Resilience is the new security: What Philippine CISOs must learn in 2026

By Bambi Escalante

EVERY YEAR, the cybersecurity landscape presents new challenges — and 2026 is no exception. Across industries and borders, companies are navigating AI, emerging technologies, escalating geopolitical risks, persistent cybersecurity skills gaps, and evolving regulatory pressures — all while pursuing growth and innovation.

The role of the chief information security officer (CISO) is evolving in response to these challenges. Today, CISOs must focus not on whether an organization will face disruption, but on how prepared it is to respond, recover, and maintain resilience against increasingly complex threats.

To help CISOs, particularly those in the Philippines, navigate this environment, we highlight a selection of trends and forces shaping cybersecurity in 2026 and beyond, based on insights from Fortinet’s newly inaugurated annual CISO Predictions Report:

1. Balancing innovation and risk in AI – Artificial intelligence is transforming business operations by automating processes and driving smarter decisions across teams. Yet rapid adoption brings new risks, including limited visibility into AI decision-making, data exposure, and threats like adversarial attacks, data poisoning, and prompt injection. The growing use of autonomous AI agents also creates identity and interaction risks that can expose critical systems.

Prediction: Breaches involving AI models will increase in both frequency and severity in 2026, as organizations entrust AI with more sensitive data and enable autonomous agent interactions without fully addressing identity and security implications.

2. AI in malicious hands – AI is increasingly exploited by cybercriminals to enhance the realism and impact of attacks. Advanced generative models make it easier to create highly convincing fake images, audio, and video, significantly amplifying the effectiveness of social engineering schemes and business e-mail compromise (BEC).

Prediction: In 2026, deepfake technology is expected to elevate BEC and other targeted attacks to a new level. Organizations may face a surge of AI-generated audio and video content designed to deceive individuals. If text-based attacks have already caused billions in losses, AI-driven voice and video scams could result in even greater financial and reputational damage. Fortinet anticipates a significant increase in both the frequency and impact of these attacks, with multiple high-value incidents likely throughout the year.

3. Cyberwar and geopolitical risks – Cyber has become an integral part of modern warfare, with recent conflicts showing how digital offensives can disrupt economies, financial systems, and critical infrastructure. What once seemed like distant geopolitical struggles now directly affect organizations worldwide, as cyber operations have become a standard component of global power plays.

Over the past two years, there has been a rise in state-linked activity focused on data theft and long-term infiltration of networks. These “preparatory attacks” are expected to intensify as nations seek to strengthen their strategic positions in an increasingly volatile global environment. Meanwhile, attacks on critical infrastructure continue — from global internet systems to undersea cables that connect economies and industries — underscoring how deeply intertwined geopolitical tensions and cybersecurity have become.

Prediction: Cyberwarfare is no longer a distant concern. It is reshaping the security landscape for every organization. In 2026, CISOs must anticipate spillover attacks, even from conflicts far beyond their borders, and ensure readiness against state-sponsored threats targeting supply chains, networks, and partners.

4. Expanding threats in space – Cyber conflict has extended into space. The growing reliance on GPS for navigation, logistics, and critical systems makes it a prime target for disruption, particularly in conflict zones. Jamming and spoofing activities can misdirect drones, aircraft, and even weapons systems, while also degrading IT systems and other critical infrastructure.

Prediction: GPS interference is expected to increase, especially in and around areas of conflict. While the risk remains low for most businesses, sectors such as aviation, shipping, and defense should take precautions, including strengthening receivers, validating multiple data sources, and enabling autopilot lockout to prevent navigation errors and operational disruptions.

5. The growing risks in satellite communications – Satellite technology is expanding connectivity across land, sea, and air, making the internet more pervasive than ever—but this growth also brings new challenges. Unencrypted satellite signals can be intercepted with relatively simple equipment, potentially exposing sensitive government, corporate, and military communications, including calls, messages, and internal data.

Prediction: As satellite technology adoption accelerates, organizations must address these vulnerabilities by implementing additional layers of security, such as IPsec encryption, to prevent data interception and misuse.

