Top Trends in Cybersecurity for 2026

14 January 2026 - ID G00840672 - 26 min read
By Alex Michaels, Will Candrick,  and 6 more
Agentic AI, postquantum risks and regulatory volatility are redefining the CISO’s remit. Gartner’s top trends in cybersecurity showcase how leaders must manage risk and build resilience by focusing on three core themes: transforming governance, securing new frontiers and normalizing AI adoption.

Analysis

Cybersecurity leaders face evolving external forces, including escalating geopolitical tensions and tariffs, diverging regulatory expectations, digital business decentralization, an accelerating threat landscape, and the rapid ascent of AI. These pressures are testing the limits of chief information security officers (CISOs), their programs and team performance. The impact of these forces is being felt across the cybersecurity domain (see Figure 1).
Figure 1: Impact of Macro External Forces
Cybersecurity leaders face challenges from evolving threats, digital decentralization, market volatility, supply chain risks, and limited GenAI value. Most organizations anticipate growing cyber risk and adjust strategies in response to external forces.
To successfully tackle these challenges, it is crucial to understand how these macroforces are fundamentally reshaping risk management, resilience strategies and resource allocation. These changes compel cybersecurity leaders to strategically navigate eight critical trends grouped into three core themes (see Figure 2).
Figure 2: Top Cybersecurity Trends for 2026
Key cybersecurity trends for 2026 include planning for postquantum threats, securing AI identities, adapting governance to new regulations, overseeing agentic AI, and managing GenAI risks that impact security culture and operations.
The analysis below details three core themes that collectively define the strategic pivot required for 2026:
  • Secure New Frontiers
  • Transform Governance
  • Normalize AI Adoption

Secure New Frontiers

Building resilient cybersecurity programs requires leaders to embrace innovation and proactively address the cybersecurity needs of emerging and future technologies. Effective leaders recognize that addressing risks associated with new technologies before widespread adoption can save significant resources both short- and long-term, rather than reacting after issues arise. Securing these new frontiers demands constant agility in response to change. This proactive stance compels leaders to act on concurrent threats and opportunities.
As the organization’s cybersecurity leaders, CISOs and CIOs have begun rationalizing AI — that is, developing a clear understanding of its requirements. This helps them to recognize hype and provide tactical guidance, both within their teams and outside their programs. In earlier years, it was still largely unclear how to protect against GenAI risks; however, now leaders have much greater clarity on how to support safe AI usage effectively. This includes aligning efforts with identity and access management (IAM) colleagues to secure agentic AI implementations.
Simultaneously, cybersecurity leaders are educating themselves and executives about postquantum cryptography (PQC). Rather than sounding alarms about PQC’s arrival, these leaders guide timely adoption as preparation against anticipated threats from cryptographically relevant quantum computers (CRQCs).
Cybersecurity leaders who pivot effectively will limit adverse business impacts from these emerging technological frontiers.

Transform Governance

Successful governance is measured by how effectively and efficiently cybersecurity delivers business value alongside program defensibility. Governance goals help shape technology choices accordingly. Emerging expectations from internal and external forces require leaders to rethink communication approaches, as well as how they scale processes and technology investments. Cybersecurity leaders must evolve their roles from controls or compliance managers to business-focused innovation drivers.
Despite ongoing discussions, many cybersecurity professionals still face limited agency and authority to drive meaningful change, which constrains their ability to build scalable programs aligned with broader business needs.
The core trends in this theme highlight how cybersecurity leaders are redefining their roles and evolving governance models to meet these demands. This includes carefully guiding cross-organizational responsibilities, such as privacy, data security, business continuity and AI governance — all without stifling innovation.
Leaders who embrace this transformation continue gaining improvements in program effectiveness, while strengthening an organizationwide culture of cybersecurity.

