SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Fingerprint to interlocking shields global digital identity security
#
Data Protection
#
Hybrid Cloud
#
Digital Transformation

Identity security to become core cyber focus by 2026

Fri, 2nd Jan 2026
Author image
By Kaleah Salmon, News Editor

Identity security is set to move to the centre of enterprise and government cyber strategies in 2026, as experts warn that AI-driven attacks, machine agents and state-linked hackers expose the limits of traditional perimeter defences.

The shift comes as organisations across Asia-Pacific and Europe face more sophisticated phishing, deepfake-driven impersonation and targeted intrusions aimed at personal data and credentials.

Identity infrastructure

Security leaders expect identity systems to be treated as critical infrastructure next year, on a par with networks and data centres.

Geoff Schomburgk, Vice President for Asia Pacific and Japan, Yubico, said, "2026 will be the year identity becomes infrastructure. AI-driven phishing and deepfake impersonation are accelerating across APAC, with an overwhelming 85% of respondents in this region recognising that phishing attempts are becoming more sophisticated."

"To combat these rising threats, organisations will begin treating identity security the way they approach networks or data centres, treating it as a critical system for business operations that requires hardened, resilient components. Organisations across finance, critical infrastructure, and the public sector will increasingly rely on phishing-resistant tools such as passkeys and hardware-backed credentials for strong multi-factor authentication (MFA), Zero Trust and privileged access."

"For 2026, the priority is clear for organisations across APAC: shrink credential‐theft risk by focusing on building phishing-resistant users throughout the company, and build trust in a region where digital transformation continues to outpace legacy‐era security models. The companies that adapt fastest will be those treating identity not as an IT feature, but as core infrastructure," said Schomburgk.

Organisations in sectors such as banking, energy and government are under particular scrutiny. Many of these institutions run large-scale digital transformation projects on top of legacy systems and fragmented access controls.

Security teams in these environments face increasing use of AI by criminal groups and hostile states. Attackers automate reconnaissance, craft highly personalised phishing messages and generate synthetic audio or video to impersonate staff.

Verified trust

Vendors and consultants expect a parallel shift in mindset away from static perimeter models towards what some describe as "verified trust".

Adam Preis, Director, Ping Identity, said, "Next year, verified trust will replace the old perimeter mindset as the only sustainable way to secure AI-driven business. In this model, trust is earned, not assumed, whether you're inside or outside security perimeters. We've already handed machine agents the keys to critical systems - approving payments, reconciling accounts, even writing code - yet few organisations have asked the vital: what can agents do once they're inside?"

"In 2026, that question will become the new cybersecurity frontline. Every agent will need its own verifiable identity and permissions that expire as quickly as they're granted. Access will adapt in real time, reflecting context, not credentials. The leaders will be those who see trust as dynamic, not static, managing it moment by moment."

"Verified Trust is the enforcement layer for agentic AI; access is earned, time-bound, and adaptive, so humans and intelligent agents can safely share the same digital space. We'll see a stronger shift to where every machine, process, and even human will have to prove itself on request, with Zero Standing Privileges and just-in-time access as standard. It's about resilience and ensuring humans and intelligent machines can safely share the same digital space," said Preis.

That approach requires consistent identity for human users and non-human entities across cloud services and internal systems. It also relies on continuous evaluation of device health, location, behaviour and risk.

State-linked threats

The strategic focus on identity comes as governments confront suspected state-backed intrusions aimed at personal and administrative data.

Authorities in the United Kingdom are investigating a recent hack in which government data was stolen. Officials have said they believe the risk to individuals is low, and that the exploited security gap was closed quickly. A Chinese-affiliated group is suspected, though ministers have said investigators do not yet know who is responsible.

Specialists say the incident fits a wider pattern of attacks against identity-related information and supporting systems.

Nathan Webb, Principal Consultant, Acumen Cyber, said, "This year we've seen a number of threat actors go after data and services that relate to people's personal identity. Even partial identity data can be valuable because it can be correlated across other breaches and can also be used to create more convincing targeted attempts against individuals. Similarly, we've previously seen identity data used for fraudulent activity. Determining impact when declaring to the ICO cannot consider what other information threat actors may have already obtained about individuals."

"If this is Chinese nation-state threat actors, they are known more for sophisticated attacks, so it's very likely this was a targeted attempt. They'll often exploit vulnerabilities at the network perimeter and include persistence methods to remain present for extended periods of time, so it's positive to hear that the security gap was closed quickly. An important line of defence against such attacks is to have a rigorous patching strategy, backed by consistent vulnerability scanning to actually validate mitigations are applied."

Security professionals expect more governments and regulators to ask detailed questions about how organisations manage identity and access. They also anticipate greater scrutiny of patching regimes, vulnerability scanning and monitoring of privileged accounts.

Identity providers and consultancies say those changes will demand investments in both technology and skills. They also say boards will need to treat digital identity as an ongoing operational risk, alongside physical infrastructure and financial controls.

Related stories
AppOmni study pegs average SaaS breach at USD $1.365m
Data Privacy Day spotlight on control, resilience, design
AI surge exposes cloud security gaps, report warns
Retail & wholesale hit by exposed shared credentials
Misconfigured cloud training labs open paths to attacks

Top stories

Claroty raises USD $150m to boost CPS cyber security
GitHub unveils Copilot SDK to power AI agent workflows
Preparing campus and branch networks for AI demand
EU Cybersecurity Act revamp targets high risk vendors
Experts warn AI era demands tougher data protection