We are currently devising a strategy for broad AI attacks using AI defenses. We'll train the AI extensively in how to recognize and counteract these attacks within cloud and hybrid environments. Necessity is the mother of invention, and that is what started this project. We design, build, and manage cloud environments for our partners, so reacting to this growing threat was inevitable. Security is paramount to our organization because our partners' are only as secure as we are. Third party access often results in breaches, and with these growing AI attacks, it's critical that we get in front of this growing threat.
Our primary focus for 2026 is implementing zero-trust architecture across all client endpoints, moving beyond traditional perimeter defence. With hybrid work becoming permanent, we must assume every network is hostile and verify every access request explicitly. This shift addresses the rising sophistication of identity-based attacks targeting remote users. It effectively renders stolen credentials useless without the accompanying verified context.
Cybersecurity pros: what's your top project for 2026? My top project for 2026 is scaling ZeroThreat.ai, our automated security testing platform. I'm focusing on making it faster, more accurate, and easier for teams to plug into their workflows. The mission is to give developers real security coverage without slowing them down. That's what I'm putting most of my energy into this year. Why is this project at the top of your list? It's at the top because I've always wanted to use AI to handle the repetitive parts of penetration testing. Most security teams spend too much time on basic checks that don't need human effort. Automating that work creates space for deeper testing. And for me, that's been a long-time goal. How will this project help your organization become more secure? This project helps us find issues earlier and gives developers clearer guidance on how to fix them. It strengthens our attack coverage without increasing workload. It also reduces testing cycles, which makes secure shipping easier. Overall, it boosts security maturity without adding friction. What inspired you to begin this project? The inspiration came from my own pain as a tester running the same tests again and again. I wanted a smarter way to scale security without burning out teams. The idea of combining AI with automated workflows felt like the right direction. That's what pushed me to start building ZeroThreat.ai. Are you receiving any support from vendors or colleagues? I'm not working with any external vendors right now. But my team at ZeroThreat.ai supports me completely. We bounce ideas, refine detection logic, and test every new feature together. That collaboration keeps the project moving forward. When will the project go live? It's already live and evolving. We ship improvements every week as we learn from real usage. New automation layers, better intelligence, and smoother workflows keep rolling out. It's more of a continuous journey than a single launch. Is there anything else you would like to add? I believe automation won't replace security teams; it'll support them. Offloading repetitive work lets us focus on the advanced testing that really matters. That's the entire philosophy behind ZeroThreat.ai. And it's what I'm most excited to push forward in 2026.
Head of Information Security Department and Principal Cybersecurity Architect at ScienceSoft
Answered 4 months ago
ScienceSoft is expanding its research into AI-assisted penetration testing as one of its key cybersecurity initiatives for 2026. In internal trials, we found that AI agents could handle routine tasks (vulnerability scans, basic exploits), freeing human testers for complex attack chains. But limitations were clear: frequent false positives, and one agent even misfired, targeting itself. AI won't replace pentesters, but we see real promise in hybrid workflows. Our focus now is improving accuracy, reducing noise, and safely automating repeatable tasks. Should you need any additional information or have further questions, I'm readily available to assist.
