It’s that time of year again, when the cyber and resilience community dust off their crystal ball and forecast what may lie ahead for the industry in the year ahead.
But before we look to the future, what lessons can be learned from the past?
If 2025 taught us anything, it’s that the attack landscape is evolving with a complex mix of state and non-state attackers causing security and economic disruption. Supply chain attacks have been in ascendancy for a while, but now so too is sophisticated social engineering of IT help desks and service providers. There is also a disturbing move towards overseas cyber criminals recruiting insiders to gain access to organisations, or in the case of North Korea placing IT workers directly inside target firms.
This year, the UK witnessed its largest cyber event in history, which rippled from a major automotive manufacturer across to small family owned businesses, putting their welfare and future at risk. It was an event few will forget, with the UK’s economy projected to suffer a £2 billion loss, and the government stepping in to protect thousands of small businesses, who were at risk of collapse after Jaguar Land Rover’s production lines were temporarily halted.
The attack landscape also diversified, with Western groups, like Scattered Spider, being responsible for the most publicised incidents. While Russian actors exploited Zero Day flaws to attack major institutions and put their sensitive data at risk. This happened in parallel with threat actors more frequently turning to AI and insiders to speed up their exploits and execute larger-scale attacks.
Read more from CEO of Beyond Blue, David Ferbrache, in his 2026 Predictions report here.