Normalize AI Adoption

CISOs and CIOs must normalize AI adoption to manage heightened risk stemming from human interaction, including both augmented external attacks and organizational use cases. Since 60% of all data breaches involve the human element, accelerated GenAI adoption significantly amplifies this risk.1 Effective leaders need to fundamentally rethink cybersecurity awareness, implementing security behavior and culture programs (SBCPs) designed specifically to address these human-driven risks. This includes mitigating sophisticated threats like deepfakes, which impact 35% of organizations,2 and pervasive internal “shadow AI” risks, where employees input sensitive information into unapproved tools.
Leaders are also tackling workforce-level AI adoption within their cybersecurity teams. The automation of foundational tasks quietly erodes critical skills over time by reducing practical learning experiences essential for developing future analysts.
To counteract this erosion and address skill gaps, leaders must prioritize augmenting staff capabilities over replacing roles outright. While the ability to augment staff capabilities varies by organization, depending on factors such as maturity and budget, leaders should prioritize intentional upskilling where feasible. Efficiency gains realized through automation should be reinvested into continuous reskilling programs for security operations center (SOC) staff focused on uniquely human skills, such as advanced threat hunting, data and output validation, and creative thinking around novel cybersecurity issues.
Table 1 links to the trends within each of the main themes for cybersecurity.
Table 1: Links to Trend Profiles

Secure New Frontiers
Transform Governance
Normalize AI Adoption
IAM Adapts to Secure and Enable AI Agents
AI and Cyber Resilience Redefine the CISO’s Remit
GenAI Breaks Traditional Cybersecurity Awareness Tactics
Postquantum Moves From Theoretical Risk to Action Plans
AI Democratization Drives Collaborative Data Security Governance
AI-Driven SOC Solutions Destabilize Operational Norms
Agentic AI Demands Program Oversight
Global Regulatory Volatility Drives Massive Cyber Resilience Efforts
CISOs must proactively engage with organizational changes to effectively manage cyber risks and build cyber resilience. Waiting for change to occur is not an option — CISOs need to actively assess each trend to determine whether to embrace, monitor, or deprioritize it.

Research Highlights

Some recommended content may not be available as part of your current Gartner subscription.

Theme 1: Secure New Frontiers

IAM Adapts to Secure and Enable AI Agents

Back to top
Analysis by Nathan Harris and Homan Farahmand
Description
As organizations deploy more AI agents, available IAM capabilities are rapidly evolving. CISOs are modernizing identity governance and credential issuance, and extending existing authentication and monitoring controls into AI deployments to avoid breaches and data loss while scaling AI adoption. Some existing IAM capabilities are already suitable for securing AI agents; others are rapidly evolving to meet emerging requirements. This research provides cybersecurity leaders with actionable strategies to adapt IAM functions, including identity registration, credential management automation and authorization controls, to secure agentic AI adoption effectively.
Why Trending
The rise of agentic AI introduces novel challenges that expose gaps in some traditional IAM approaches. While foundational machine IAM practices can be leveraged today, key capability gaps remain in most organizations. These gaps include
  • Identity registration and governance with clear outline of intended purpose and human accountability
  • Automated credential life cycle management
  • Fine-grained policy-driven authorization tailored specifically for machine actors
Failure to address these issues risks increased exposure from access-related cybersecurity incidents as autonomous agents proliferate within enterprise environments.
Implications
Cybersecurity leaders must recognize that uneven IAM maturity calls for a targeted, risk-based strategy, focusing investment where gaps and risks are greatest, and leveraging automation and integration where capabilities are strong. This approach is essential for enabling innovation, ensuring compliance and securing critical assets in AI-centric environments.
Actions
  • Assess and leverage existing IAM strengths: Evaluate current machine IAM strategies to identify foundational capabilities suitable for reuse across teams.
  • Enhance identity registration with intent and accountability: Prioritize improvements in identity registration processes that clearly assign purpose/intent and human ownership for AI agents.
  • Automate credential life cycle management: Simplify and accelerate credential management workflows to increase agility and reduce operational overhead.
  • Strengthen policy-driven authorization controls: Develop fine-grained authorization policies tailored specifically for nonhuman actors like AI agents.
  • Prohibit human credential sharing: Enforce unique identities for every AI agent linked directly to accountable owners; disallow sharing of human credentials with AI entities.
  • Tailor IAM strategies by use-case context: Distinctly update machine IAM approaches for workforce-facing versus customer-facing scenarios, reflecting their differing operational requirements.
For more information, see Cybersecurity Trend: IAM Adapts to Secure and Enable AI Agents.

