EXPERT COLUMN

To find out more, we caught up with Richard K. LaTulip, Field Chief Information Security Officer at Recorded Future, who said that resilience will be the‘ defining advantage’ in 2026.

“ Looking at the cybersecurity outlook for 2026, one theme rises above all others: resilience. Not just the ability to recover from a cyber incident, but the capacity to anticipate threats, absorb disruption, safeguard customer trust and maintain operational continuity under pressure,” he said, highlighting three main threats that organisations must protect against to remain resilient as we move into the new year.

Richard K. LaTulip, Field Chief Information Security Officer at Recorded Future

1. The rise of adversaries imitating the most effective social engineering groups

“ Groups like Scattered Spider have shown how damaging multi-channel social engineering can be. Their success stems from disciplined impersonation and co-ordinated communication tactics that exploit human trust via SMS, voice calls, chat applications and SIM-swapping,” said LaTulip.

“ In 2026, more adversaries will replicate these methods. Social engineering will become the preferred attack method for financially motivated actors, not because technology is weak, but because humans remain the easiest entry point.”

To counter this trend, institutions must go beyond annual awareness training, he said. They need realistic, role-specific simulations and continuous reinforcement that empower employees. Simply training them to detect and resist sophisticated deception in real time is no longer enough.

2. Increasing third-party risk

With the complexity of supply chains today, attackers understand that compromising a vendor can provide indirect access to dozens of downstream institutions, LaTulip said.

“ Many of these service providers operate with leaner security controls, creating a path of least resistance for highly motivated adversaries.

“ For organisations, the path to resilience will require treating vendor ecosystems

as extensions of their own infrastructure. Real-time visibility, contractual guardrails, intelligence-led monitoring and collaborative incident-response planning will be essential.”

3. The fragmentation of ransomware

“ Ransomware will remain a top threat in 2026, but its structure is changing. Large, brand-name ransomware groups are under mounting pressure from law enforcement actions, sanctions and infrastructure disruption. As a result, these groups are splintering into smaller, agile crews that focus on precise, low-noise operations. Artificial Intelligence( AI) will increasingly guide reconnaissance, target selection and exploitation, granting these smaller groups an efficiency once reserved for major criminal enterprises.”

He added that, for many organisations where service availability, customer trust and regulatory expectations are non-negotiable, this evolution makes rapid detection, deep visibility and intelligence-driven response more essential than ever. x

18 www. intelligentcxo. com