The cybersecurity sector is at a turning point as 2026 gets underway, battling enduring threats and new difficulties This article explores discussing cybersecurity community. . In the most recent edition of Reporter's Notebook, Alex Culafi, senior news writer at Dark Reading, joins Phil Sweeney of TechTarget Search Security and Eric Geller of Cybersecurity Dive to discuss the year's renewed focus on important objectives.

As seasoned reporters with extensive experience in the field, the three provide distinctive perspectives on what cybersecurity experts should start doing, stop doing, and concentrate on as 2026 gets underway. They discuss urgent problems, new trends, and practical suggestions for professionals in the field. Additionally, their discussion highlights important issues that will influence the industry's future.

Related: Safeguarding Operational Excellence through the CISO-COO Partnership We will go around and discuss each of the three resolutions that each of us brought for each category. I want to start by discussing what the cybersecurity community should begin doing more of or in general. I'll go first, followed by Eric and Phil.

I wanted to start by stating that I believe the cybersecurity community should decide to alter the way IT support interacts with staff.

I think it's all too common to hear tales of more than just social engineering scams, in which an IT support agent allegedly approaches someone and says, "Hey, I need your VPN password." However, we have actual IT support employees contacting us in legitimate situations, stating that they require remote access without requesting to appear on camera or completing the alternative verification that is typically advised to prevent social engineering attacks. Where are the areas where AI actually can help, like improving the SOC where you don't necessarily have to have a human looking at all the alerts day in and day out but being cautious really about integration of AI into other systems.

Additionally, as the organization's security personnel, they ought to be considering the risks and negative effects of AI as well as ways to reduce them. The security experts must be sitting there saying, "We have to game out the worst-case scenarios and make sure that these things don't happen," while others support AI's integration and increased usability. Therefore, I hope to see a slightly more balanced discussion about AI this year.

Alex Culafi of DR: I'll tell you that whenever I meet someone in the security industry at an event, I always ask them about AI-related topics, such as "What do they have you using? Do I click this to make a decision? Do I not?

Should I report it? Do I not? And you know, I'm not sure how to solve this.

We are aware that this is a crucial turning point because, according to researchers, we will soon see the first signs of a quantum computer that might be able to crack standard encryption. This could reveal a lot of secrets, both corporate and governmental, to ransomware gangs, nation-state hackers, and other groups. The government is currently pushing for businesses to take this into consideration.

During the Biden administration, this began. The fact that it is still going on under the Trump administration, in my opinion, indicates that everyone is aware that this is not partisan and that there will be a turning point. Businesses would be wise to prepare for this. You do realize that bad things are going to happen?

After all, we are discussing cybersecurity. In surveys conducted by researchers asking specific security experts about security breaches, up to 70% of businesses respond by saying, "Yep, we've been the victim of at least one serious security incident in the past year." You know that these things will occur, but if you leave an opening that both you and cybercriminals are aware of, it seems like you're just hoping that it won't catch you.

There are many things that you can't anticipate, but when vulnerabilities are revealed and patches are available, it's there. It's not a glamorous thing, then?