Postquantum Moves From Theoretical Risk to Action Plans

Back to top
Analysis by Mark Horvath, Wayne Hankins, Sarah Almond
Description
As quantum computing advances rapidly, cybersecurity leaders are moving quickly from wondering if and when to prepare, to actively developing concrete plans that replace traditional cryptography with postquantum alternatives. This shift is driven by the looming threat that quantum computers could weaken or break current cryptography used to protect data and systems.
Why Trending
The accelerating pace of quantum computing development projects makes it likely that conventional asymmetric cryptography will become unsafe by 2030.3 Cybersecurity leaders must evaluate and adopt PQC solutions promptly, as remediation requires multiyear efforts.
  • Many organizations are proactively responding: 57% are prototyping or evaluating PQC algorithms, and 45% are improving their cryptoagility.4
  • If migration is delayed, leaders risk catastrophic data breaches, legal liabilities and financial losses from “harvest now, decrypt later” (HNDL) attacks already underway.
  • A successful quantum breach could lead to data breaches, transaction manipulation, system spoofing and account takeovers.
  • Readiness is hindered, as 61% of organizations lack full visibility into their cryptographic systems.5
Implications
Preparing for a postquantum world reshapes cybersecurity strategies by prompting organizations to identify, manage and replace traditional encryption methods, prioritizing cryptographic agility as a foundational capability.
Challenges to achieving cryptoagility include:
  • Ubiquity and diffusion: Cryptography permeates many vendor products or subsystems like IAM; identifying all instances is time-consuming.
  • Universal impact: Foundational network protocols such as Transport Layer Security (TLS) require upgrades, affecting entire business operations.
  • Expertise gaps: Most development teams lack the deep cryptoknowledge needed for performance tuning or handling larger key sizes in PQC algorithms.
  • Temporary measures: Hybrid certificates combining both classical and PQC keys offer only short-term relief; classical signatures will be unsupported in a few years.
Actions
  • Start engaging all vendors about their PQC roadmaps to assess alignment with your risk posture and strategic planning. Vendors unfamiliar with PQC should be reconsidered as secure partners.
  • Conduct a comprehensive cryptographic inventory, scanning all systems for cryptographic components. This step identifies legacy debt like expired algorithms or old TLS versions, while informing effort and budget estimates.
  • Establish a cryptographic center of excellence (CCoE) with joint governance centralizing IT, development and data security practices — to avoid fragmented migration approaches.
  • Prioritize PQC migration on assets requiring long-term protection beyond the projected 2030 deadline for conventional cryptographic safety, such as contracts, identities, entitlements and medical records.
  • Invest in enhancing cryptoagility enabling rapid updates/replacements without extensive recoding to support resilience against emerging threats.
For more information, see Cybersecurity Trend: Postquantum Moves From Theoretical Risk to Action Plans.