1. Cybersecurity pros: what's your top project for 2026? Our top project for 2026 is implementing full Zero-Trust Architecture across our client environments. This includes reworking identity, network segmentation, and continuous verification. It's the most comprehensive security modernization initiative we've undertaken and we are recommending it for all customers. 2. Why is this project at the top of your list? It's not just for us, it's also something we are implementing for clients and customers. Zero-trust is essential because perimeter-based security no longer protects against modern identity and lateral-movement attacks. For most orgs, infrastructure and workforce are too distributed for legacy access models. This project directly responds to the threat patterns we're seeing today across almost all organizations. 3. How will this project help your organization become more secure? Zero-trust minimizes the impact of any breach by restricting every user and system to least-privilege access. It also introduces continuous authentication and device-posture checks for every request. In practice, this dramatically limits attacker mobility inside the network. 4. What inspired you to begin this project? A series of industry breaches and our own tabletop exercises highlighted how exposed we were to lateral movement. As our cloud and SaaS usage expanded, our traditional VPN workflows became outdated. The need for a more adaptive, identity-centric model became obvious. 5. Are you receiving any support from vendors or colleagues? Yes, we're working closely with identity, endpoint, and segmentation vendors who are guiding technical implementation. Internally, IT, DevOps, and leadership are aligned on the cultural changes required. Cross-team cooperation has been strong because everyone understands the long-term benefits. 6. When will the project go live? The first major components will go live in mid-2026, including updated MFA and conditional access controls. Network segmentation and workload isolation will follow later that year. Full enforcement will roll out in phases throughout the year, across all or most of our client accounts. 7. Is there anything else you would like to add? Zero-trust isn't a product but a shift in how we think about security. It requires ongoing refinement rather than a single launch date. But once in place, it fundamentally strengthens our resilience against modern threats.
Our top cybersecurity project for 2026 is the full implementation of a Zero Trust Architecture. This project is at the top of our list because it directly addresses the fundamental shift we've seen toward cloud infrastructure and remote work, making the old perimeter defense obsolete. It will help our organization become more secure by eliminating implicit trust for all users and devices, drastically minimizing the attack surface and lateral movement for any threats that do get in. We were inspired to begin this project by the constant evolution of sophisticated threats and the clear need for an agile, future-proof security model.
One of the main focuses I have for 2026 is to do all the necessary work for our transition to a Zero Trust model where the identity is the central component, with continuous validation for the users, devices, and services. This is the most crucial project for me because the majority of present-day breaches are attacking with identity and access as their weapon, rather than going through the perimeter firewalls. By applying strong, non-reusable authentication, device malware detection, and access with the principle of using the least privilege possible in every environment, the project provides a rocketly decreased blast radius for any possible security breaches and also complicates the lateral movements largely. The work was driven by two main things: the data from real incidents that was a result of identity being the main vector in the attacks, and the inefficiency of managing the old and existing network-based security measures in an effective way. We are actively cooperating with selected categories of vendors in order to improve our identity and access management (IAM), endpoint detection and response (EDR), and network micro-segmentation tools, and I receive major support from our engineering and ops leaders. The main part of the new platform will have its launch in Q3 2026, with the first systems put on the risk register being dealt with first. The only thing I would like to mention is that this is not a "tool project" - it is a change of culture and design, and we, from the very first moment, are taking it as such.
2026 priority: AI Zero-Trust Security Fabric - a self-healing shield that autonomously spots and stops threats in under 4 minutes. It replaces manual SOC playbooks with real-time, intent-driven policy enforcement across all 11,000 tenants, identities, and data flows. No more 2 a.m. wake-ups. Why now: Three converging signals. First, our 2021 VPN brute-force post-mortem showed threats move 23% faster than human-led response. Second, my Jamisi platform grows 40% YoY—SOC hiring can't scale. Third, NIST AI-RMF and MITRE ATLAS confirm adversarial AI attacks are in production, not theory. This shifts us from reactive defense to predictive resilience while hitting the CFO's 30% OpEx reduction target. Security impact: MTTD drops from 18 minutes to 90 seconds. MTTR shrinks from 9 hours to 4.2 minutes. Graph-based anomaly detection cuts false positives 60%. Compliance evidence auto-generates at the API gateway—no more pre-audit scrambles. It protects $34M in annual recurring revenue from SLA-impacting breaches and frees two senior engineers for threat hunting, not alert fatigue. Inspiration: The 2021 brute-force attack I personally led at Bamidel. I blocked 1,400 IPs and rotated certificates in 36 hours only because I was awake at 2 a.m. That's tactical luck, not strategy. This project answers: "What happens when the next attack hits while I'm asleep—or when I'm scaling a national platform, not just one pipeline network?" Support: My core platform team—eight engineers who built our Kubernetes backbone over 18 months—owns infrastructure. I selectively engaged Microsoft's AI Red Team for adversarial model validation and Isotrope Labs for RL fine-tuning. No managed SIEM vendor lock-in; I code Sentinel KQL rules myself. CISO approved two headcount; CFO fast-tracked capex after my $4.1M FAIR quantification showed 78% risk cut. Go-live phases: Detection engine June 15, autonomous low-risk response July 31, full orchestration with human override September 30. Each phase requires purple-team validation—simulated attacks must fail before we proceed. No exceptions. Final thought: Security fails if humans distrust it. My book The Human Algorithm taught me adoption beats perfection. I'm running my 14-person product team through breach drills every Friday until muscle memory locks in. Tech is 30% of the project; the other 70% is making sure people sleep well because they trust the system, not fear it.
