Category: Report

Executive summary AI-based threats have led employees to see the value of cybersecurity awareness and training in a new light. Organizations report real, measurable results from training efforts, though most feel that even more training is needed to defend against evolving cyber risks. AI is reinforcing the value of security awareness and training External threats are driving adoption Organizations are seeing real results from security awareness and training Despite making gains, more is needed Introduction Training works; But the work is never done The 2025 Security Awareness and Training Global Research Report reinforces two key findings from the past couple of years – that organizations see knowledge and skills as crucial to cyber defense, and that training must adapt continually as threats and risks evolve, especially when AI is involved. Our 2025 findings show that organizations continue to see security awareness and training as important and that external threats are still the main motivator for undertaking security awareness and training programs. As they have in previous years, leaders remain committed to security awareness and training, recognizing the need and building it into corporate priorities. Yet many continue to feel that their workforces are unprepared to fend off cyberthreats, despite concerted efforts to raise awareness and provide security training. The following pages explore possible reasons for this mindset, from the constant evolution of threats to rates of training completion, to issues with training content. In 2025, we broadened the scope of our Security Awareness and Training survey, asking new questions and diving deeper into areas such as preferred training modalities, how organizations are measuring the effectiveness of training initiatives, and employee perceptions of cybersecurity as a shared responsibility. We also added a new section to the report – first introduced in our 2025 Cybersecurity Skills Gap Global Research Report – Taking Action. Fewer than half (40%) of respondents say employees are highly trained and ready to identify, avoid, and report AI-based cyberthreats. AI is reinforcing the value of security awareness and training As organizations continue to adopt AI tools – and as threat actors increasingly use AI for malicious purposes – employees and leaders recognize the dual need for greater awareness of AI risks and more training in how to deal with those risks. The overwhelming majority (88%) of respondents to our 2025 survey say that the growing use of AI by bad actors has either somewhat or significantly influenced employee perspectives on the importance of security awareness training. Yet despite being highly aware of the rising threat of AI, leaders aren’t especially confident that their employees are equipped to meet it. Just 40% of survey respondents consider their employees to be highly trained and ready to identify, avoid, and report AI-based cyberthreats in the next 12 months. Fifty-eight percent (58%) describe their employees as being either moderately or slightly prepared. A silver lining is that only a very small portion of leaders (2%) believe their employees are not at all ready to face AI-driven threats. The AI Alarm Bell Most respondents say knowledge of AI threats has either significantly or somewhat increased employee perceptions of the importance of security awareness and training. Organizations are acting to safeguard against AI risks AI use needs to be managed Organizations are taking concrete steps to manage employee AI use, including: AI tools need to be secured The majority are also taking steps to manage AI tool security: AI training adoption is fairly consistent across organizations of all sizes AI training adoption is broadly similar across companies of all sizes, with a modest uptick among organizations with 5,000+ employees. 53% of organizations train employees on proper use of GenAI tools. Regional Highlights AI-driven security awareness varies by region, with Europe, the Middle East, and Africa being the lowest Workers in North America are most likely to see security awareness and training as important due to the growing malicious use of AI. North America is most confident about dealing with AI threats More respondents in North America say employees are trained and ready to identify, avoid, and report AI-based cyberthreats over the next 12 months than in any other region. Asia Pacific organizations are the most likely to train users on AI tools While no region reports especially high user training on AI tools, Asia Pacific leads the way at 59%. Latin America is the only region to come in at less than 50%. Taking Action Organizations are still very much at the learning stage when it comes to managing AI-related risks. For example, fewer than half (42%) of those surveyed say they have tools to monitor employee AI use. AI training is needed This can be done in several ways, including by holding AI training more regularly and providing brief refresher sessions, or by offering microlearning or on-demand resources as required by employees to stay current on evolving AI threats and best practices. Guidance on AI use is also required It is important to provide up-to-date AI guidance and policies that help employees understand and follow the best practices for using, selecting, and engaging with AI vendors and third-party AI technology providers. Such guidance should clearly outline data types and classification levels, provide information security and legal/ privacy criteria, and list approved AI vendors and providers. AI governance policies need continuous monitoring Implementing policies alone is not enough in the ever-changing world of AI. Organizations must also monitor and revisit those policies continuously to keep pace with shifts in technology and regulations. 41% of organizations say external threats were the core driver for adopting security awareness and training. External threats are driving adoption, but internal risks are a growing concern Potential threats, past breaches, and breaches in the same industry were the biggest motivators of increased security awareness and training in 2025 (41%). This is down from 52% the year before, though the addition of new options related to internal drivers could account for the decline. Twenty-seven percent (27%) of respondents say they adopted security awareness and training to protect from insider risks….