Theme 2: Transform Governance

AI and Cyber Resilience Redefine the CISO’s Remit

Back to top
Analysis by Will Candrick and Christopher Mixter
Description
The CISO role is undergoing radical transformation, driven primarily by broad enterprise AI adoption and rising demands for cyber resilience. To succeed, CISOs must expand their sphere of influence and evolve their leadership style to navigate persistent limitations in agency and authority, empowering them to lead the evolution of cybersecurity’s core mandate.
Why Trending
Two disruptors — the shift from cyberprotection to cyber resilience, alongside urgent needs to adopt and secure AI — are expanding CISOs’ responsibilities to protect and enable their organizations. This expanded remit often includes data governance (such as securing shadow AI), AI policy (guiding safe AI adoption standards), privacy, and business continuity management, plus operational technology (OT) or cyber-physical systems (CPS) security.
While this broader remit for CISOs can increase influence, leadership visibility and ties to business outcomes, it also introduces more opportunities for perceived failure among senior leadership.
Implications
CISOs are at a crossroads. They can either take on more task ownership and build a precarious tower of burdensome responsibility that invites control gaps and team burnout, or expand their sphere of influence to achieve an expanded remit through others. Choosing the latter allows leaders to leverage the upside of this shift, ensuring the long term effectiveness and sustainability of the cybersecurity program.
Actions
  • Expand influence, not ownership: Achieve objectives via influence and coordination with peers including CIOs, chief risk officers (CROs) and chief data and analytics officers (CDAOs) and orchestration rather than direct task ownership. Resist taking on new tasks without sufficient resources, and embrace constructive tension with C-suite colleagues as a catalyst for agile collaboration. Use the CISO Effectiveness Diagnostic to identify targeted areas to improve as a leader.
  • Center on cyber resilience: Prioritize minimizing business harm from successful cyberthreats equally alongside prevention efforts.
  • Manage AI expectations realistically: Adopt a pragmatic leadership persona that provides clear guidance on AI capabilities while carefully managing senior leadership expectations. Avoid overcommitment or assuming responsibilities better suited to others.
  • Shape board-level conversations: Build cybersecurity competence across full boards, and emphasize cyber resilience messaging to reshape board expectations. 93% of directors view cyber risk as a threat to shareholder value, and 98% believe cyber risk will increase over the next two years.6
For more information, see Cybersecurity Trend: AI and Cyber Resilience Redefine the CISO’s Remit.

AI Democratization Drives Collaborative Data Security Governance

Back to top
Analysis by Chiara Girardi and Andrew Bales
Description
As AI democratization spreads, decentralized data security decisions are increasing pressure on cybersecurity leaders to adopt collaborative governance models. These models create policies and standards that facilitate innovation while promoting greater accountability for sensitive data shared in AI models. Cybersecurity leaders must adapt policies and guidelines to reduce friction and enhance usability. Simultaneously, leaders need proactive strategies to monitor how data is used or misused with AI, without waiting solely on business updates.
Why Trending
The dynamic environment driven by AI advancements makes collaborative data security governance urgent. Cybersecurity leaders are taking proactive action because:
  • Human involvement remains central in most data breaches, caused by credential abuse, social engineering, human error and malware interactions, making organizationwide governance a critical priority.
  • Adoption of AI and shadow AI is surging; 86% of organizations pilot or scale GenAI; 69% of cybersecurity leaders have evidence of or suspect that employees use unauthorized public GenAI tools (shadow AI).2
  • Cybersecurity often remains an afterthought, with fewer than half of organizations involving cybersecurity functions early during GenAI adoption planning.7
Implications
Shadow AI is inevitable, yet manageable. Rather than blocking all innovation with rigid controls, cybersecurity leaders must accept business-led AI usage as reality and plan accordingly. This approach helps regain control over data security, while strengthening cyber resilience amid widespread, decentralized decisions about how enterprise data trains AI models.
Actions
  • Embrace collaborative governance that promotes greater business accountability to manage data security risks. Business-led innovation means empowering business stakeholders to make informed risk decisions, with increased accountability compared to centralized governance models.
  • Monitor for changes in user behavior alongside incident detection to gain visibility into evolving enterprise data sharing practices. Leading organizations define specific use cases for monitoring unusual access requests combined with technology solutions (e.g., DLP, AI usage controls), plus systematic review of exception requests.
  • Reduce security-induced friction by shifting away from control-heavy policies that are difficult to comply with. Instead, leaders should actively engage the business to co-create acceptable solutions that enable growth without compromising protection.
For more information, see Cybersecurity Trend: AI Democratization Drives Collaborative Data Security Governance.

