{"id":15908,"date":"2026-03-06T08:15:05","date_gmt":"2026-03-06T08:15:05","guid":{"rendered":"https:\/\/newestek.com\/?p=15908"},"modified":"2026-03-06T08:15:05","modified_gmt":"2026-03-06T08:15:05","slug":"challenges-and-projects-for-the-ciso-in-2026","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=15908","title":{"rendered":"Challenges and projects for the CISO in 2026"},"content":{"rendered":"
\n
\n
\n
\n
\n
\n
<\/div>\n<\/section>\n

Sophisticated attacks and the incorporation of AI tools, talent shortages, and tight budgets are some of the challenges commonly cited when it comes to managing cybersecurity in organizations. In a changing environment, the key is no longer to stay one step ahead, but to maintain a resilient infrastructure that ensures a rapid response when \u2014 not if \u2014 a cyberattack occurs. In the coming months, many of the key issues from previous years will recur, but there will also be specific challenges: \u201c2026 is shaping up to be a year in which attacks will be faster, cheaper, and more credible, as AI and automation now perform much of the work that previously required time and skill,\u201d explains Marijus Briedis, CTO of NordVPN. Briedis also warns of what he calls \u201cthe growing monoculture of the internet,\u201d in which the supply of cloud platforms, CDNs, and productivity tools is concentrated among a few players, and therefore compromising any of these systems or providers has a significant impact.<\/p>\n

\u201cThe most important change, however, is trust,\u201d says Briedis, referring to deepfakes<\/a>, voice cloning, synthetic identities, and automated phishing chats, among others, which \u201cwill continue to erode trust \u2026 as criminals increasingly focus on authentication and cloud access, rather than just devices.\u201d He also draws attention to the quantum risk to digital security<\/a>, with criminal strategies such as \u201ccollect now, decrypt later\u201d forcing cybersecurity departments to improve their privacy and information protection tools.<\/p>\n

For \u00c1ngel Ortiz, director of cybersecurity at Cisco Spain, by 2026 \u201ccybersecurity will evolve towards models based on speed, automation, and continuous identity verification.\u201d He highlights the impact of generative and agentic AI in defining \u201can increasingly complex threat landscape,\u201d based on \u201clarge-scale automated cyber operations. Identity has become the new security perimeter, as attackers no longer need to break in but simply log in with stolen credentials.\u201d Cisco anticipates demand for \u201csecurity architectures that prioritize business resilience, alignment with business objectives, and the integration of AI as a foundational element for cyber defenses.\u201d<\/p>\n

\u201cThe main threats are along these lines: automated attacks thanks to agentic AI, with massive personalized cyberattacks that will use intelligent tools to \u201cidentify specific vulnerabilities and develop unique malware for each organization.\u201d The trend toward supply chain attacks will continue, Ortiz predicts, and deepfakes and cognitive attacks will boom, while ransomware attacks will be refined. \u201cIoT infrastructure and edge devices will also proliferate as attack vectors.\u201d<\/p>\n

\u201cToday, we no longer talk about cybersecurity as a purely technological field, but as an essential element for business continuity and, above all, for preserving the trust of our customers,\u201d explains Hazel D\u00edez Casta\u00f1o, global CISO of the Santander group. In this sense, the challenge for 2026 is to keep adapting in a \u201cdynamic and complex\u201d context. \u201cI like to talk about an anti-fragile approach, which goes beyond resilience: it\u2019s not just about resisting and recovering from attacks, but about coming out stronger from them, continuously improving our capabilities. All this must be done without creating unnecessary friction for the customer, ensuring a secure, agile, and simple digital experience.\u201d<\/p>\n

For Roberto Lara, director of cybersecurity at Vodafone Empresas (Enterprises), \u201cin 2026, cybersecurity will continue to evolve towards a more mature approach based on cyber resilience,\u201d in which the focus shifts from preventing incidents to \u201censuring operational continuity during an attack, reducing the impact and accelerating recovery. This vision consolidates cybersecurity as a strategic priority for senior management, due to its direct connection to business stability, corporate reputation, and regulatory compliance,\u201d Lara notes. <\/p>\n

As the main challenges, he points to AI as a vector of attack, which requires \u201cstrengthening detection and response capabilities through more proactive and agile defenses.\u201d Lara adds data sovereignty is \u201ca challenge that combines legal and operational factors in an increasingly complex global environment,\u201d with the sovereign AI approach gaining weight. Like Ortiz, he maintains the importance of risk management in the supply chain. \u201cAlthough regulation drives greater control over third parties, smaller suppliers remain a critical point due to their limitations in resources and maturity in cybersecurity.\u201d<\/p>\n