Business environments worldwide are becoming more complex and interconnected, with uncertainty shaping strategic, operational and investment decisions. Risks now emerge simultaneously from multiple risk vectors and often interact to influence stability, growth and governance. In this setting, organizations need a structured and coherent view of risk to support sound judgement and timely action. Within this broader landscape, India is navigating an economic transition shaped by global developments and domestic pressures. Geopolitical tensions, evolving trade patterns, regulatory changes, technology dependence, climate considerations and workforce dynamics are influencing how enterprises plan and operate, affecting supply chains, market access, compliance and cost structures. The FICCI-EY Risk Survey 2026: Risk outlook – A compass to India’s risk landscape for Indian businesses, offers a comprehensive view of these challenges. Drawing on insights from business leaders across sectors, the report examines risk perception, prioritization and management juxtaposed with global trends, India-specific risks and sector-level perspectives to support informed decision-making. Key findings at a glance Geopolitical pressures and rapid shifts in the operating environment are increasingly influencing organizational priorities, affecting stability, leadership focus and business confidence. Survey insights reflect growing pressure across technology, governance and workforce dimensions, with respondents highlighting several areas of heightened exposure. Concerns around digital risk remain prominent Workforce challenges persist Governance-related pressures are also increasing Together, these findings indicate that risks across technology, governance and talent are becoming more interconnected rather than operating in isolation. As these pressures converge, organizations have to take a more integrated approach to risk management, strengthening oversight, capability planning and decision-making to support stability and sustained performance in an evolving operating environment. Major risks shaping business outcomes A close look at the changing global conditions influencing investment and sourcing decisions Geopolitical developments, shaped by evolving trade policies and shifting global priorities, continue to influence the global operating environment. As major economies adjust their policy direction, uncertainty is expected to persist into 2026, affecting trade, investment and supply networks. These shifts are contributing to a gradual realignment of global trade flows. Many economies are placing greater emphasis on domestic capacity building and supply resilience, particularly across sectors such as semiconductors, clean energy and advanced manufacturing. Changes in trade measures are influencing the availability and pricing of critical inputs used across electronics, electric mobility and renewable energy value chains. Together, these trends reinforce the importance of preparedness. Ongoing geopolitical shifts continue to influence energy markets, supply chains and regulatory environments, with implications across operational, financial and reputational areas. In such an environment, scenario planning and geopolitical awareness are becoming important tools to support informed decision-making and strengthen organizational resilience. Resilience and adaptability are no longer optional. Building flexibility and staying attuned to geopolitical shifts can influence how organizations sustain performance in this evolving environment. The FICCI-EY risk survey data indicates that economic slowdown, market disruptions and sustained inflation remain key areas of attention for Indian businesses, with 68% of respondents reflecting a shared view on their relevance. Economic volatility continues to feature prominently, with 67% of respondents agreeing or strongly agreeing on its impact on business planning and operations. Geopolitical factors also remain relevant, with 64% of respondents acknowledging that geopolitical tensions are having a noticeable impact on their organizations, contributing to uncertainty in decision-making and long-term outlook. These findings reinforce the need for boards to embed geopolitical foresight, prioritize resilience over efficiency and align capital allocation with a fragmented, unpredictable global landscape. The message for business leaders is clear: Sectoral impacts are real and immediate. Technology, automotive, defense, energy and manufacturing firms should build resilience into their supply chains, diversify sourcing and stay agile in pricing and regional strategy. In this new era, monitoring geopolitical flashpoints is not just prudent but essential for survival and growth. Cyber risks Elevating the conversation from IT threat to boardroom priority Cyber risk is emerging as a defining challenge for operational stability and infrastructure resilience in today’s digital-first business landscape. No longer isolated, these risks now shape the very foundation of enterprise continuity and competitive advantage. Ransomware and Distributed Denial-of-Service (DDoS) attacks disrupt production, logistics and essential services, resulting in downtime and financial loss. Data breaches expose sensitive customer and business information, leading to lasting reputational damage. As system defenses improve, human error is exploited through phishing and social engineering. In parallel, dependence on third-party vendors expands exposure, where a single security failure can cascade into regulatory, legal and operational consequences across the organization. Globally, the average cost of a data breach stands at US$4.4 million, while ransomware incidents now cost approximately US$5 million, up nearly 17% year-on- year, reflecting a shift toward data theft and system disruption. Attacks on critical infrastructure are also rising, with manufacturing, healthcare, energy and finance being among the most affected. Ransomware incidents have increased 50% in 2025, largely via phishing and remote access. India faces a sharp rise in cyber intrusions due to AI- based social engineering, cloud gaps (misconfigured or weak cloud security settings that expose systems and data), and vulnerability chaining (attackers linking multiple small security flaws to gain deeper access into networks). Bot activity has increased, with multi-vector campaigns becoming more common. Deepfake voice scams affect the banking sector, leading to losses from fraud and higher complaint volumes on the National Cyber-Crime Reporting Portal (NCRP). The survey indicates that technology and cybersecurity risks are a growing concern, with 61% of respondents agreeing or strongly agreeing that digital disruption affects competitiveness and cyber attacks pose major threats. Additionally, 57% highlight the impact of data theft and insider fraud, while 47% acknowledge challenges in managing sophisticated cyber threats. Cyber-attacks and data breaches pose major financial and reputational risks, while rising threat sophistication, insider fraud and business espionage demand stronger internal controls and vigilance. These findings reinforce that the real challenge is not just to defend but to anticipate and adapt. For organizations, the implication is increasingly evident: Cyber risk poses a direct threat to operations, revenue and trust and cyber readiness is central to business continuity and confidence. Artificial intelligence (AI) risks Evolving from technical…