Agentic AI Demands Program Oversight

Back to top
Analysis by Jeremy D’Hoinne and Craig Porter
Description
Employees are increasingly creating agentic functions using no-code/low code-platforms that spread rapidly without oversight. These AI agents take various forms: embedded within enterprise software or built as stand-alone tools supporting business tasks. Beyond expanding the external attack surface, this proliferation introduces risks from persistent “rogue automation,” where ad hoc agents operate in the background with excessive agency, often hidden from cybersecurity teams and abandoned after use.
Why Trending
CISOs cannot slow or pause AI initiatives as CEOs and CIOs push aggressive AI adoption to remain competitive, despite cybersecurity concerns:
  • Sixty-one percent of senior cybersecurity professionals have observed deployment of AI agent automation through approved enterprise software; 59% have evidence of or suspect unsanctioned, employee-driven AI agent usage.2
  • This usage is frequently concealed; 32% of IT workers using generative AI at work keep it hidden, complicating discovery efforts.8
  • Business and application leaders are converting custom-built chatbots into autonomous agents by connecting them to internal APIs and tools in pursuit of promised automation value.
Implications
Despite the low maturity of the supporting technologies, the pressure to purchase and adopt AI agents, and the ease of availability of vibe-coding tools to develop AI automations, is too high to resist for most organizations. CISOs must quickly catch up as indications of unmanaged AI agent adoption increase, or they risk losing control over “rogue” automations that operate with excessive agency outside of cybersecurity oversight.
Actions
  • Prioritize early-cycle data security and access management requirements. Recognize that only about an average of 41% of GenAI prototypes reach production among surveyed organizations,9 meaning that securing every custom-built pilot upfront may be inefficient.
  • Enhance existing discovery capabilities beyond visibility alone to detect both sanctioned and unsanctioned AI systems, while discerning intent behind agent usage.
  • Develop a framework categorizing AI agents based on data sensitivity accessed plus the agent’s autonomy level or “agency,” enabling prioritized risk reduction given practical constraints on addressing all agents simultaneously.
  • Audit critical cybersecurity controls for each agent, including enforcing unique identities and least-privilege access policies to contain potential risks effectively.
  • Create incident response playbooks tailored for rapid detection and containment of rogue automations, adapting existing workflows to match automated process speeds.
For more information, see Cybersecurity Trend: Agentic AI Demands Program Oversight.

Global Regulatory Volatility Drives Massive Cyber Resilience Efforts

Back to top
Analysis by Arthur Sivanathan, Charlie Winckless and Mia Yu
Description
Shifting geopolitical landscapes and evolving global mandates require cybersecurity leaders to adopt flexible, adaptive strategies that ensure both resilience and compliance. This trend involves reshaping governance and operating models to navigate fragmented regulatory environments while maintaining operational agility and mitigating organizational liability.
Why Trending
CISOs face an overwhelming regulatory storm. A tidal wave of global mandates, including SEC disclosures, NIS2, DORA, the EU AI Act and rapidly evolving APAC laws, is dismantling any illusion of unified governance. Coupled with escalating geopolitical turmoil and rising technonationalism, cybersecurity has become a critical business risk that could determine organizational durability worldwide.
  • Fragmented compliance landscape: Global regulations are rapidly evolving with new mandates, creating a complex web extending beyond traditional cybersecurity scopes.
  • Heightened accountability: Regulators increasingly hold boards and executives personally liable for failures in regulatory compliance and cyber risk management.
  • Strict reporting timelines: New laws often require incident reporting within 24 hours, demanding that robust, automated detection and notification processes be in place immediately.
Implications
Delay is not an option. Inaction risks substantial penalties, lost business and irreversible reputational damage. Cybersecurity leaders must act now to transform cybercompliance into a strategic advantage and secure your organization’s future.
Actions
  • Establish cross-functional compliance and accountability: Move beyond IT-centric ownership of cyber regulations by formalizing collaboration across legal, business units and procurement teams. Establish clear, shared accountability for cyber risk, ensuring boards and executives are aware of their personal as well as organizational liabilities under new regulations.
  • Develop unified control frameworks and data sovereignty strategy: Simplify and align global policies to recognized standards, such as NIST or ISO, to reduce gaps and overlaps. Proactively address data sovereignty concerns by evaluating cloud and vendor strategies, implementing geographic controls to foster trust and operational resilience. Consider using the Cybersecurity Controls Assessment to align to globally recognized frameworks, such as NIST CSF 2.0 and ISO27K.
  • Hone agile incident response and reporting: Develop and regularly test robust, automated incident response processes, meeting strict reporting deadlines (e.g., 24 hours). Integrate legal counsel and crisis management into planning, and ensure clear escalation protocols, plus transparent communication with leadership bodies, including regulators.
Prioritizing these actions will help mitigate risks effectively while strengthening market position, reducing legal exposure and reputational damage.
For more information, see Cybersecurity Trend: Global Regulatory Volatility Drives Massive Cyber Resilience Efforts.