Our top cybersecurity project for 2026 is deploying an AI risk-mapping layer across every system that handles investor or founder data. The goal is to continuously detect when generative AI tools, browser extensions or "shadow agents" access sensitive information before those tools create new exposure points. We prioritized this after tracking incidents like the Google Gemini prompt-injection exploit and multiple DNS-based malware concealment attacks reported across the industry. In my experience, over 70% of enterprise AI tools operate at medium to critical risk levels. The attack surface has now shifted from endpoints to AI intermediaries. This project strengthens our security posture by building visibility into AI-driven workflows that traditional monitoring often misses. Vendors are helping us integrate telemetry hooks and zero-trust controls directly into these systems so the layer evolves in real time. The idea began as an internal frustration. They were too many tools but too little insight. Turning that frustration into a unified system became the foundation of this project. Now we plan to go live in Q3 2026 and believe this will set a new standard for operational security.
At Tuta Mail, a quantum-resistant encrypted email service, our top cybersecurity project in 2026 is to build a quantum-safe cloud storage solution that also lets you share files with end-to-end encryption resistant to quantum computers. The reason is simple: Quantum computing is making huge advancements right now, and once quantum computers can be scaled, the asymmetric encryption we use today to secure our communication will no longer be strong enough to protect our data. Upgrading to quantum-resistant algorithms for standard cloud storage is rather easy because all you need to do is use proven algorithms like AES-256. However, for encrypted file sharing the matter is more complex as you need to use new algorithms in a hybrid protocol together with tested, traditional algorithms. Nevertheless, we at Tuta believe we must act on this challenge as simply waiting until quantum computers can break currently used encryption is not an option. We estimate that we can release a first version of the quantum-safe encrypted Tuta Drive early in 2026. Then, we'll enable citizens and businesses to protect their emails, calendars, contacts and files with quantum-resistant encryption, which can have a huge impact on any company's cybersecurity strategy.
Cybersecurity Architect & Strategist at Fortune 100 Banking, BFSI, Defense
Answered 5 months ago
1. So The main project I'm prioritizing for 2026 is a security platform that detects and responds to network and cloud attacks automatically. 2. This tops list because cyber threats now hit way faster as we recently heard -1 as days to exploit, and I've seen that waiting even a few hours can mean real issue. We need defences that work in real time, not after the compromise. 3. This project improves security by catching breach attempts the moment they happen and responding before business systems are disrupted. It means less downtime, fewer headaches, and keeps regulator concerns low. 4. motivation comes from handling past security incidents and personal skills in ML and Security. Too many times, teams were swamped by useless alerts or buried in respoding to compliance team. thats why I wanted to replace that wasted effort with tools that actually solve problems. 5. our team is on board including colleagues from IT and compliance and especially business. We have tech vendors helping set things up, and top management is providing money and guidance. 6. planning to start with a pilot in the second quarter of 2026, then expand across the company by the end of the year and keep on improving the cycle. 7. In short: I want our security staff less burdened and up for other upcoming challenges, not just endless alert-chasing. The real win is making our company safer and our people stressed about new challenges.