As we move into 2026, Milestone’s acting Chief Technology Officer Andrew Burnett predicts the technology trends that will define the year While several technology trends were once mostly confined to research labs and conference keynotes, they are now stepping into the daily reality of the security industry. What is new today is not the idea of AI itself, but the emergence of Agentic AI – intelligent systems capable of taking autonomous actions across operational workflows. Rather than asking what they might one day do, we are now seeing what they actually do in the field. In 2026, three technologies will particularly drive this transformation – Agentic AI, Digital Twins and Wearables with Augmented Reality (AR). Each represents an evolution not just in capability, but a step toward fully intelligent, interconnected and immersive security ecosystems. Agentic AI – From Hype-Cycle to Operational Workflows Agentic AI, first notable for its capabilities in areas like code generation, is now expanding beyond coding to orchestrate operational workflows across security systems. The shift for 2026 is from capability demonstrations to task-focused agents embedded in operational flows. Rather than one-off proof of concept we are seeing agents that orchestrate across systems – they ingest video, correlate access logs, detect deviations and then trigger follow-up actions – all without a human translating between disparate interfaces. Practical examples include autonomous investigation agents that not only take an alarm, gather the last 30 minutes of multimodal evidence (video, access, sensor telemetry) but also propose and initiate immediate mitigation action for an operator to approve. The value is twofold – speed (reducing mean time to insight) and bandwidth (freeing operators to focus on decisions, not data-gathering). This momentum is mirrored in global investment patterns. According to recent industry projections, Agentic AI is set to dominate IT budget expansion over the next five years, representing more than 26% of worldwide IT spending and surpassing US$1.3 trillion by 2029. This reflects a decisive shift: organisations are no longer experimenting with AI for select projects – they are operationalising it at scale. Organisations should stop asking ‘what might agentic AI do’ and start identifying the repeatable security workflows they want automated; for example: incident triage, patrol optimisation, evidence packaging; then measure agent performance against those KPIs. The winners in 2026 will be platforms that expose safe, auditable agent APIs and vendors who integrate them into end-to-end operational playbooks. Digital Twins – Moving from Models to Mission-Critical Decisions Digital twins – the highly sophisticated virtual models that stay synchronised with real-world systems – are also reaching a point of true practicality. The concept is not new. For years, industries like manufacturing and logistics have used digital twins to monitor assets and environments. What’s new is the granularity and scale now possible in security. Organisations such as NVIDIA are utilising digital twins for data centres, integrating cameras, fire alarms, access control and environmental sensors to create a unified, real-time view of operations. Instead of static replicas, we are talking about interactive environments where you can safely test and optimise system behaviour. The value of digital twins goes beyond visualisation and simulation, empowering organisations to monitor, optimise and actively manage the desired state of multiple subsystems in real-time. Imagine running a virtual fire-drill scenario that shows pedestrian flow if a corridor is blocked, or simulating lockout strategies to maintain egress while containing a threat. These are not academic exercises – they directly inform SOPs, layout choices and where to place resilient communications or edge compute. For complex estates (airports, ports, multi-tenant high-rises) a unified digital twin reduces configuration drift, accelerates forensic reconstruction and enables predictive maintenance for critical devices. Looking ahead, the widespread adoption of digital twins is poised to reshape the security industry’s approach to risk management and operational planning. With a unified, real-time view of complex environments, digital twins enable proactive decision-making, allowing security teams to anticipate threats, optimise resource allocation and continuously refine standard operating procedures. Over time, this capability will shift the industry from reactive incident response to predictive and preventative security strategies, where investment in training, infrastructure and technology is guided through simulated outcomes rather than historical events. From Gadgets to Game-Changers: Wearables + AR in Action AR and wearables have had turbulent history, but their resurgence in 2026 will be different – and AI is the reason. AI transforms wearables from simple capture devices into intelligent companions. It elevates AR from a visual overlay to a real-time, context-aware guidance layer. They shift frontline tools from passive to proactive devices that see, listen, interpret the environment, delivering timely insights and support through voice, visual or hybrid interfaces. The momentum behind AR is also reflected in the market. Globally, the AR sector is projected to surge from US$35.8 billion in 2024 to US$233.3 billion by 2030, a compound annual growth rate of 37%. Today, software and services account for the vast majority of AR revenue, highlighting that enterprises are increasingly leveraging AR for operational applications such as training, remote assistance, simulation and real-time decision support. Crucially, these systems speak natural language. A guard can ask, “When was this area last patrolled?” and receive concise, evidence-backed answers or ask the system to replay the last suspicious approach and mark it for later review. This moves wearables from passive recorders to active decision-support tools, increasing situational awareness while keeping hands and attention free. While widespread adoption may still be a few years away, the trajectory is clear. The future of security work will be increasingly wearable – through smart glasses, headsets or other wrist-mounted devices – and powered by conversational, intelligent systems that deliver insights and decision support in real-time. Conclusion – integrate, simulate, augment Across these trends the theme is consistent: AI is the enabler that makes previously hyped technologies operationally useful. For CISOs, facility heads and operations leaders, the practical playbook for 2026 is simple and strategic: prioritise integration (open, auditable APIs), exploring simulation capabilities (digital twins that map to SOPs), and pilot wearable augmentation where it reduces time-to-decision. Success is…

The evolution of AI technology, driven by Generative AI, has accelerated at an unprecedented pace. This year, in particular, its impact has been maximized, shifting paradigms across various industries. This spark of innovation is now extending into the video surveillance sector. Hanwha Vision predicts that 2026 will be a pivotal turning point. We foresee AI moving beyond simple adoption to becoming the essential foundation of the entire industry. Most notably, the emergence of ‘Autonomous AI Agents’ is expected to reshape the very structure and operational methods of video surveillance systems. Amidst these waves of change, Hanwha Vision highlights five key trends that the industry must focus on. These trends signal a future where AI serves as the core engine, elevating video surveillance from simple monitoring systems to central pillars of operational efficiency and sustainability. Trustworthy AI: Data Quality and Responsible Use As AI analysis technology becomes ubiquitous, the principle of ‘Garbage In, Garbage Out’ becomes increasingly critical in video surveillance. Visual noise and distortion caused by challenging environments – such as low light, backlighting, or fog – are primary causes of AI malfunction and false alarms. By 2026, establishing a ‘Trusted Data Environment’ to solve these issues will become the industry’s top priority. With the performance of AI analysis engines leveling up across the board, the focus of investment is shifting toward securing high-quality video data that AI can interpret without error. A prime example is the investment in minimizing noise and distortion in extreme environments through AI-based high-performance ISP (Image Signal Processing) technology and the use of larger sensors. AI-based ISP employs deep learning to differentiate between objects and noise, effectively eliminating noise while optimizing object details to provide real-time data most conducive to AI analysis. Larger image sensors capture more light, which fundamentally suppresses video noise generation, starting from low-light conditions. Hanwha Vision’s 2nd Generation P series AI Cameras feature a Dual NPU design, the Wisenet 9 chipset with AI-based image enhancement, and a large 1/1.2” sensor, guaranteeing crystal-clear images optimized for AI analysis even in the harshest environments. In parallel, as the ethical use of AI becomes a major concern, the mandatory adoption of AI governance systems is approaching. Global standards, such as the European