Cyberattackers will press the advantage in 2026

Are cyberattackers winning?

As we head into 2026, there’s still a significant dearth in the number of cybersecurity professionals available to protect critical infrastructure, and AI tools can’t fully replace human expertise. But the picture is more complex if you look closer.

Cash out. Richard Bird, Singulr AI CSO, told IT Brew that attackers have at least one major advantage—the AI environment is more favorable to their interests.

“The barriers to entry for being a bad guy have dropped substantially,” Bird said. “Whatever I can’t build myself, I can rent, lease, or buy.”

AI comes up. HackerOne CEO Kara Sprague sees things slightly differently, that 2025 was a year when attackers won some advantage due to AI-driven code and other technological innovations. Cybersecurity has always been asymmetric on one side or the other, and 2026 is likely to continue to follow this trend.

“In this past year, the advantage went to the cyberattackers, largely because they don’t have the same barriers and speed bumps to adoption of AI that many cyber defenders have, such as corporate governance processes and testing,” Sprague said.

Using AI only makes things worse, not because the technology allows for more complex attacks but because it makes it easier for attackers to flood the zone. That will continue in the next year, Bird predicted.

“The reality here is we’re going to see the imbalance swing even further away from the defenders, more towards the bad actors, simply because the bad actors are using AI for what it was intended to be used for—which is to make your job easier and make you faster,” Bird said.

Attack the block. Usage of AI on the defender side continued to slip behind attackers in 2025, and David Brauchler, NCC Group technical director, believes that next year things are only going to get worse. Defenders using AI are opening themselves up to threat actors who can manipulate the same systems meant to protect them.

“Defenders are so far on the back foot, they’ve already fallen over,” Brauchler said. “They’re not thinking about the problems, they’re not thinking about the risks, and they don’t realize where their blind spots are when it comes to AI-integrated applications.”

The speed with which attackers deployed AI and made gains in 2025 has Srinavas Mukkamala, the CEO of Securin, concerned about the ability of defenders to keep up. But there are some encouraging signs for the next year, with accelerated innovation on the defender side. Still, the attacker side is moving quickly, too, so it’s good to keep perspective.

“I’m afraid to even say we are close to winning again,” Mukkamala said.