1. Our top project for 2026 is the full implementation of GRC Engineering, which converges compliance and governance programs with active, measurable security operations. This shifts GRC from a periodic, document-heavy exercise to a continuous, automated function tightly integrated with the security architecture. 2. This initiative directly tackles the "Compliance Squeeze" our clients face: the need to demonstrate compliance (e.g., SOC 2, ISO 27001) to secure deals, despite the current process being manual, resource-intensive, and disconnected from effective security. We are changing the model so compliance becomes a real-time security efficacy metric, not a periodic checkpoint. By automating evidence collection and mapping compliance requirements to effective security controls, we free up engineering teams to focus on real risk mitigation. 3. GRC Engineering fundamentally shifts compliance from a point-in-time annual audit snapshot to a state of continuous validation. By using GRC platforms (like Secureframe) as the single source of truth and carefully mapping technical controls, any security posture drift triggers an immediate alert for both a security gap and a compliance failure. This immediate feedback loop ensures controls remain effective, making us genuinely more secure. For example, a failure in a critical endpoint patching control immediately alerts us to a security problem before an auditor finds it. 4. Technology: Modern GRC automation platforms (Secureframe, Scrut, Mycroft) have made this convergence technically feasible. Revenue Impact: Clients are losing deals due to a lack of a Trust Center or slow SOC 2 report production. Our methodology delivers a rapid, successful audit, then transitions to continuous, low-effort compliance supported by effective security controls. 5. We heavily rely on GRC automation partners, particularly Secureframe and Mycroft, for the platform foundation, leveraging their robust API and integration capabilities. We also collaborate with external auditing partners to pre-approve our continuous control evidence, which streamlines the final annual audit. 6. For our initial client cohort, the foundational GRC Engineering principles and control mapping are expected to be live and ready for SOC 2 Type 1/Certification audits in Q1 2026. This is a continuous strategic initiative structured into dedicated sprints for the full year, continuously expanding technical control mapping for more effective and continuous security.
My top cybersecurity project for 2026 is completing and deploying PatriotProoftm, my proactive national security platform that integrates FraudDNAtm, the Proactive Prevention Platformtm, the Autonomous Intelligence Security Frameworktm, and ScamAtlastm. This system is engineered to eliminate fraud at its origin, detect synthetic identity manufacturing, neutralize compromised data, and give agencies and civilians a real time view of national fraud activity. This project sits at the top of my list because the current security ecosystem is reactive, fragmented, and outdated. Monitoring, alerts, and credit bureau notifications are after the fact and do not prevent the crime. PatriotProof shifts the entire paradigm to prevention through American built artificial intelligence, Zero Trust design, quantum readiness, behavioral intelligence, and dark web threat discovery. Nothing in the market provides this level of proactive defense. This work will make my organization more secure by creating a unified architecture that blocks identity fraud before it occurs, correlates dark web activity in real time, and automates threat suppression across all stages of the fraud lifecycle. It moves my operation from isolated tools to a fully integrated national defense grid aligned with my mission of Protecting America Through Technology. I began this project after thirty three years in cybersecurity, artificial intelligence, and private investigation, seeing firsthand that no system truly stops synthetic identity or financial fraud at inception. Every year the threat scales while legacy tools remain static. PatriotProof is the solution I could not find, so I built it myself. I have limited support from high caliber engineers under strict Zero Trust controls. All development is American based, IP protected, and performed through secure, supervised environments. I control the architecture end to end with no external dependencies. The go live timeline is phased. The REAIM system completes January 15 2026. The PatriotProof prototype completes February 15 2026 with controlled testing and validation immediately afterward. The final point I will add is simple. PatriotProof is not a product. It is infrastructure for America's future. As The Proactive AI PI, my mission is to build sovereign, factual, defensible technology that keeps citizens safe. I am not ahead of the curve. I am the curve.