Union’s AI Act, classify video surveillance AI used in public safety as High-Risk technology. This imposes a legal obligation on manufacturers to ensure Transparency in AI from the design phase, accelerating the industry’s push to build genuinely trustworthy AI. Furthermore, Hanwha Vision plans to upgrade its WiseAI app leveraging its capabilities in trusted data acquisition. Specifically, we will add an Auto Calibration feature that determines the distance information of a scene to enhance data reliability, and new AI event features to analyze abnormal behaviors like fighting and falling will be included in the 2026 product releases. The AI Agent Partnership, From Tool to Teammate As AI evolves from simple detection to an agent capable of analyzing complex scenarios and proposing initial responses, the role of the monitoring operator is set for a fundamental overhaul. Humans will delegate repetitive surveillance tasks to AI Agents and focus on more critical, high-level functions. While previous AI systems in video surveillance merely reduced the operator’s workload by automating repetitive tasks like object search, tracking, and alarm generation, the AI Agent takes this a step further. It autonomously conducts complex situational analysis, automatically executes an initial response, and recommends the most effective follow-up actions to the monitoring operator. For example, an AI Agent can independently assess an intrusion, initiate preliminary steps such as sounding an alarm, and then propose the final decision options (e.g., whether to call the police) to the operator. Simultaneously, it automatically generates a comprehensive report detailing real-time video of the intrusion area, access records, a log of the AI’s initial actions, and suggested optimal response strategies. The evolution of AI technology, driven by Generative AI, has accelerated at an unprecedented pace. This year, in particular, its impact has been maximized, shifting paradigms across various industries. This spark of innovation is now extending into the video surveillance sector Consequently, monitoring operators will transition into the role of commanders, making final decisions that require nuanced judgment, complex analysis, and consideration of legal and contextual implications. They will also take on the role of an AI governance manager, transparently tracking and supervising all autonomous actions and reasoning processes executed by the AI Agent. This essential function, which prevents system misuse, demands a significant elevation of the monitoring operator’s skill set. Driving Sustainable Security The explosive growth of generative AI is accelerating a ‘Technological Energy Crisis.’ According to IEA reports, power consumption by data centers is projected to more than double by 2030 due to the rising demand for AI servers. The video surveillance industry is at a crossroads where it can no longer prioritize performance without limit, facing the dual challenge of surging high-resolution video data and the computational burden of Edge AI. Consequently, Sustainable Security, which prioritizes operational longevity and minimizing environmental costs, is set to become a core competency for achieving TCO (Total Cost of Ownership) reductions and meeting ESG goals. To realize sustainable security, the industry is commonly moving towards developing ‘low-power AI chipsets’ that drastically reduce power consumption while preserving high-quality imaging and AI processing power. It is also prioritizing technologies that ensure data efficiency directly on the edge device (camera). For instance, Hanwha Vision‘s AI-based WiseStream technology maximizes video data management efficiency, contributing to lower power consumption. It intelligently separates regions of interest from non-interest within the video and adjusts the compression ratio based on importance. This maximizes traffic efficiency while securely retaining all necessary information. Furthermore, cameras equipped with Wisenet 9 have improved baseline data transmission efficiency by reusing images from static regions. These intelligent data management strategies simultaneously meet both performance and efficiency demands and are regarded as the most effective means to directly reduce the power consumption required for server expansion and cooling systems. Smart Spaces Powered by Video Intelligence With AI integrated into cameras and advances…

Lt Gen Sudhir SharmaPVSM, AVSM, YSM, VSMChairman, MitKat Advisory The turbulent geopolitical landscape of 2025 marked a discernible shift in India’s external security environment. The shadows of the events of the past year will have a telling effect on the risks and opportunities that will shape the trends for 2026. A fragmented global order, persistent conflicts in Europe and West Asia, intensified big power rivalry in the Indo Pacific, weaponisation of trade and controlled access to high technology have squeezed out much of the strategic space, giving rise to volatility and ambiguity, which impinges on India’s desire for strategic autonomy. As we enter 2026, we are no longer navigating a familiar world of stable alliances but a fragmented world order where national sovereignty and economic security are fluid and transactional. For business leaders this represents a dynamic shift from managing ‘growth’ to managing systemic disruptions and contending with hyper-nationalism. On India’s Western front, the short but intense conflict with Pakistan in 2025 has driven relations to their lowest point in decades. Terrorism remains a top risk, and deterrence is fragile. The tense standoff could escalate into skirmishes or a larger confrontation, requiring a recalibration of India’s security architecture. Concurrently the Eastern Sector bordering Bangladesh presents its own set of diverse security challenges. Relations with Bangladesh shifted sharply in 2025, driven by political instability, consequent to the ouster of the Awani League. The widening trust deficit and the overheated internal situation in Bangladesh poses a significant threat to Indian Interests. The forthcoming elections (if held fairly and objectively) will be a litmus test for the internal stability of Bangladesh. Pre and post poll violence are most likely and may have a ripple effect in India. Relations between the countries will continue to be strained and tense in 2026, seriously impacting transit and business growth. On a positive note, the relations with China remained comparatively stable and have shown limited but notable improvement in 2025, and the thaw is likely to continue in 2026, giving rise to business opportunities and some synergy in approach to global issues. The resumption of direct flights and an easier visa regime could provide the momentum for business growth and tourism. Though trust deficit remains high, it is likely that India’s relations with China may mature to one of cautious but competitive coexistence. This would require sustained confidence building measures from both sides. India-United States relations will remain a central pillar of India’s external engagement in 2026, though it will be marked by greater complexity and some irritants. Strategic convergence in defence, technology and the Indo-Pacific is expected to continue, despite the tariff related concerns and frictions. QUAD is expected to strengthen, with a sharper technological and security focus. Simultaneously, India will deepen engagement with BRICS and the Global South, balancing strategic autonomy with diplomatic flexibility – a critical tightrope in a fractured world. Internally the risks confronting India in the coming year will be shaped by the interplay of political polarisation, governance pressures and socio-economic disparities. Left-wing extremism is waning and may be eliminated by 2026, bolstering internal security. However, high-stake state elections could trigger unrest and stress governance systems. Despite external fragility, India enters 2026 with strong economic fundamentals, infrastructure upgrades, and a growing role in global manufacturing and technology ecosystems. Realignment of global supply chains offers opportunities India is well-positioned to seize. Structural reforms in the nuclear energy sector will give a boost to India’s energy mix and improve the overall energy-security paradigm. As we look ahead, 2026 is likely to be a year of continued external fragility, yet a resilient