Companies want the benefits of AI without the cyber blowback

51% of European IT and cybersecurity professionals said they expect AI-driven cyber threats and deepfakes to keep them up at night in 2026, according to ISACA.

AI takes centre stage in threat outlook

The main reason for this concern is that most organizations are not ready to manage AI-related risks. Few feel confident in their ability to handle generative AI securely, while most admit they still have work to do to prepare for the challenges ahead.

While AI-driven threats top the list of worries for technology professionals, other risks still threaten business continuity. Many remain concerned about regulatory challenges, supply chain weaknesses, and their ability to detect and respond to breaches before damage occurs. Confidence in handling ransomware attacks also remains very low.

AI is seen as a growing threat and an opportunity for cyber and digital trust professionals, who recognize how transformative it can be for their organization.

Technology priorities

When asked about the top technology trends shaping their work in 2026, respondents pointed to generative AI and large language models, used for tasks like content and code generation, followed by AI and machine learning for predictive analysis.

When identifying the most significant cyber threats, 59% said AI-driven social engineering. Another threat facing organizations is insider threats, whether intentional or accidental.

Regulatory and resilience issues take weight

Most professionals view business continuity and resilience as key priorities for 2026. ISACA says organisations will need to train staff both to use AI responsibly and to respond to AI-related threats in order to stay resilient. However, many companies still lack hiring plans for digital trust roles like audit, risk, and cybersecurity.

“AI represents both the greatest opportunity and the greatest threat of our time. This research highlights a stark reality: while organisations are beginning to embrace AI’s transformative potential, many remain underprepared to manage its risks in the year ahead,” said Chris Dimitriadis, Chief Global Strategy Officer at ISACA. “AI cybersecurity and assurance certifications will help cyber professionals manage the evolving risk related to AI, implement policy, and ensure its responsible and effective use across the organization.”

Many professionals worry about the growing complexity of regulation, yet most also recognize its value. They believe new cyber rules can build digital trust and support business growth.

A stronger grasp of regulatory change and its potential benefits would help cybersecurity teams approach compliance with more confidence and strengthen business resilience.

“Many of the concerns the respondents raise signal an opportunity to transform how we approach these issues, shifting them from worries to a catalyst for business growth,” Dimitriadis continued. “For example, when regulation or guidance is viewed not just as a box-ticking exercise but as an opportunity to innovate in a resilient manner in the long term.”

Airia: Easily build and deploy secure, intelligent workflows