Artificial intelligence is revolutionizing business processes while its democratization poses significant cybersecurity risks. Geopolitical tensions intensify through attacks on critical infrastructure and quantum computing advances, introducing new challenges that directly impact cybersecurity. With these premises, 2026 will be a year of great challenges for those responsible for cybersecurity in companies, which is why Fortinet experts have prepared their predictions for CISOs.
AI as a security risk
The massive use of AI models involves critical risks, from the opacity of certain systems to the exposure of data in the cloud. Both the frequency and severity of LLM-related incidents are expected to increase in 2026, requiring internal cybersecurity to be strengthened.
Deep fakes and misinformation
The creation of hyper-realistic audio, image and video will drive more sophisticated social engineering and BEC attacks, generating new pressures on organizations’ cybersecurity.
Geopolitics as a cyber threat
Organizations linked to geopolitical tensions will continue to be targeted by state actors attacking financial platforms, so CISOs will need to incorporate these threats into their cybersecurity plans.
Regulations and legal pressure
Regulations will raise standards and demand greater responsibility from suppliers and companies, driving more mature cybersecurity infrastructures.
The comfort of Quantum
Although quantum computing does not represent an immediate risk, strategies such as “collect now, decrypt later” make it necessary to anticipate measures and reinforce cybersecurity in the medium term.
Tasks such as:
• Develop resilience and accept inevitable interruptions.
• Manage AI as a controlled capability, protecting models and data.
• Protect non-human identities and AI agents through continuous verifications.
• Break down silos and encourage constant learning and testing.
Success will come to those who combine technical depth and strategic vision, transforming security into a force that drives resilience, trust and growth.
Cybersecurity skills
For the past three years, one of the top concerns for CISOs has been the lack of cybersecurity skills. Fortinet has been working to close this gap, helping to train one million people in cybersecurity by the end of 2026, and we are on track to achieve that goal.
However, Fortinet’s 2025 Cybersecurity Skills Gap Report shows that multiple issues remain:
Success in cybersecurity will come to those who combine technical depth and strategic vision
IT leaders stated that the main causes of breaches were a lack of security awareness (56%) and a lack of IT security skills and training (54%). Additionally, 49% of leaders do not believe their board members are aware of the risks posed by using AI.
The good news is that 89% of organizations now prefer to hire candidates with certifications.
Generation Z (born between 1997 and 2012) is already consolidated in the labor market, and Generation Alpha (born between 2013 and 2029) will join the labor market in the coming years.
These current and future employees are not accustomed to “corporate” technologies like email. Since many new workers were trained in the digital age, where information is abundant but attention is limited due to platforms like TikTok, YouTube and Instagram, we must adapt our approach to recruiting, training and, ultimately, work.
Fortinet points out that mastering AI will become a basic skill, not a specialty
Worse yet, AI is growing so rapidly that it is replacing many of the entry-level positions that recent graduates could have trained in. This would mean there would be no stepping stone to the higher positions still required.
According to this, Fortinet points out that mastering AI will become a basic skill, not a specialty. For this to happen, it will need to be integrated into every student’s curriculum if tomorrow’s workforce is to be prepared for an AI-driven world.
As today’s entry-level positions evolve or disappear, those who understand how to apply and protect AI will advance faster, while organizations and educators who fail to adapt risk losing an entire generation of future cyber talent.