internal security framework, coupled with a buoyant macro-economic outlook. India can look forward to a period of sustained growth and stability, overcoming moderate internal challenges and governance pressures. Advances in AI, semiconductors, and manufacturing will further propel growth. India will need great acumen in navigating an increasingly polarised world order, while maintaining its strategic autonomy, and safeguarding its national interests. The year 2025 for India was characterized by acute security shocks, tightening geoeconomic headwinds, and mounting climate and public-health pressures even as the country deepened strategic partnerships, consolidated its role as a regional corporate and digital hub, and pressed ahead with institutional reforms. A multi-domain crisis with Pakistan, persistent maritime insecurity, resurgent piracy, Red Sea cable disruptions, and a sharp U.S. tariff shock underscored a risk environment in which episodic external triggers rapidly translate into domestic operational disruption. Domestically, intensified communal polarization, sector-wide labour actions, reservation mobilizations, and urban infrastructure fragility combined with scaled AI-enabled cyber-fraud to raise the baseline of day-to-day risk for businesses and communities. Looking ahead to 2026, the outlook is one of cautious resilience – external ties will be marked by strategic convergence with the United States amid trade and mobility frictions, managed competition with China, and fragile deterrence with Pakistan; internally, policy continuity will persist alongside execution gaps, uneven state-level governance, and climate-driven stress on assets and services. As we enter 2026, we are no longer navigating a familiar world of stable alliances but a fragmented world order where national sovereignty and economic security are fluid and transactional. For business leaders this represents a dynamic shift from managing ‘growth’ to managing systemic disruptions and contending with hyper-nationalism Geopolitically, India-China relations exhibited cautious stabilization. Corps Commander dialogue continued, high-level political contacts resumed, and direct commercial flights were reinstated after five years, reducing immediate confrontation risk along the Line of Actual Control (LAC). Yet structural constraints – including PLA consolidation in Tibet, new hydropower activity on the Yarlung Tsangpo, and recurring cyber and financial-security frictions – kept the relationship within a framework of tactical engagement embedded in strategic competition. With limited verifiable disengagement on the ground, ties in 2026 are likely to remain managed rather than normalized. By contrast, India-Pakistan relations entered their most volatile phase since 2019. The April Pahalgam massacre in Jammu & Kashmir precipitated Operation Sindoor – targeted Indian missile and air strikes on terrorist infrastructure in Pakistan-Occupied Kashmir (PoK) – followed by intensified Line of…

It came as a surprise that this is the 10th time that we’ve looked at the technology trends that we think will affect the security sector in the coming year. It feels like only yesterday that we sat down to write the first – a reminder of how quickly time passes, and how fast technological progress continues to move. Something that’s also become clear is that a completely new set of trends doesn’t appear year-on-year. Rather, we see an evolution of trends and technological developments, and that’s very much the case as we look towards 2026. Technological innovations regularly arrive, which impact our sector. Artificial intelligence, advancements in imaging, greater processing capabilities within devices, enhanced communications technologies…these and more have impacted our industry. Even technologies which still seem a distance away, such as quantum computing, may have some potential implications in the near-term in preparing for the future. While we focus here on tech trends, it’s worth highlighting a shift that we’ve seen in recent years: the increasing involvement and influence of the IT department over decisions related to security and safety technology. The physical security and IT departments now work in close collaboration, with IT heavily involved in physical security purchasing decisions. That influence, we feel, is central to the first of our trends for 2026… ‘Ecosystem-first’ becomes an important part of decision making At a fundamental level, the greater influence of the IT department is changing the perspective regarding security technology purchasing decisions. We call this an ‘ecosystem-first’ approach, and it influences almost every subsequent decision. Today, however, we start to see a trend that the first decision is increasingly defined by the solution ecosystem to which the customer wants to commit. In many ways, it’s analogous to how IT has always worked: decide on an operating system, and then select compatible hardware and software. The ecosystem-first approach makes a lot of sense. With today’s solutions including a greater variety of devices, sensors, and analytics than ever before, seamless integration, configuration, management, and scalability is essential. In addition, product lifecycle management, including, critically, ongoing software support, becomes more achievable within a single ecosystem. Committing to a single ecosystem – one offering breadth and depth in hardware and software from both the principal vendor alongside a vibrant ecosystem of partners – is the primary decision. The ongoing evolution of hybrid architectures A hybrid architecture as the preferred choice isn’t new. In fact, it’s something we’ve highlighted in previous technology trends posts. But it continues to evolve. Sometimes evolution can seem quite subtle. In reality, we’re seeing some fundamental shifts. We’ve always described hybrid as a mix of edge computing within cameras, cloud resources, and on-premise servers. While that’s still the same today, what’s changing is the balance of resources, as capabilities are enhanced and new use cases emerge. Edge and cloud are becoming much more significant, with the need for on-premise server computing resources reduced. This is largely a result of enhanced computing power and capabilities within both cameras and the cloud. More powerful edge AI-enabled surveillance cameras can, put simply, handle more than ever before. Improved image quality, the ability to more accurately analyze scenes and create valuable metadata have seen cameras take on tasks previously handled on the server. Similarly, with such a wealth of data being created, cloud-based resources have the analytical power required to surface business intelligence and insights to enhance operational effectiveness. There can still be legitimate reasons to retain some on-premise resources, such as network video recorders, but the true value is increasingly coming from edge devices and cloud resources. Ultimately, it’s a trend that meets both the IT department’s drive for efficiency, the security team’s desire for solution quality and effectiveness, and the data integrity and security needs of both. But, even if hybrid architectures are a trend, we must not forget that a vast majority of all solutions are still very much on-prem solutions, and this will be the case for a long time. The increased importance of edge computing In many sectors, like the automotive industry, the need and potential for edge computing has only been recognized relatively recently. As regular readers will know, however, the value of increased computing resources within devices at the edge of the network has been a feature of our technology trends predictions for several years. Enhanced capabilities mark the beginning of a new era of edge. In many ways, the increased importance of edge computing is directly related to the evolution of hybrid architectures described in the previous trend. When hybrid solutions have included edge, cloud, and server technologies, the full potential of edge AI hasn’t always been fully realized. With on-premise servers able to support some tasks, there has been less motivation to move these to the edge. This is already changing and will accelerate over the coming year. This is in part due to the enhanced AI available to the edge, within devices themselves. The discussion and decisions about where to deploy AI across surveillance solutions – using the strengths of edge AI in devices and the power of cloud-based analytics – has brought focus to the capabilities of cameras and the increasing variety of edge AI-enabled sensors. These bring benefits in both effectiveness and efficiency. Edge processing generates both business data – actionable insights derived directly from the scene – and metadata, which describes the objects and scenes within it. This information has become the basis for efficient scaling of system functionality, such as smart video searches, and for generating system wide insights. Edge processing enables a much smoother scaling of system compute performance, as the system performance grows with each added edge device. The arguments against moving more to the edge, such as cybersecurity challenges, have diminished. With the strong cybersecurity capabilities of edge devices, such as secure boot and signed OS, they now have become a strong part of the overall system security solution. Mobile surveillance on the rise Mobile surveillance solutions, like mobile trailers, aren’t a trend…