Theme 3: Normalize AI Adoption

GenAI Breaks Traditional Cybersecurity Awareness Tactics

Back to top
Analysis by Alex Michaels and Richard Addiscott
Description
Accelerated GenAI adoption has broken traditional cybersecurity awareness tactics, causing efforts to reduce cybersecurity risk exposure to fail. Cybersecurity leaders must shift to SBCPs to address the specific “break” in defenses caused by unmanaged “shadow AI” usage and GenAI-augmented attack techniques that make detection increasingly difficult for employees.
Why Trending
The urgency stems from the fact that existing security awareness efforts have failed to reduce cybersecurity risk exposure in the face of GenAI adoption. Sixty percent of all data breaches involve the human element.1 With 86% of organizations piloting or deploying GenAI,2 this trend demands attention, due to:
  • Internal GenAI usage risk: Over 57% of employees use personal GenAI accounts for work purposes, and 33% admit inputting sensitive company information into unapproved tools.10
  • Adversarial weaponization: Threat actors independently leverage GenAI to increase sophistication and scale of external attacks. AI-assisted malicious emails have doubled in two years, and deepfake incidents now affect 35% of organizations.2
Implications
Managing these risks requires cybersecurity leaders to immediately strengthen behavioral and governance measures. Unmanaged GenAI usage exposes organizations to costly privacy breaches and intellectual property loss. Leaders must update SBCPs to distinguish between malicious GenAI outputs (attacks) and GenAI hallucinations (errors), as the mitigation strategies differ. To organize the response to these new behavioral risks, leaders are adopting the Practices, Influences, Platforms, and Enablers (PIPE) framework, rather than relying on general awareness training.
Actions
  • Fortify employee defenses: Shift from general awareness to AI-specific risk training that uses advanced attack simulations, covers deepfakes and phishing, and emphasizes the validation of unusual requests.
  • Bolster governance: Engage senior executives in building robust governance frameworks enforcing policies that manage secure AI development, while adapting existing oversight committees.
  • Embed secure daily practices: Educate employees on crafting secure prompts for AI systems, while emphasizing continuous human oversight for all AI-generated content.
  • Establish clear policies: Communicate policies for authorized GenAI use, focusing explicitly on data handling, intellectual property (IP) and privacy compliance.
For more information, see Cybersecurity Trend: GenAI Breaks Traditional Awareness Tactics.

