2025 has proven itself to be a groundbreaking year for networking, security and cloud. With the proliferation of AI technologies, new global regulations and the growing complexity of cloud infrastructure, IT teams have found themselves on constantly shifting sands.
That state of flux is only set to accelerate in 2026. IT teams shouldn’t just try to weather the storm; they need to be dynamic and adaptive, leaning into new approaches and continuously staying ahead of emerging threats.
To help teams prepare for what’s next, our Infoblox experts shared their predictions for how the IT landscape will evolve in 2026.
AI-Driven Threats Reshape the Cyber Battlefield
Scott Harrell, Chief Executive Officer
The mass personalization of cyberattacks will disrupt the classical kill chain model, making it more challenging for security teams to predict and prevent attacks—and making it more likely organizations will be patient zero. With AI, attackers can tailor their strategies to target specific individuals or organizations, rendering traditional defense mechanisms less effective. This shift will require security teams to develop new approaches to detect and mitigate highly personalized threats.
Brad Rinklin, Chief Marketing Officer
Polymorphic and sentient malware will become more prevalent, posing a significant threat to cybersecurity. This type of malware will be capable of changing its code and behavior to avoid detection, making it harder for security systems to identify and neutralize it. The emergence of sentient malware will mark a new era in cyberthreats, where AI-driven attacks become increasingly sophisticated and resilient. It’s critical to invest in advanced detection and response capabilities to stay ahead of these evolving threats.
Craig Sanderson, Principal Cybersecurity Strategist
The hyper-personalization of attacks, as seen in Japan, will become more prevalent, making it harder to defend against targeted threats. Attackers will increasingly tailor their strategies to specific individuals or organizations, rendering traditional defense mechanisms less effective. This trend will require security teams to develop new approaches to detect and mitigate highly personalized threats. The challenge will be to stay one step ahead of attackers who are becoming more sophisticated in their methods. The obvious technological shift will be the use of AI in threat intelligence generation and a new approach that targets the infrastructure threat actors use, rather than targeting each campaign.
Cybercrime-as-a-Service and the Democratization of Attacks
Coleman Mehta, Head of Global Public Policy and Strategy
In 2026, the ease of executing attacks without technical proficiency will lead to an increase in cyberthreats. As attack tools become more user-friendly, individuals who previously lacked the skills to launch cyberattacks will now be able to do so. This will result in a surge of cyberthreats. The democratization of cyberattack capabilities will pose a significant challenge for global cybersecurity efforts.
Chris Usserman, Global Public Sector Chief Technology Officer
Cybercrime-as-a-service will supercharge financially motivated threat actors. Financially motivated groups are no longer limited by their in-house skills, largely fueled by an AI-enabled ecosystem. In 2026, they’ll further expand their capabilities by tapping into a maturing cybercrime-as-a-service ecosystem, outsourcing everything from exploit kits to credential dumps and initial access brokers. This further industrialization of cybercrime will continue to blur the line between opportunistic and highly skilled adversaries, accelerating the pace and impact of financially motivated attacks.
John Wojcik, Senior Threat Researcher
In 2026, we will see a significant acceleration of automation within the cyber-enabled fraud industry in Southeast Asia. This region will face substantial challenges as cybercriminals and scam centers respond to mounting law enforcement pressure by increasing their rate of AI-driven tool adoption and integration amidst disruptions within their human labor supply chains. The use of deepfake software suites and jailbroken large language models for social engineering will become more prevalent, making it increasingly difficult to detect and prevent fraud. This shift will require a concerted effort to detect, let alone address and mitigate the growing threats.
The Rise of Autonomous Systems and Agentic Operations
Scott Harrell, Chief Executive Officer
As cloud infrastructure grows more dynamic and complex, the traditional human-led troubleshooting model is reaching its limits. Even without AI, the sheer scale and fluidity of modern cloud environments, combined with intricate networking and security layers, already challenge human comprehension. Add intelligent agents into the mix, and we’re entering a world where machines not only detect anomalies faster than humans but also resolve them in ways that are too fast, too subtle and too interconnected for manual intervention. This represents a paradigm shift where human troubleshooting becomes obsolete and trust in autonomous systems becomes essential.