Siddharth DahiyaCEO, Peregrine Guarding As we move into 2026, the security industry is going through a major shift. Earlier, security was mostly seen as guarding buildings, managing entry points, and responding to incidents. Today, the role of security has expanded much beyond that. It is becoming smarter, more technology-driven, and deeply connected to how businesses function. With growing urbanisation, digital operations, and rising expectations around safety, the industry is now focused not just on protection, but on prevention, planning, and continuity. Technology is playing a very important role in this change. Tools like intelligent cameras, remote monitoring systems, and automated alerts are becoming part of everyday security operations. These systems help detect unusual activity early, support faster responses, and reduce dependence on manual processes. Security teams are increasingly working in environments where technology and manpower go hand in hand. The presence of trained professionals on the ground remains essential, but their effectiveness is being strengthened by digital systems that offer real-time visibility and better control. At the same time, the nature of the security workforce is also evolving. The security professional is no longer expected to only patrol or stand at a gate. There is now a much stronger focus on training and upskilling. Personnel are required to handle smart devices, use mobile-based reporting tools, understand basic data, and interact more confidently with clients and employees. This shift is pushing the industry to invest more in continuous learning, structured development programs, and long-term career paths. Another important development is the growth of centralised and remote security operations. Instead of managing everything from individual locations, more organisations are moving towards command centres that monitor multiple sites at once. These centres bring together surveillance, incident management, and response coordination on one platform. This model is becoming far more common, helping businesses improve coverage, strengthen oversight, and respond faster to risks. It also allows on-ground teams to work with better information and support, making security operations more proactive rather than reactive. The way businesses look at security is also changing. Security is no longer being treated only as a cost or a support function. It is increasingly being seen as a critical part of business continuity, infrastructure planning, and risk management. Strong security frameworks help protect assets, ensure employee safety, support compliance, and maintain brand trust. Going forward, security leaders will be more involved in strategic discussions, contributing insights that go beyond day-to-day operations and into long-term planning. With the rise of digital systems, data is becoming a central part of security management. Access records, visitor information, camera analytics, and incident logs are now key decision-making tools. This makes data protection, transparency, and regulatory compliance extremely important. Organisations will place greater focus on building secure data practices, reliable reporting structures, and audit-ready processes. Trust, accountability, and responsible handling of information will become just as important as physical safety. Equally important is the growing attention on the people behind security services. The industry is recognising that a motivated and supported workforce is the foundation of strong security. Better healthcare support, mental well-being initiatives, stable working conditions, and timely recognition are becoming more central to workforce strategies. When security personnel feel valued and secure themselves, the quality of service improves naturally. This people-first approach will play a major role in shaping the industry’s future. Looking ahead, the security industry will be defined by its ability to adapt. The future belongs to organisations that can combine trained manpower, smart technology, and responsible practices into one integrated system. Security will no longer be limited to protection alone. It will stand for preparedness, resilience, and confidence in a fast-changing world.

Vivek SrivastavaCountry Manager, India & SAARC at Fortinet Industrialized Cybercrime and the Acceleration of the Attack Life Cycle The 2026 Cyberthreat Predictions Report continues Fortinet’s ongoing analysis of how technology, economics, and behavior intersect to shape global cyber risk. The picture emerging for 2026 is one of acceleration. Adversaries will increasingly operate as industrial systems, using automation, specialization, and AI to scale both attack speed and reach. For CISOs and security leaders, this means re-architecting defenses to operate at the same speed as adversaries. Security programs designed for linear response can no longer keep pace with an ecosystem characterized by parallel automation and rapid exploitation. The coming year will not be defined by a single new technique or malware strain, but by the refinement and industrialization of those that already exist. We expect threat actors to focus less on innovation and more on throughput – the ability to move from reconnaissance to monetization in the shortest possible time. This shift is reshaping the economics of cybercrime and forcing defenders to compress detection and containment cycles across every environment. In practice, this means: Together, these scenarios illustrate a single reality – Velocity now defines risk. As the line between human and machine operations blurs, both attackers and defenders are adapting to an environment where milliseconds can define outcomes. FortiGuard Labs’ 2026 predictions explore this evolution from multiple perspectives – how adversaries are industrializing, how defenders are adapting, and how collaboration across public and private sectors will shape deterrence and resilience in the years ahead. The unifying theme across these predictions is convergence. Offense and defense now evolve through the same forces – AI, automation, and the cloud – each shaping the other’s rate of adaptation. The contest ahead will be decided less by who has the most advanced tools than by who can integrate intelligence, technology, and decision-making into a single, continuous system. Executive summary The global threat environment in 2026 will be defined by speed, automation, and scale. Cybercrime will continue to mature into a structured industry supported by specialized roles, automated toolchains, and AI-driven decision-making. Attack groups will increasingly operate more like enterprises than independent actors, measuring success not by innovation but by throughput such as the rate at which they can turn access into profit. For defenders, this represents a pivotal shift. Security operations can no longer rely on static configurations or periodic assessments. To address today’s rapidly evolving challenges, they must operate as an adaptive system, continuously learning, adjusting, and responding to real-time conditions. Two forces are driving this evolution. The first is the industrialization of cybercrime, as automation and AI integrate into every stage of attack development and deployment. The second is the acceleration of the attack life cycle, in which the time between compromise and consequence continues to collapse. Attackers