AI-Driven SOC Solutions Destabilize Operational Norms

Back to top
Analysis by Pete Shoard and Jeremy D’Hoinne
Description
Fueled by cost optimization mandates and hyped promises, AI-driven SOCs are creating uncertainty. Cybersecurity leaders face a destabilized environment marked by staffing challenges, new retraining pressures, and uncertain costs of AI tools, which augments alert triage and investigation tasks. Immediate action is required to effectively respond to technological shifts while mitigating impacts on skill sets and workforce availability.
Why Trending
Executive pressure, combined with the high demand for efficiency, places SOC teams at a critical juncture:
  • Talent gap: Only 17% of executive and AI leaders believe their organizations possess sufficient talent to support AI initiatives.9
  • Skills erosion risk: Automating foundational tasks threatens the long-term viability of skilled SOC talent. Solutions promising to replace Level 1 triage risk reducing practical learning experiences essential for future cybersecurity analysts who are developing incident impact assessment skills. Leaders who neglect skill development will lose critical analytical capabilities over time.
  • Managing expectations: Rapid technology changes, plus executive pressure, reshape board-level expectations. SOC teams often struggle to align with mission-critical business priorities. When combined with hype around AI-driven tooling efficiencies, these factors create pressure to make premature changes in standard SOC processes before thorough testing or requirements gathering.
Implications
To successfully adopt AI in the SOC, leaders should prioritize augmenting staff capabilities rather than replacing roles, ensuring long-term operational health alongside ongoing skill development. Maintaining existing processes and roles without adaptation will cause organizations to fail.
Actions
  • Establish robust human-in-the-loop frameworks: Implement mandatory human checkpoints before deploying automated response actions. This requires upgrading workflows so analysts can audit and ratify actions using contextual business knowledge, which is essential for preventing catastrophic errors from unchecked automation.
  • Invest in continuous upskilling: Reinvest efficiency benefits from automation into reskilling programs for SOC staff, focusing the programs on uniquely human skills such as prompt engineering, coding, advanced threat hunting, data validation and creative problem solving for novel security issues.
  • Develop value-oriented AI roadmaps: Strategically plan AI adoption that prioritizes augmentation over replacement; focus on complex problem solving and articulating business impact, rather than mere cost reduction. Help boards recognize value through simplified cybersecurity insights enabled by natural language processing.
  • Recognize hidden costs: Account for overlooked costs of AI, including data processing overheads, security, retention, and unquantified future training burdens necessary for validating AI findings, as well as preventing new technical debt. Be skeptical of vendor claims that promise full human role replacement.
For more information, see Cybersecurity Trend: AI-Driven SOC Solutions Destabilize Operational Norms.

Acronym Key and Glossary Terms

CCoE
Cryptographic center of excellence
CPS
Cyber-physical systems
CRQCs
Cryptographically relevant quantum computers
DLP
Data loss prevention
DORA
Digital Operational Resilience Act
GenAI
Generative AI
HNDL
Harvest now, decrypt later
IAM
Identity and access management
NEDs
Nonexecutive directors
NIS2
Network and Information Security 2 Directive
NYDFS
New York Department of Financial Services
OT
Operational technology
PQC
Postquantum cryptography
SBCP
Security behavior and culture program
SOC
Security operations center
TLS
Transport Layer Security

