2026 Cyber Resilience: Strategies for the Next Wave of Threats

The volume and complexity of cyberthreats, driven by AI and automation, are outpacing the capabilities of traditional security models. Industry experts argue that the transition from a prevention-focused approach to one of operational cyber resilience is no longer an option, but a strategic imperative.

"Cybersecurity must evolve from being a technical necessity to a strategic business decision," said Adriana Servín, National Vice President of Cybersecurity, CANIETI, during the Mexico Cybersecurity Summit 2025. This conceptual shift, says Servín, accepts the inevitability of an incident and focuses efforts on the organization's ability to withstand, recover, and adapt its operations, ensuring business continuity instead of relying on notions of total prevention.

The urgency of this strategic transition responds directly to two critical factors: the industrialization of cybercrime and a persistent corporate preparedness gap. Threat actors now use Generative AI tools to automate and scale phishing and control-evasion campaigns with unprecedented realism. This automation fuels an illicit market where corporate network access is sold as a product, creating an asymmetry where offensive AI surpasses defensive AI in maturity and accessibility.

The economic impact of this industrialization is tangible. Servín cites a report from Cyber Security Ventures that estimates the global cost of cyberattacks at US$9.5 trillion in 2024, with a projection to increase to US$10.5 trillion by 2025. "This would almost represent the third largest economy worldwide," says Servín.

An emerging "engineering" risk adds to this immediate threat: quantum computing. Mario Rivas, CISO, Seguros Monterrey New York Life, warns that although "we see them as distant," technological advances are approaching the "day when encryption keys break" and information now protected by traditional algorithms will be exposed.

The other factor driving the shift toward resilience is the preparedness gap. The Cisco Cyber Security Readiness Index reveals that "only 4% of organizations worldwide are prepared and mature to face attacks."

The 2025 Cisco Index details that 80% of organizations are in the 'Beginner' or 'Formative' stages. That same report identifies a persistent talent shortage as a challenge for 87% of companies, and notes a complex security environment where 52% admit their defenses are hindered by having too many separate security tools.

However, organizational change must start from the top, says Manuel Díaz, CISO, Huawei Mexico. “Senior leadership must engage in security strategy, understand risks and recovery, and provide governance, policies, and budgets,” says Díaz.

Strategic Pillars: From Technical to Business

This landscape transforms cyber resilience from a technical IT function into a pillar of corporate strategy. Gartner projects that by 2026, the ability to mitigate cyber risks will be a performance requirement for 50% of senior executives and 70% of boards of directors will include a member with specific expertise on the matter.

To implement this strategy, organizations must adopt business-aligned operational frameworks. Alberto Ramírez, Head of Security Architecture Americas, BBVA, explains that "the same recipe will not work for everyone." The strategy must adapt to "the reality you are living in and the budget you are given," he adds. 

The central implementation of this model is the Zero Trust Architecture (ZTA), standardized by NIST. ZTA operates under three fundamental principles: assuming a breach, which forces internal controls like micro-segmentation to limit lateral movement; applying the least possible privilege for access; and continuously verifying every access request, eliminating implicit trust.Resilience must be "completely and absolutely preventive" and based on a "complete understanding of what we are going to protect," says José Manuel López, Deputy IT Director, Nissan.

“We must train our teams to understand security, extend it across the organization, and deploy tools to counter increasingly sophisticated attacks,” says López.

Humans play a key role, as they were involved in up to 95% of security incidents in 2024. Attacks targeting people are becoming increasingly sophisticated, warns Gloria Moncayo, CIO, Provident Mexico. These attacks can now even include the "virtual kidnapping" of employees, she adds. An appropriate response requires Security Behavior and Culture Programs (SBCPs) to transform the workforce into an active defense network.

Finally, resilience must extend beyond individual organization. A comprehensive approach requires the collaboration of government, the private sector, and academia, explains Servín.