\u00c1lvaro Fern\u00e1ndez, sales director at Sophos Iberia, envisions 2026 around three key points: the systematic abuse of digital identities, the accelerated adoption of AI by attackers and defenders, and the amplification of human error as an attack surface. \u201cCybersecurity will evolve from a reactive approach based on perimeter controls to adaptive security models focused on continuous visibility, behavior detection, and automated response with human oversight,\u201d Fern\u00e1ndez summarizes. Among the main challenges is addressing what he calls the \u201ccybersecurity poverty line,\u201d referring not only to budgets but also to the lack of strategic leadership and talent. Fern\u00e1ndez also highlights the regulatory factor as an added pressure for companies.<\/p>\n

\n
\n

Hazel D\u00edez (Banco Santander), Roberto Lara (Vodafone), Marijus Briedis (NordVPN), \u00c1lvaro Fern\u00e1ndez (Sophos), and \u00c1ngel Ortiz (Cisco).<\/strong><\/p>\n<\/figcaption><\/figure>\n

Banco Santander, Vodafone, NordVPN, Sophos y Cisco. Montaje: Foundry<\/p>\n<\/div>\n

Key technologies to address 2026\u2019s challenges<\/h2>\n

Against this backdrop, Cisco defines AI as \u201cthe fundamental technology that will set the cybersecurity agenda in 2026,\u201d <\/strong>in the words of Ortiz, who refers to the company\u2019s Integrated AI Security and Safety Framework as \u201cone of the first holistic attempts to classify, integrate, and manage the full spectrum of AI risks.\u201d He adds XDR platforms<\/a> as \u201ca key element, unifying data from endpoints, networks, cloud, email, and identities into a consolidated view,\u201d and continuous context-based identity verification, which he believes \u201cwill become mandatory.\u201d <\/p>\n

The most important upcoming trends, according to Briedis, include: \u201cControls that reduce reliance on human trust signals: more robust authentication, better identity verification, and greater protection of credentials and sessions,\u201d through which exposure to credential leaks can be reduced.<\/p>\n

D\u00edez Casta\u00f1o adds AI and automation among the technologies that will set the agenda, as well as security models integrated from the design stage, which incorporate protection \u201cfrom the outset in digital processes, products, and services, rather than adding it at the end.\u201d Along with identity and access management, she trusts in \u201cthe ability to have a clear, real-time view of what is happening in the systems\u201d to \u201censure effective and balanced protection.\u201d However, technology will continue to be a fundamental lever, but always in support of a well-defined strategy, she adds.<\/p>\n

On the agenda for the coming months, Lara points to two priorities: \u201cintegrating actionable intelligence into defense and strengthening control over data,\u201d which will promote an evolution \u201ctowards a more coordinated model, with interconnected SOCs capable of sharing information in real time and activating increasingly automated responses to incidents.\u201d In addition, he foresees an increase in the adoption of secure communications, \u201cwith greater use of end-to-end encryption solutions, including reinforced mobile devices and environments for critical profiles,\u201d as well as simulations and virtual environments for training teams, testing crisis scenarios, and improving decision-making.<\/p>\n

Regarding her work for the coming months, D\u00edez Casta\u00f1o outlines a generic approach: \u201cOur priority will continue to be to strengthen a global cybersecurity model that is fully aligned with the group\u2019s strategy and has a very clear focus on the customer. This means continuing to evolve our prevention, detection, and response capabilities, as well as protecting the bank of the future, which is increasingly digital, interconnected, and cloud-based.\u201d They will also continue their work on security awareness and culture, \u201cboth within the organization and towards society.\u201d <\/p>\n

\u201cCybersecurity is a collective challenge, and collaboration, both with other companies and with the public sector, is essential. Sharing information, learning together, and acting in a coordinated manner is the only way to tackle a problem that affects everyone and knows no borders,\u201d she concludes.<\/p>\n<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

Sophisticated attacks and the incorporation of AI tools, talent shortages, and tight budgets are some of the challenges commonly cited when it comes to managing cybersecurity in organizations. In a changing environment, the key is no longer to stay one step ahead, but to maintain a resilient infrastructure that ensures a rapid response when \u2014 not if \u2014 a cyberattack occurs. In the coming months,… <\/p>\n

Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-15908","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15908","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15908"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15908\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15908"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15908"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15908"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}