Evidence

1 2025 Data Breach Investigations Report, Verizon.
2 2025 Gartner Cybersecurity Innovations in AI Risk Management and Use Survey. This survey was conducted to understand how organizations are managing the cybersecurity risks of generative AI (GenAI) and AI techniques that support it. The research was conducted online from 21 March through 9 May 2025 among 302 cybersecurity leaders in the North America (n = 181), EMEA (n = 71) and Asia/Pacific (n = 50) regions. Qualifying organizations reported enterprisewide revenue of at least $250 million or equivalent for fiscal 2024 and were senior cybersecurity management involved in activities related to AI cybersecurity risk management within their organization. Disclaimer: The results of this survey do not represent global findings or the market as a whole, but reflect the sentiments of the respondents and companies surveyed.
3 Gartner Strategic Planning Assumption.
4 2025 Data Threat Report, Thales.
5 Gartner Peer Community Poll: “Do you have an accurate inventory of all the cryptographic systems currently used at your organization?” The analysis presented is based on 60 responses from members of the IT and security communities as of 2025, after excluding those who were unsure or selected “other.” Due to the dynamic nature of polls, Gartner Peer Community will always have the most up-to-date results. Gartner Peer Community is a peer-driven platform where enterprise leaders can join engaging conversations, ask or answer polls, and participate in Gartner-packaged surveys. Community members go through a strict validation and verification process. The results of this poll are representative of the respondents who participated and may not be market representative, nor do they represent the views of Gartner.
6 2026 Gartner Board of Directors Survey. This survey aimed to explore board dynamics and practices, including board personality types, group dynamics and views on critical issues of the day. The survey was conducted online from 14 April through 22 May 2025 among 330 respondents from North America (n = 186), Europe (n = 70), Asia/Pacific (n = 64) and LATAM (n = 10). Respondents were nonexecutive members of a corporate board of directors at organizations across various company sizes and industries, with the exception of governments, nonprofits, charities and nongovernmental organizations (NGOs). Disclaimer: The results of this survey do not represent global findings or the market as a whole, but reflect the sentiments of the respondents and companies surveyed.
7 2024 Gartner Data Security in the Age of AI Advancements Survey. This survey sought to understand the practices that cybersecurity leaders should follow to better manage risks associated with data. The survey was conducted from June through August 2024. In total, 318 senior executives participated, who were involved in data security across organizations of different industries, geographies and sizes. This research was further substantiated and informed by in-depth practitioner interviews with over 40 chief information security officers (CISOs) to understand cybersecurity goals and challenges associated with data security, given the rapid rise in adoption of GenAI tools and technologies. Gartner used statistical analysis to measure and identify the most impactful data security practices for improving key cybersecurity outcomes. Disclaimer: The results of this survey do not represent global findings or the market as a whole, but reflect the sentiments of the respondents and companies surveyed.
8 2025 Technology at Work Report, Ivanti.
9 2024 Gartner AI Mandates for the Enterprise Survey. This study was conducted to understand how AI and generative AI (GenAI) are being adopted by enterprises, focusing on areas such as AI strategy, data, governance, literacy, engineering, organization, portfolio and value, to assist clients in keeping pace with AI’s rapid evolution. The research was conducted online from October through December 2024 among 432 respondents from the U.S. (n = 181), the U.K. (n = 70), France (n = 50), Germany (n = 50), India (n = 51) and Japan (n = 30). Quotas were established for company sizes and for industries to ensure a good representation across the sample. Organizations were required to have deployed at least one AI use case in production. Respondents were screened for C-level executives (e.g., chief AI officer, chief data officer, chief data scientist, chief digital officer, chief information officer, chief operating officer, chief technology officer or equivalent) or roles above vice presidents. All respondents were required to have high involvement in at least one AI initiative. Disclaimer: The results of this survey do not represent global findings or the market as a whole, but reflect the sentiments of the respondents and companies surveyed.
10 Gartner Secure Behavior Employee Perspectives Survey.This study was conducted to understand the prevalence of employee behaviors that increase cybersecurity risk and employee perceptions of organizational cybersecurity guidance. The study ran from 06/10/2025 through 11/05/2025 and the total sample size achieved was 175. Companies of any size qualified for this study. The sample represented organizations in North America (n = 66), EMEA (n = 40), Asia/Pacific (n = 67), and Latin America (n = 2). Respondents of any job level or function were eligible for this study. Disclaimer: The study was conducted online on Gartner's Peer community. The results of this survey do not represent global findings or the market as a whole but reflect the sentiments of the respondents and companies surveyed.
Sources for Figure 1 are as follows:
a 2025 Gartner Cybersecurity Innovations in AI Risk Management and Use Survey.
b Cybersecurity Controls Assessment Supply Chain Management. The benchmark offers a self-assessed view of controls implementation maturity against leading industry-recognized frameworks and standards. It enables cybersecurity leaders to conduct peer benchmarking relevant to their industry and level of risk exposure. The benchmark includes data from 494 organizations gathered between August 2023 and July 2025. Participating organizations represent a broad range of industries, geographies and sizes (based on revenue in U.S. dollars).
c Global Cybersecurity Outlook 2025, World Economic Forum.
d 2026 Gartner Board of Directors Survey.