6. Closing the cybersecurity skills gap – Despite progress, the global cybersecurity skills gap remains a pressing challenge. Fortinet’s 2025 Cybersecurity Skills Gap Report shows that the leading causes of breaches worldwide are insufficient security awareness (56%) and lack of IT security skills and training (54%). Nearly half of IT leaders also believe their board members are unaware of the risks posed by AI and emerging technologies.

Encouragingly, 89% of organizations now prioritize hiring candidates with certifications, highlighting the strategic importance of cybersecurity talent. Complementing this trend, Fortinet offers the Network Security Expert Certification Program at the Fortinet Training Institute and is actively training one million people by the end of 2026, equipping organizations with the skilled workforce they need to close this critical gap.

Prediction: In 2026, CISOs will play an increasingly essential role in the boardroom. Security leaders must clearly communicate both the opportunities and risks of technologies like AI, helping boards determine their appetite for risk. As cybersecurity becomes ever more critical, CISOs themselves are increasingly being invited to serve as board members, broadening the board’s expertise and strengthening organizational resilience.

Bambi Escalante is the country manager, Fortinet Philippines.

7. Preparing the next generation of cyber experts – The cybersecurity workforce is evolving as Gen Z enters and Gen Alpha follows — digital natives accustomed to instant information and interactive learning. Traditional training tools are losing relevance, and as AI automates more entry-level tasks, pathways to build practical experience are narrowing. Organizations must evolve how they attract, train, and retain these future experts to prevent an even deeper skills shortage.

Prediction: AI fluency will become a foundational skill for cybersecurity professionals. Educational institutions and employers must embed AI literacy and cybersecurity fundamentals into every curriculum and training program to ensure readiness for an AI-driven workplace. Without this, industries risk losing an entire generation of capable defenders before they even begin their careers.

8. Navigating regulations and privacy pressure – Cybersecurity regulations continue to expand worldwide, including in the Philippines, where the Data Privacy Act establishes baseline accountability for handling sensitive data. While these frameworks promote trust and consistency, they also heighten compliance demands, requiring investment in governance, risk management, and reporting.

Prediction: Organizations that fall short, risk fines and reputational damage. Fragmented standards across countries create extra work, but 2026 may bring greater global collaboration and wider acceptance of existing certifications, helping companies align compliance while maintaining strong security.

9. Confronting the quantum challenge – Quantum computing is a complex technology that poses little immediate risk, as machines capable of breaking current encryption are likely more than a decade away. Yet, the potential for “harvest now, decrypt later” attacks is real, where adversaries collect sensitive data today to decrypt in the future. This highlights the need for long-term planning, even if the threat seems distant.

Prediction: Rather than delaying action, organizations should begin incorporating quantum readiness into procurement and security strategies now. Preparing today ensures that critical systems and data remain protected as quantum capabilities mature.

10. The rise of the Chief Resilience Officer – The CISO role goes beyond security. Today, CISOs are business enablers, ensuring operations continue while supporting innovation and managing risk. Defending against constant attacks requires layered security, network segmentation, and tested response plans. Most importantly, CISOs must identify the minimum viable business — the core functions that must stay running during a crisis.

Prediction: Attacks on large organizations will continue in 2026, driven by AI, Cybercrime-as-a-Service, and state-sponsored activity. CISOs need to plan for worst-case scenarios, strengthen continuity measures, and conduct regular testing, effectively acting as Chief Resilience Officers to keep the business operational under any circumstance.

2026: THE YEAR OF RESILIENCE
2026 will test how organizations anticipate and respond to disruption. CISOs must place resilience at the center of their strategy, preparing for inevitable challenges while ensuring business continuity, robust recovery plans, and secure management of both human and AI-driven systems.

Equally important is fostering collaboration across security, operations, and leadership. A shared understanding of risk and a coordinated response will determine how effectively organizations withstand evolving threats. Continuous learning, rigorous testing, and proactive planning have become core responsibilities of every security leader.

Ultimately, the CISO’s role extends beyond protecting systems. Those who combine technical expertise with strategic vision will transform security into a source of trust, stability, and growth — ensuring their organizations are prepared not only to survive 2026 but to emerge stronger and more resilient.

Bambi Escalante is the country manager, Fortinet Philippines.