From Ransomware to AI Risk: New ISACA Research Identifies What Will Keep Tech Pros Up at Night in 2026

SCHAUMBURG, Ill.--(BUSINESS WIRE)--As they look ahead to 2026, more than half of digital trust professionals (59 percent) are expecting that AI-driven cyber threats and deepfakes will keep them up the most at night next year, according to ISACA’s 2026 Tech Trends & Priorities Pulse Poll.

From ransomware to AI risk: new ISACA research identifies what will keep tech pros up at night in 2026.

Share

Also anticipated to keep them up at night are thoughts of irreparable harm caused by failure to detect/respond to a breach (36 percent) and insider threats and human error (35 percent), finds the inaugural pulse poll—which surveyed 2,963 professionals in digital trust fields such as cybersecurity, IT audit, governance, risk and compliance about their concerns and priorities in areas including technology, threats, regulation and talent.

Along those lines, respondents note that keeping up with the pace of AI-driven change (41 percent) is their biggest professional concern going into 2026, followed by increasing complexity of threats (27 percent), and talent retention and hiring (23 percent). AI and machine learning (62 percent) and generative AI and large language models (LLMs) (59 percent) also dominate the top technology trends or priorities that respondents anticipate will impact their work in 2026, along with cloud security (40 percent) and data privacy and sovereignty (30 percent).

However, they are not feeling particularly ready to face AI. Only 13 percent of respondents indicate that their organization is very prepared to manage the risks associated with generative AI solutions in the coming year, with half feeling somewhat prepared and 30 percent saying they are not very or not at all prepared.

AI is also top of mind when it comes to cybersecurity threats, with respondents noting they see AI-driven social engineering (63 percent) as the top cyber threat their organization will face next year. Additionally, they expect that ransomware and extortion attacks (54 percent) and insider threats (35 percent)—whether intentional or accidental—will be among the top three cyber threats they will encounter.

While 32 percent admit that they expect regulatory complexity and global compliance risks to keep them up at night in 2026, a majority still view cyber-related regulation as making a positive impact. Sixty-two percent believe it will drive business growth, and 78 percent think it will advance digital trust over the next few years. Respondents also cited regulatory compliance (66 percent) as the top focus area for their organization in 2026, followed by business continuity and resilience (62 percent), and managing AI-related risk (48%).

Looking ahead to how they plan to manage their workforce, 62 percent say their organization will hire for digital trust roles such as audit, risk and cybersecurity in the coming year, but 44 percent of that group expect they will have difficulty filling those roles with qualified candidates. Twenty-four percent say they have no plans to hire for those positions. Among those with hiring plans for 2026, 39 percent indicate they will hire more digital trust roles in 2026 compared to what they hired in 2025, 25 percent say they will hire fewer roles, and 36 percent are not sure. Additionally, 39 percent express that workforce upskilling in data security is a very important area of focus for their organization.

“Digital trust professionals face rapidly evolving technology, threats, and regulations that require them to constantly examine how to keep pace, stay relevant and protect their organizations. But the end of the year can serve as an important point in time for them to stop; reassess priorities, resources and strategies; create a plan for advancing their skills and knowledge; and make changes to set themselves and their organizations up for success in the coming year,” says Chetan Anand, AVP - Information Security, and CISO, Profinch Solutions, and member of the ISACA Emerging Trends Working Group.

Additional resources

ISACA offers a range of AI resources and several courses—including AI Fundamentals, AI Governance, and AI Threat Landscape. ISACA has also recently released its new Advanced in AI Audit (AAIA) certification and Advanced in AI Security Management (AAISM) certification.

To learn more about the research, download the free ISACA Tech Trends and Priorities Pulse Poll global infographic and global data sheet at www.isaca.org/tech-trends-and-priorities.

About ISACA

For more than 55 years, ISACA^® (www.isaca.org) has empowered its community of 185,000+ members with the knowledge, credentials, training and network they need to thrive in fields like information security, governance, assurance, risk management, data privacy and emerging tech. With a presence in more than 190 countries and with nearly 230 chapters worldwide, ISACA offers resources tailored to every stage of members’ careers. Through the ISACA Foundation, ISACA also expands IT and education career pathways, fostering opportunities to grow the next generation of technology professionals.