Danelle Au, Vice President, Product Marketing
In 2026, SOC teams will increasingly use AI to reduce the burden on analysts, improving efficiency and effectiveness. By automating routine tasks like triage, forensic collection and real-time data correlation, AI will allow analysts to focus on more complex and strategic issues. The integration of AI into SOCs will be a game-changer for the cybersecurity industry.
Faraz Aladin, Vice President, Technical Marketing
Security teams will need to undergo a mindset shift to fully utilize the capabilities of AI and stay ahead of emerging threats. Embracing AI as a critical component of our security strategy will be essential in addressing the increasing sophistication of cyberthreats. This shift will involve continuous learning and adaptation to keep up with the rapidly evolving technology landscape. By fully leveraging AI, we can enhance our defenses and better protect against future threats.
The Expanding Attack Surface: IoT, Cloud and Supply Chain Vulnerabilities
Scott Harrell, Chief Executive Officer
IoT devices will become a bigger target for attacks due to the ease of creating and deploying attacks against them. The proliferation of IoT devices in homes and businesses presents an opportunity for attackers to get persistent footholds from which they can pivot and launch attacks or wreak havoc and create disruption of operations. With AI, it will be more attractive to develop and execute attacks on these devices, leading to an increase in IoT-related security incidents.
Dr. Renée Burton, Head of Infoblox Threat Intel
The adoption of cloud services for all aspects of businesses combined with the necessity to maintain accurate DNS records for these services will continue to expose enterprises to risks, including brand reputation and compromise of their own systems. These attacks are most often via dangling DNS records and are ones already experienced by most large enterprises.
Chris Usserman, Global Public Sector Chief Technology Officer
Threat actors will increasingly target third-party vendors and managed services, especially those with embedded access to customer environments. Compromising a single solution provider can provide immediate access to hundreds of downstream organizations. This “one-to-many” attack model, seen in recent supply chain breaches, will drive demand for implementing comprehensive Zero Trust principles, calls for tighter vendor vetting (i.e., product certifications) and extending continuous monitoring of partner activity.
DNS as the Foundation of Cyber Resilience
Cricket Liu, Executive Vice President and Chief Evangelist
Governments worldwide will increasingly mandate or strongly recommend the use of Protective DNS services as part of national cybersecurity strategies. This will be especially prevalent in sectors deemed critical infrastructure—such as healthcare, energy and finance—where threats can have outsized impacts.
Protective DNS technologies will become more intelligent, incorporating behavioral analytics, machine learning and real-time traffic flow analysis. Instead of simply blocking known malicious domains, systems will detect anomalies in DNS queries—such as unusual query volumes, timing patterns or geographic inconsistencies—that may indicate command-and-control activity or data exfiltration.
Dr. Renée Burton, Head of Infoblox Threat Intel
Though attackers will become faster and more sophisticated by using language models and deepfakes, DNS remains constant. It doesn’t care about these advancements. This makes DNS security more vital than ever to protect against these evolving threats. Ensuring robust DNS security will be crucial in safeguarding digital infrastructure.
Balancing Security, Usability and Regulation
Mukesh Gupta, Chief Product Officer
Balancing security and usability will remain a significant challenge. While robust security measures are essential, organizations should not compromise the user experience. Striking the right balance between security and usability is crucial to ensure that customers feel secure without being inconvenienced. This balance is particularly important in banking, where user trust and satisfaction are paramount.
Ed Hunter, Senior Director, Information Security
The tension between security and privacy will remain a central issue in 2026. Data governance—who owns data, how it’s used and under what conditions—will continue to evolve, with Europe leading the way through progressive legislation. Expect new laws and frameworks to emerge globally as governments grapple with the implications of AI-driven data processing.
