SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Fingerprint scanner digital network interconnected supply chains ai cybersecurity
#
Cloud Security
#
Advanced Persistent Threat Protection
#
Supply Chain

Cybersecurity trends to 2026: AI threats, supply chains & identity

Mon, 24th Nov 2025
Author image
By Sean Mitchell, Publisher

Cybersecurity leaders are preparing for a shift in priorities as organisations worldwide adjust to new threats, driven largely by artificial intelligence and the expanding complexity of technology supply chains. Changes in how companies approach resilience, visibility and authentication are forecast to define the industry's trajectory into 2026.

Business alignment

Cyber resilience is expected to be seen as a business competency, rather than a function reserved for IT departments. Board members and chief information security officers (CISOs) must develop a shared language of risk that goes beyond compliance concerns to address operational impact. Companies are being urged to close the gap between security and strategy.

"Boards and CISOs will be forced to collaborate more closely, translating technical threats into financial, reputational, and operational impacts that executives can act on," said Jan Bee, Chief Information Security Officer, TeamViewer.

Bee also highlighted that CISOs should prioritise storytelling alongside traditional reports, attaching business outcomes to threat intelligence. Boards, meanwhile, are encouraged to consider cyber resilience as part of a competitive strategy, rather than as an isolated cost centre.

Visibility focus

Security programmes are predicted to shift from prevention to visibility. As cloud adoption grows and supply chains become more complicated, the ability to quickly detect threats will become critical. Organisations are moving away from the assumption that all breaches can be prevented, instead investing in technologies that improve the speed and accuracy of threat recognition.

Bee believes that adopting a "visibility mindset" is key in this environment. The emphasis will be on how quickly organisations can respond to breaches. Fast detection is likely to be prioritised over attempts to create impenetrable defences.

Supply chain risks

Third-party and fourth-party SaaS providers are expected to emerge as primary targets for attackers. As businesses transition further from on-premises infrastructure to external cloud-based solutions, identifying and securing all supplier networks is seen as an urgent challenge. Attackers are reportedly leveraging AI to automate their analysis of supply chains, reducing the time required to locate vulnerabilities.

Speed in securing supplier ecosystems is now regarded as essential. Security leaders should focus first on ensuring fundamental security for the most critical applications before overhauling complex systems, according to Bee.

Identity perimeter

The traditional network perimeter is being replaced by identity as the focal point of security. Single sign-on (SSO) is described as "fundamental" rather than optional, with Bee stating that failure to implement SSO universally across enterprise applications will be seen as a critical weakness.

Bee advises enterprises to treat identity management as the starting point for all cybersecurity initiatives, not as an added feature. Employees should be able to identify who accesses systems, including verification of names, emails and company affiliations to foster transparency.

The need to close the gap between deploying identity technology and actually using it across all systems is identified as a major priority for the coming year.

Password demise

Passwords are expected to become obsolete in organisational security strategies, replaced by platform-based and biometric authentication. Bee points out that while some compliance frameworks mandate password policies, these are increasingly seen as outdated.

Bee recommends eliminating passwords from authentication workflows entirely, instead focusing on platform and biometric authentication methods that are more secure and user-friendly. This shift is expected to result in improved security as well as a better experience for users. The transition away from passwords may also require collaboration between security and compliance teams, as regulatory requirements adapt to new technology.

"The organisations that make this transition in 2026 will be significantly ahead of their peers in both security posture and user experience," said Bee.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Asahi delays results as ransomware attack disrupts operations
Keeper Security named Overall Leader in non-human identity management
ATEN unveils secure KVM switches with 5K video for defence use
Cyber-extortion incidents surge as criminals target small firms
Teleport wins AWS award for securing high-growth infrastructure

Top stories

Digimune & MY CYBER GUARD launch Aussie ID shield
DivisionHex launches new framework to streamline exposure management
HP predicts surge in AI-driven cyber threats & cookie theft by 2026
Hack The Box launches AI cyber range & unveils red team certification
Dynatrace expands AWS integrations & wins LATAM partner award