What’s Next in Cyber Economics: 2026 Security Strategies from Industry Leaders

Four leaders from across the cybersecurity ecosystem share their perspectives on how attacker tactics, AI adoption, and economic pressures are shaping the year ahead. The discussion cuts through assumptions and focuses on the practical shifts CISOs and security teams should anticipate in 2026.

About the Webinar

Attacker behavior is changing. These changes aren’t all in the ways security teams often expect. Instead of chasing the newest breakthrough techniques, attackers are refining scalable, repeatable, and financially efficient operations. At the same time, organizations are grappling with rising SaaS dependence, unmonitored AI usage, and mounting pressure to make smarter budget decisions with less predictability.

This webinar examines the forces behind these shifts and offers guidance that leaders can put into practice now.

Key Themes Covered

Scaling Over Innovation: How Attackers Are Actually Evolving

Rather than adopting cutting-edge AI or developing new exploit paths, attackers are optimizing the operational models that already work. The panel discusses why efficiency gains, including automation, commoditized access kits, and pre-packaged phishing frameworks, pose a larger near-term threat than novel techniques.

Extortion Economics and the Decline of Encryption

Extortion continues to thrive, but encryption is no longer the cornerstone it once was. The speakers break down why attackers increasingly skip encryption altogether, relying instead on exfiltration and the promise of public exposure. This shift reduces friction for attackers and complicates defense strategies.

The Growth of Access Brokers and Commodity Tooling

Attackers don’t need to be experts when marketplaces offer off-the-shelf kits for initial access, phishing, lateral movement, and more. The conversation explores how this industrialization lowers the barrier to entry and widens the threat pool.

Shadow AI and Shadow SaaS: The Next Organizational Blind Spots

Employees are adopting AI tools and SaaS platforms faster than security teams can assess them. The panelists compare the rise of “shadow AI” to early-stage shadow IT, highlighting compliance gaps, data exposure risks, and how these hidden dependencies expand the attack surface.

Understanding SaaS Sprawl and Supply-Chain Vulnerability Layers

The group examines how risk multiplies across interconnected SaaS platforms. Even well-managed environments inherit vulnerabilities and control limitations from vendor ecosystems, often without clear visibility.

Budgeting for 2026: Why AI Costs Are Hard to Predict

As AI becomes woven into security tooling and business workflows, budgeting becomes more complex. The panel offers candid perspectives on forecasting usage-based AI spend, preparing for variable costs, and communicating these realities to leadership.

Hard-Earned Lessons from Decades of Combined Experience

Each speaker shares personal takeaways that shape how they approach security strategy today. Themes include focusing on adversary behavior rather than hypotheticals, aligning security priorities with business outcomes, and building resilience instead of chasing perfect prevention.

Speakers

Nick Nolen
VP of Cybersecurity Strategy & Operations, Redpoint Cyber

Jeremiah Grossman
CEO, Root Evidence

Chris Ray
Field CTO, GigaOm

Moderator:
Jeff Gouge
CISO, Nucleus Security

What You’ll Take Away

• A clear view of how attacker economics will influence threat behavior in 2026

• Practical strategies for identifying and reducing unseen risk introduced by SaaS and AI adoption

• Guidance for forecasting budgets and communicating shifting financial realities to leadership

• Expert advice on designing programs around realistic, data-driven assumptions

• Actionable insights to help teams simplify priorities and focus on measurable outcomes