who once needed days to monetize access can now do so in hours by automating reconnaissance, data analysis, and extortion. These changes are already visible. A compromised cloud workload may trigger an AI-driven privilege escalation script within seconds. A stolen database can be quickly parsed by generative AI (GenAI) to identify high-value records before the victim even realizes the breach has occurred. Pre-infected botnets and access brokers now provide turnkey infrastructure for ransomware affiliates, enabling near real-time campaign launches. For defenders, the implication is clear. Threat intelligence, exposure management, and incident response must operate as one continuous system. Readiness will increasingly be measured by the ability to act at AI-level speeds to translate threat intelligence into containment before disruption occurs. This report examines both sides of that equation. The Adversaries section explores how attackers are industrializing their operations, while the Defenders section focuses on how organizations can operationalize threat intelligence and automation to match that velocity. Together, they point to a single conclusion: The contest between offense and defense has become a race of systems, not individuals. Update on predictions for 2025 Many of the developments forecast in FortiGuard Labs’ 2025 Cyberthreat Predictions Report have materialized faster than expected. What were emerging patterns a year ago – AI-assisted threat operations, Crime-as-a-Service (CaaS) specialization, and geopolitical fragmentation – are now defining characteristics of the global threat landscape. AI in operational use The 2025 report predicted that AI would move from experimentation to full operational deployment. That shift has already occurred. GenAI is routinely used for social engineering, credential harvesting, and automated scripting. The next phase, now emerging, involves autonomous agents capable of managing multiple attack functions without human input. Expansion of CaaS models Integrated underground economies have matured into platform-style marketplaces. Access brokers, data resellers, and malware developers now operate as interconnected suppliers, allowing smaller actors to launch sophisticated attacks with minimal resources. Target diversification Predictions of expanded targeting across operational technology (OT), cloud, and supply chains have proven accurate. Ransomware groups increasingly blend data theft, disruption, and extortion, often striking multiple tiers of vendors simultaneously. Critical infrastructure and healthcare remain disproportionately affected, particularly in areas where modernization has outpaced security. Data as a primary asset Data theft has transitioned from a byproduct of intrusion to a monetized commodity. AI-driven analysis now converts raw data into actionable intelligence, turning information into a currency of extortion and influence. Together, these developments confirm a broader shift from opportunistic attacks to structured operations. Industrialized cybercrime, once a projection, has become the baseline from which new threats emerge. The next phase of attack: 2026 offensive capabilities predictions As 2026 unfolds, cybercrime continues to industrialize. Automation, AI, and specialization will continue to converge, enabling attacks to be produced at scale. FortiGuard Labs anticipates several developments across offensive capabilities. AI-enabled cybercrime agents The defining change of 2026 will be the emergence of purpose-built, autonomous cybercrime agents. These systems will extend far beyond the early FraudGPT, WormGPT, and similar models seen on underground forums in 2025. Designed for specific operational tasks such as credential theft, phishing, or lateral movement, these agents will execute against entire segments of the attack chain without requiring human oversight. This shift will drive an explosion in capacity….

The global security landscape in 2023 was characterized by the tumult as the world continued to witness geopolitical shifts while contending with internal developments – often resulting in an interwoven and complex nexus. In line with predictions, the engines of the global economy fired back up in the aftermath of the COVID-19 pandemic, with expectations of a new, more resilient framework driving it. However, what the world witnessed were multi-faceted ramifications that presaged a spiraling global crisis fueled by the escalation and perpetuation of regional conflicts, primarily those between Russia and Ukraine, and in Israel and Palestine. These evolving geopolitical dynamics have also impeded efforts towards global cooperation at a time when it is a sine qua non. A resurgence of carbon emissions, an unrelenting cost-of living crisis, and food and fuel shortages have exacerbated social divisions and caused unrest. Economic deceleration impacted countries across the world, often influencing political and policy decisions, while having a bearing on bilateral relations as well. Curtailed government spending, EXIM controls, and rate revisions came to characterize economic decisions across the world, forcing businesses to calibrate decision making to navigate through new realities. India was not insulated from these global shocks, with its rising position in the global order placing it on a ringside seat to view, judge, and influence international developments. India’s G-20 Presidency in 2023 was testament to its pedigree as a growing international power, and the astute diplomacy it has practiced aided in weathering multiple difficult global challenges. Regardless, extant risks continued to pose governance challenges, while new risks developed in 2023 which will influence decision-making in the years to come. On the geopolitical front, deteriorating relations with Canada dominated headlines after the latter accused the Indian government of involvement in the murder of Hardeep Singh Nijjar, a Canadian citizen allegedly involved in Khalistani activities. Over the course of a highly charged October characterised by assertions and censures, both the countries engaged in tit-for-tat moves that involved suspension of visa services and recalling of diplomats. Since then, however, the rhetoric employed by both governments has softened, and refocused on narratives of cooperation and friendship. Relations with China could best be described as a hostile peace – an absence of physical conflagrations must not be equated with a thawing of hostilities. The continued construction of military and civilian infrastructure near the border in Arunachal Pradesh, the failure to gain meaningful ground on negotiations pertaining to de-deployment in the Ladakh theatre, and a virtual status quo in the overall situation meant that ties remain tense. Relations with Pakistan did not witness any significant deterioration or improvement, with internal political and economic instability taking the limelight. Continued cooperation in the domains of trade, commerce, and culture put India in a strong position in the Asia-Pacific region, which will be crucial in the year ahead as the situation in the South China Sea steadily heats up. India also kept up cooperation with its QUAD allies as both North Korea and China deployed an aggressive military posture in the larger region. “The past year was marked by increased global strife and geopolitical uncertainty. In a ‘World Adrift,’ the brutal Hamas Israel war put further strain on an already fragile and fragmented world order. As a large number of countries align themselves against the US-Israel nexus in this conflict, the US influence may wane, giving the China-Russia axis more traction. India, which sits at the cross roads of its strategic partnership with US on one hand, and Russia on the other, would need to take some difficult geo-strategic decisions within the framework of its geographical compulsions and overarching national interest. The early pointers to these shifting sands can be seen in the postponement of the QUAD summit planned for January 2024, and the apparent inability of President Biden to be the Chief Guest at India’s Republic Day Parade. The high of successfully hosting the G20 summit by India in 2023 was soured by the accusation by Canada that Indian government-sponsored agents had plotted and killed a Canadian citizen on their soil. Followed closely on the heels of this diplomatic discord was the more damaging