7 Cybersecurity Trends to Watch

With 72% of organizations seeing an uptick in organizational cyber risks this year, Google offers some ways companies can strengthen their defenses as the threats accelerate and evolve.

Bridget McCrea

Nov. 18, 2025

4 min read

Key Highlights

AI enhances cybersecurity by enabling faster, more effective defense operations and automating routine tasks, allowing analysts to focus on high-level decision-making.
Organizations must strengthen defenses against prompt injection attacks and adapt identity management systems to incorporate AI agents with continuous risk evaluation.
Ransomware remains a major threat; companies should improve patch cycles, oversee third-party risks, and understand vulnerabilities in zero-day systems to build resilience.
Security teams need to develop blockchain expertise to trace transactions, decode smart contracts, and monitor wallet activities for emerging threats.
Effective cybersecurity requires layered defenses, strict governance, and continuous adaptation to match adversaries' use of AI and other advanced tactics.

Download this article in PDF format.

As global reliance on digital infrastructure deepens, the world’s cybersecurity is under unprecedented strain. According to World Economic Forum (WEF), modern attacks continue to increase in scale, sophistication and strategic intent. It’s Global Cybersecurity Outlook (GCO) 2025 shows that geopolitical tensions have directly influenced 60% of companies’ cybersecurity strategies and 72% have seen an uptick in organizational cyber risks, with ransomware remaining a top concern.

“In addition, nearly half of global organizations now cite the malicious use of generative AI as their top cybersecurity concern, and over 40% have already suffered successful social engineering attacks in the past year,” WEF notes, adding that one in three CEOs cite cyber espionage and intellectual property theft as top concerns, while 45% of cyber leaders worry about operational disruption. “These concerns are no longer theoretical; they’re baked into strategic planning at the highest levels of government and industry.”

With cyberthreats evolving at an alarming pace right now, Google’s Cybersecurity Forecast 2026 focuses on three key themes: adversary and defender use of AI; cybercrime as the most disruptive global threat; and continued operations by nation state actors (cyber threat groups funded or directed by a government) to achieve their strategic goals.

The outlook for 2026 doesn’t look much brighter on the cybersecurity front, where new threats seem to be emerging almost daily. Here are seven areas that Google is watching and that it advises organizations, governments and companies to be ready to respond to:

Artificial intelligence helps defenders move faster. Attackers will lean on AI, but defenders will too. Google says AI can “enhance the speed, scope and effectiveness” of operations when teams use it to automate routine work and stay focused on high-judgment decisions.
Autonomous systems streamline security workflows. AI agents will automate parts of the attack and defense lifecycle. This shift will give security teams more time to investigate, validate and act instead of getting buried in manual tasks.
Better protection against prompt injection. Prompt injection is an attack where someone tricks an AI system into ignoring its safeguards and running a hidden command. Google expects companies to strengthen their defenses by hardening models and tightening controls as they understand how prompt injection works.
Identity programs adapt to AI adoption. Google expects identity and access management to evolve as companies bring AI agents into daily workflows. Each AI agent will need its own permissions and continuous risk evaluation to prevent unsafe actions.
Security teams work alongside AI partners. With AI handling the heavy analysis, alerts will arrive with full summaries, letting analysts confirm details and take action faster. Google says this shift will move analysts away from manual data hunting and toward higher-value validation and decision-making.
Ransomware and extortion drive better resilience planning. Ransomware will remain disruptive, but Google says companies can reduce exposure by improving patch cycles, strengthening third-party oversight and understanding where they rely on zero-day prone systems.
Security teams build blockchain fluency. With more money and assets moving onto blockchains, defenders will need to learn how to trace transactions, decode malicious smart contract logic and investigate wallet activity. These skills give security teams better visibility into emerging threats.

AI Governance and Continuous Adaptation

As cyber-attackers embrace AI at full speed, Google says organizations must match that pace with stronger controls, better governance and a clearer view of where the technology fits in their security stack. Google warns that adversaries will “enhance the speed, scope and effectiveness of operations,” and says defenders must apply the same AI capabilities to move faster and stay ahead.

Google tells companies to start with layered defenses that harden models, apply strict guardrails and then add more checks and balances around high-risk actions. “Organizations must prioritize proactive, multi-layered defense strategies, invest in AI governance,” it says, “and continuously adapt their security postures to safeguard against emerging threats.”