1. Top Project for 2026 My primary focus is to enable a comprehensive Software Composition Analysis Program to identify vulnerabilities associated with third party dependencies, packages and libraries and reduce zero day attacks. 2. Why This Project Is Priority One Based on the recent supply chain - zero day attacks including Shai Hulud I and Return of Shai Hulud Attack we see sophisticated supply chain attacks. Modern applications contain 80-90% open source code which enhances our attack surface. At enterprise scale with thousands of applications pulling dependencies from public repositories, we're trusting the entire development community with our security posture without proper visibility or controls. 3. Security Impact This delivers critical improvements: real-time vulnerability identification in dependencies before production deployment, automated alerts on newly disclosed CVEs, license compliance preventing legal risks, SBOM generation ensuring we know exactly what's in our software, elimination of unused or abandoned dependencies, automated remediation workflows creating tickets and suggesting patches, and executive dashboards quantifying risk across our portfolio for data-driven security investments. 4. Project Inspiration My conference research on supply chain attacks including Shai Hulud revealed how prevalent these incidents have become - SolarWinds, Codecov, malicious npm packages have infected hundreds of packages. Regulatory frameworks OWASP Top 10 2025 listed Software Supply Chain Failure in Top 3. 5. Support I'm evaluating multiple SCA platforms for seamless toolchain integration. Collaboration with DevOps and platform engineering teams is essential to avoid creating development friction. 6. Go-Live Timeline Evaluate products that identify SCA vulnerabilities including both direct and indirect vulnerabilities. Pilot the products on sample repositories to identify the operational details of the product before a full integration.
1. Move to a point where every control gap / finding requires the owner to prove ongoing compliance with a strong, verifiable metric, as real time as possible, not just a quarterly attestation. 2. It powerful, measured, high accountability, and it outlasts any tenure I might survice. 3. Fixing the gap, finding helps them "become more secure", this projects helps them STAY more secure 4. My book on Converged Security Metrics and haven't see a GRC program or tool do it. 5. Colleagues, yes. Vendors, not so much, because many times their the owner of the gap, finding, and .....metric 6. Hoping to pilot in Q1 7. This works across the entire converged security spectrum. Start with 10 gaps/findings and work your way up from their.
My top cybersecurity project for 2026 is expanding our real time anomaly detection across all transaction activity. The focus is on catching subtle behavioral shifts faster so we can act before they become high impact incidents. This is my priority because our platform runs nonstop and even small delays in detection can affect user confidence. The project will strengthen our security by improving how we flag irregular patterns, compare them with historical baselines, and route alerts with clearer context for faster decisions. I began this work after seeing how quickly threat behavior evolves in high volume crypto environments. We are partnering with vendors who specialize in machine learning analytics, and our engineering teams are providing the data and operational knowledge needed to shape the system. We expect the first version to go live in the second half of 2026. The goal is to reduce reaction time and improve accuracy so we stay ahead of emerging threats.
I run an electrical contracting company in South Florida, so my 2026 cybersecurity project is actually protecting our customer data from ransomware--specifically their home access codes, gate codes, and security system credentials we store for 24/7 emergency service calls. We had a close call last year when a phishing email almost compromised our dispatch system. If that had succeeded, criminals would've had physical access information to hundreds of homes and businesses across Palm Beach County. That's when I realized our "cybersecurity risk" wasn't just about losing files--it was about customers getting robbed because we got hacked. We're implementing encrypted customer portals by April 2026 where clients control their own access credentials, and our techs receive temporary one-time codes per service call. Our office manager suggested we partner with our existing scheduling software vendor to build this in, which cut development costs by 60%. The system auto-purges access data 48 hours after job completion. The wildest part? When I explained this to commercial clients during estimates, three of them specifically chose us over cheaper competitors because we took their physical security seriously. Turns out "we won't accidentally help someone break into your building" is a pretty compelling sales pitch for an electrical contractor.