disclosure by USA of a failed but allegedly Indian Government supported rogue action to kill an American citizen. Both were avowed separatists with a strong anti-India stance. While these incidents are still unravelling, they have the potential to hamper or at least dent Indo-US strategic relations and if proved, will damage India’s diplomatic stock in the eyes of the Western world. On the domestic front the upcoming general elections in the first half of 2024 are likely to be very polarizing and intense. Some degree of violence and conflict in some sensitive constituencies is possible. Elections are also planned for J&K, and would need deft handling as they would be under national and international spotlight. Elections in Pakistan and Bangladesh in 2024 would also have an impact in the region. On the internal security front, the uptick in terrorist attacks in J&K is likely to continue and may increase in the buildup to elections, further exacerbating India-Pakistan relations. Continued unrest in Manipur and Naxal-dominated areas will stretch the security apparatus in 2024. The overall economic outlook is robust, with satisfactory macro-economic indicators. However there is a continued need to tame inflation and create more job opportunities for the young and restive population of the country. Higher adoption of technology, continued digitalization and generative AI are all likely to give a major boost to the economy. The increasing pace of Apple products manufacturing in India, and possible entry of Foxconn, would also be a catalyst to the manufacturing sector. Overall the year 2024 is likely to be stable, but challenging both domestically and on the geopolitical front. Economic growth which is reasonably insulated, will continue to make India the best performing major economy in 2024. The outcome of the watershed general elections would define India’s future for rest of the current decade.” Lt Gen Sudhir Sharma, PVSM, AVSM, YSM, VSM, Chairman, MitKat 2024…

FICCI and Pinkerton publish the India Risk Survey (IRS) report to identify possible business risks and difficulties prevailing in the Indian business landscape. The survey identifies 12 key areas of concern for businesses and 5 emerging risks that might seriously damage India’s business ecosystem. The results are derived from a survey that involved stakeholders and business executives from various industries. The India Risk Survey Report is frequently seen as a significant predictor of the risks that Indian firms must deal with. Businesses use the report to evaluate their risk exposure and decide how to operate in India. In addition, the media and decision-makers frequently use the survey’s conclusions as proof of the difficulties experienced by Indian entrepreneurs. The India Risk Survey Report gives valuable information about the risks that firms face, like Natural Hazards, Information & Cyber Insecurity, Intellectual Property Theft, Fire, and Crimes, and enables them to make defensible choices regarding their operations. Surpassing the risk of Natural Hazards and pandemics, the risk focus has drastically shifted to Intellectual Property Theft and Information & Cyber Insecurity due to the increasing interconnectivity of businesses’ reliance on technology, and the vast amounts of data that are now stored electronically. Offices have been replaced by hybrid working arrangements, and growing digitization has accelerated the threat. Cases of industrial accidents along with road accidents have been rising as they occur suddenly and without warning, often causing extensive damage to property and equipment. They can also lead to injuries or even fatalities, leading to both reputational and revenue damage for the business. While business espionage is not a new phenomenon, but it has become more prevalent in recent years as the world of business has become more globalized. Companies are now operating on a much larger playing field and there is more at stake. The goal of this survey is to identify potential risks in the context of a changing global environment, allowing business leaders to assess their circumspection for disruptive events like rapid digitalization, accidents, and business espionage, in the future and to ameliorate risk mitigation techniques. Nonetheless, based on each industry’s risk appetite and current risk mitigation plans, the risks identified and their effects may differ from one to the next. The survey’s outcome should help organizations create a 360-degree risk management strategy that will allow them to foresee and prepare for any eventuality, limit interruption, and protect against any risks in advance. Rohit Karnatak Vice President – India APAC & EMEA Global Screening, Pinkerton The India Risk Survey has successfully reached its 10th year milestone, and I feel very proud to say that this survey report has helped many organizations (both private and public sector) in identifying, safeguarding themselves from the potential or prevailing risks in this dynamic business environment and also helps them to create a strategy for their risk governance.Over the years as we introduced the Pinkerton Risk Wheel which has now matured to a more comprehensive risk governance. Risk governance involves how effectively organizations are managing risks by establishing policies, procedures, and frameworks so that the business operates in a responsible and sustainable manner. Effective risk governance is when it is implemented at the planning and strategic level of the decision-making process in an organization. To make it more effective, one should engage with subject matter experts or consulting firms who have expertise in the risk advisory domain. This year’s risk survey has outlined the top 3 risks which are Intellectual Property Theft, Information & Cyber Insecurity, and Accidents ranked in that order. The industry leaders ranked Intellectual Property (IP) Theft as the risk which is the most prevalent threat to their business. Until 2019, IP Theft was not a part of the top 5 risks, but from 2021 it started to emerge among the top 3 risks and finally making to the number one risk this year. When we delved deeper, we could understand that the Indian businesses are understanding the processes, innovations and techniques too are valuable to a business and thus needs to be adequately protected. In the initial years of the report, most businesses only identified counterfeiting of products or violation of trademarks as an IP risk. The manufacturing of a product or the process of a service both are like soft power and need protection as much as the counterfeit product/service that may have been introduced in the market. Pinkerton globally have been focusing on this risk and have been helping organizations make strategies to protect these Intellectual Properties via with the help of Pinkerton’s Global Investigation Services with a dedicated service line of Intellectual Property Protection Service. India Risk Survey 2022 also highlights the top 5 emerging risks which have been prevailing in this past year of 2022 and posed a threat to businesses. The most prevalent emerging risk was the ‘Safety and Security of Key Personnel,’ This risk has emerged at the top because of the threats present for the C-Suites and Directors both internally as well as externally of their business premises. The need for a safe work environment along with the safety & security required during the executive’s business travels has increased manifolds in recent times and therefore, organizations are opting for Executive Protection Services to protect their key personnel from these threats. If an organization keeps risk governance at the center when planning their risk strategies and looks beyond the realm of just compliance, it will help the organization to have an effective, comprehensive risk mitigation covering all four quadrants of risk. We hope that the report will add value to your organization’s risk governance strategy. SUMMARY Each year, the India Risk Survey (IRS) gathers 12 risks that, in the opinion of business enterprises and subject-matter experts, represent the most significant threats that might disrupt Indian business operations. To comprehend and evaluate each risk independently and to conduct analysis, the survey employs the Pinkerton Risk Wheel structure. The Pinkerton Risk Wheel has four different risk categories. Based on the type of threats, the risks are classified. Each…