Cyber experts pinpoint what to look out for in 2026

With 2025 coming to a close, Nextgov/FCW asked cybersecurity experts — including former officials, research analysts and providers — to outline their predictions for cybersecurity activity in 2026.

Morgan Adamski, former executive director at U.S. Cyber Command and deputy leader for PwC’s Cyber, Data & Technology Risk Platform:

Looking ahead to 2026, I don’t expect a single “big bang” cyber event so much as a steady escalation in quiet, hard-to-spot campaigns. Instead of smashing through the front door, more attackers will simply walk in using valid credentials, abusing identity systems, single sign-on and trusted AI agents to blend into normal activity. These operations will be longer-running, more tightly linked to geopolitical and ideological tensions, and increasingly aimed at disrupting real-world services, not just stealing data.

At the same time, the foundational capabilities and infrastructure we use to build, innovate, and operate securely, like cloud, AI, [operational technology and ...