**Top priority for 2026: Teaching investigators to recognize AI-generated evidence manipulation before it reaches a courtroom.** I'm building a specialized training module within our Certified Expert in Cyber Investigations program that teaches investigators how to detect deepfakes, synthetic documents, and AI-altered digital evidence. We're seeing cases collapse because investigators can't articulate *how* they know evidence was manipulated--they just have a gut feeling. **This matters because criminals are already using AI faster than law enforcement is learning to counter it.** Last month, a fraud investigator in our network nearly built an entire case on fabricated financial documents that ChatGPT helped create--the formatting was perfect, the language was professional, but the account numbers didn't exist. When investigators can't definitively prove manipulation, defense attorneys tear them apart on cross-examination. **The wake-up call came from a trafficking case where the suspect used AI voice cloning.** The investigator knew something was off about the recorded "consent" calls, but couldn't document the technical indicators that would hold up in court. I realized our programs were teaching people to *find* digital evidence but not how to *authenticate* it in an AI world. **We're partnering with former FBI digital forensics specialists and bringing in case studies from active investigations** (with proper clearances, obviously). Module goes live in our summer course update--lifetime access means our existing 4,000+ organizational clients get this training automatically without paying for recertification. The goal isn't just catching bad guys; it's making sure the cases actually stick when they get to trial.
I run equipment operations at Kelbe Brothers in Wisconsin, and honestly? My top 2026 project isn't sexy cybersecurity--it's preventing equipment theft through our telematics integration across our rental fleet. We lose about $180K annually to theft and unauthorized equipment use. Last year someone rented a compact track loader "for a weekend job" and we found it three counties over being used on a completely different site. Our GPS tracking caught it, but only because a service tech manually checked the system five days later. Now we're rolling out geofencing alerts with our rental management portal (MyDealer) that automatically flag when machines leave job boundaries or operate outside rental hours. The system ties directly to our 24/7 dispatch, so we catch problems in hours instead of days. Our parts manager Colleen helped us structure it so customers can opt into the monitoring for insurance discounts--turns security into a selling point instead of Big Brother surveillance. We're testing with 50 machines in March 2026, full fleet by July. The ROI math is simple: if we prevent two theft incidents, the whole system pays for itself. Plus our insurance carrier is already talking about premium reductions once we hit 80% fleet coverage.
My top cybersecurity project for 2026 is implementing an integrated, AI-driven threat-detection system that monitors patient data across every digital touchpoint. When I'm asked why this project is at the top of my list, the answer is simple: healthcare data has become one of the most targeted and vulnerable categories of information, and I've personally seen how one weak link can jeopardize not just privacy but patient trust. Several years ago, a partner clinic experienced a near-miss breach involving unsolicited access attempts to their appointment-scheduling backend. I was brought in to advise, and watching the staff scramble to manually verify the integrity of those systems was a turning point. That moment made me realize we needed proactive, automated security—not reactive cleanup. This project will strengthen our organization by identifying anomalies before they can escalate. Instead of relying solely on human monitoring, the system learns behavioral patterns, flags irregular activity, and isolates potential threats without disrupting patient care. The inspiration came from observing the growing overlap between digital health, telemedicine, and cloud-based recordkeeping. As more patients rely on virtual consultations, securing those channels becomes as essential as securing the exam room itself. A few trusted vendors are supporting the initiative by customizing tools to handle medical workflows, and several colleagues are helping refine the protocols so they're practical for day-to-day use. Our go-live window is late Q3 of 2026, once we finish stress-testing the platform with real clinical scenarios. The only thing I'd add is that cybersecurity in healthcare isn't just a technical project—it's a patient-safety imperative. Every advancement in medicine depends on trust, and safeguarding data is becoming as important as safeguarding health itself.