The AI Journal: From Sign-Ins to Silent Breaches: The New Frontline of Cybersecurity in 2026
Giles Inkson, Director of Services for EMEA at NetSPI, writing in The AI Journal, explores how cybersecurity in 2026 will be defined less by dramatic breaches and more by subtle, legitimate-looking access that slips past traditional controls. Read the preview below or view it online.
+++
From Sign-Ins to Silent Breaches
Giles Inkson points out that most future breaches will not begin with malware or network exploitation, but with logins that appear routine. As organisations harden endpoints, segment networks and move infrastructure behind SaaS platforms, attackers are adapting by blending in rather than breaking in.
Inkson highlights identity as the primary battleground. Single Sign-On, while essential for productivity, creates new risk when stolen sessions or OAuth tokens allow attackers to bypass MFA entirely. Combined with privilege sprawl, MFA fatigue and poorly correlated identity logs, organisations are increasingly blind to “odd but valid” behaviour that enables lateral movement without triggering alarms. In response, forward-looking CISOs will treat identity systems as critical infrastructure, applying tighter privilege by default, faster session revocation and deeper correlation across cloud, SaaS and endpoint telemetry.
The article also examines the growing impact of AI on both attack and defence. Attackers are expected to move beyond generic AI tooling, tuning models using organisation-specific data to scale highly targeted reconnaissance and social engineering. At the same time, red teams will expand testing to include AI-driven systems, probing chatbots, copilots and internal assistants as real attack surfaces rather than novelty tools. Inkson notes that many organisations will struggle less with exotic AI threats and more with basic governance, such as understanding what data employees are feeding into AI tools and where that data is going.
Finally, Inkson points to a stricter regulatory environment, where continuous testing replaces annual assurance. Penetration Testing-as-a-Service will increasingly support real-time evidence mapped to frameworks such as GDPR, NIS2 and DORA, shifting compliance from paperwork to proof.
The organisations that succeed in 2026, Inkson concludes, will not be those with the largest security stacks, but those that can continuously demonstrate that their fundamentals work as threats evolve.
You can read the full article here.
Explore More News
VM Blog: Five Security Shifts that Will Define 2026
Joe Evangelisto outlines several critical shifts demanding executive attention. As organizations move from open AI experimentation to governed application, leaders must implement safeguards to manage data exposure and ensure system integrity.
DataCenter Knowledge: Defending at Scale – The Importance of People in Data Center Security
As the demand for AI, cloud computing, and digital infrastructure drives rapid data center expansion, the importance of robust security measures has never been greater. In a recent conversation, Dalin highlights why human factors remain central to effective data center security, even in an era of advanced technology.
Security Week: Exploring AI-Assisted Social Engineering Attacks to Help Prepare Leaders for What Lies Ahead in 2026
SecurityWeek interviewed NetSPI’s Director of Social Engineering, Patrick Sayler, for Cyber Insights 2026 exploring AI-assisted social engineering attacks to help prepare leaders for what lies ahead in 2026.