exceeded 80,000 attacks in the last year, with a notable increase in ransomware, digital scams and attacks on the supply chain, phenomena that underline the importance of reinforcing public and private cybersecurity.

2026, the tipping point of criminal automation

Looking ahead to 2026, Trend Micro anticipates a scenario dominated by the complete industrialization of cyber threats, driven by artificial intelligence and automation. According to its latest report, attackers will use autonomous systems capable of executing end-to-end campaigns without human intervention. Ransomware will evolve towards self-managed models, supply chain attacks will increase, and APTs will reach an unprecedented level of precision thanks to automation. Cloud, hybrid environments, and corporate AI systems will become priority targets for misconfigurations, SaaS dependency, and API exposure, forcing a rethink of cybersecurity in these architectures.

By 2026, ransomware will evolve toward self-managed models, supply chain attacks will increase, and APTs will become more precise with automation.

“The coming years will be decisive for CISOs. They need simple and effective strategies based on visibility, risk reduction and coordinated response. Complexity cannot be an obstacle to security,” says José de la Cruz.

Trend Micro reaffirms its commitment to accompanying Spanish organizations in a scenario where threats multiply, the attack surface grows and risk management is consolidated as the pillar of modern cybersecurity.

Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.