Aviatrix CEO Doug Merritt shares predictions and recommendations for cloud security in 2026.

The speed of generative AI is not the real story. The real story is the noise

We are in a new era of architectural chaos. This "ChAIos" is overwhelming technical leaders. You’re being told to innovate with AI, secure a multicloud footprint, and slash your budget, all at the same time. The problem is, you’re trying to build this future on a foundation that wasn't designed for it. 

Let's be clear: this isn't your fault. Your teams made smart, independent decisions to solve urgent business problems. They adopted VMs for stability (Gen 1). They embraced Kubernetes for agility (Gen 2). They used serverless for efficiency (Gen 3). 

Each of these was the right decision at the time. 

But these good, decentralized decisions have created a dangerous second-order problem: a deep and widening architectural divide. The result is a crisis of fragmentation that has become the single greatest advantage for attackers. My advice for 2026 is simple: Slow down to move fast. The only way to win is to return to first principles and bridge this divide. 

The Real Problem: We Are All Running Four Clouds at Once

The core mandate, to provide consistent, auditable security, is now operationally impossible because your cloud isn't one thing. It's a hybrid of four distinct workload generations, all co-existing. 

Let's make this tangible. Consider a common "Patient Portal" application at a healthcare provider: 

  • Gen 1: The "Lift-and-Shift" VM. The core patient records (an Oracle database) live on a "lift-and-shift" VM. It's secured by the NetSec team using native Security Groups or a legacy firewall. 

  • Gen 2: The Containerized App. The new "appointment-scheduling" feature is a microservice running in Kubernetes (K8s). It's managed by the Platform team using K8s NetworkPolicy. 

  • Gen 3: The Serverless Function. When an appointment is booked, a serverless function (a Lambda) triggers a "billing alert." This is owned by a DevSecOps team, "secured" (mostly) by an IAM role. 

  • Gen 4: The Agentic Workload. The new "AI Chatbot" that answers patient questions is an agentic workload. It needs to talk to all three other generations to be useful. It has no established security model and is a "Shadow AI" governance nightmare. 

This is the "Gen 1-4" battlefield. The real attack surface is not the VM or the pod; it's the unsecured, un-audited flow between them. 

This fragmentation creates the "12-team nightmare." How do you get to 12 teams? It’s simple: Take these four workload generations (Gen 1-4). Now, multiply them by the three major cloud providers (AWS, Azure, GCP). That's twelve different, non-interoperable security models. You have a Gen 1 NetSec team for AWS, another for Azure. You have a K8s Platform team for EKS, another for AKS. No single team has the visibility, tools, or authority to secure an application flow from end to end. 

The Market's Failed Responses

Security leaders are trying to solve this "Gen 1 through 4" fragmentation, but they're being pushed into two traps. 

The "Read-Only" Trap (CNAPPs)

Look at Google buying Wiz. Wiz is an outstanding company and a trusted Aviatrix partner. But it is a posture scanner. It's the "CT Scan" for your cloud. It is essential for finding misconfigurations. 

  • Real-World Fail: The CT Scan (Wiz) tells you that your Gen 1 VM has a critical vulnerability. Before you can patch it, an attacker exploits it. They then move laterally to your Gen 2 K8s pod (which the CNAPP can't see in real-time) and exfiltrate data via the Gen 3 Lambda function (which the CNAPP has no control over). The tool reported the problem but was powerless to prevent the breach. It tells you the door is unlocked; it cannot be the lock. 

The "Lift-and-Lift" Mirage (Legacy Firewalls)

The other "solution" is to take legacy on-prem firewalls (like Palo Alto's VM-Series) and repackage them as cloud VMs. 

  • Real-World Fail: Your expensive legacy firewall is set up to inspect traffic to the Gen 1 patient database. But your new Gen 2 scheduling app talks directly to a cloud API (like S3 or a third-party billing service). That traffic never crosses the firewall. The attacker compromises the pod and exfiltrates data directly to a public S3 bucket. You are blind, and your expensive firewall is useless. 

Leaders who rely on this bifurcated strategy, a "read-only" scanner and a "blind" firewall, are trying to secure a four-generation battlefield with tools that can only see Gen 1. This will fail. 

The Only First Principle That Matters: Abstraction

This pattern is normal. We saw it with the middleware explosion in the 2000s and again with server virtualization. Technology always moves from proliferation to fragmentation, and then, inevitably, to consolidation through abstraction. The only way to solve fragmentation is with a new layer of abstraction. The enterprise does not need another siloed tool. It needs a Unified Security Control Plane that decouples security intent from native enforcement. Let's make this actionable. Your CISO wants to enforce a simple policy: "No workload tagged 'HIPAA-data' can talk to the internet." 

  • How it fails today: You have to ask 4+ teams to implement this: 

    • The NetSec team must update the firewall rules (for Gen 1). 

    • The Platform team must write a K8s NetworkPolicy (for Gen 2). 

    • The DevSecOps team must check the IAM role and egress path (for Gen 3). 

    • The AI team... has no idea how to do this (for Gen 4). You have four teams, four tools, and zero confidence or auditability. 

  • How it works with abstraction: Your CISO defines this intent once in a unified control plane. The fabric then translates that intent and enforces it on the VM, the K8s pod, the serverless function, and the AI agent. One policy, ubiquitous enforcement. 

This is the "first principle" for 2026. With this foundation, my predictions are inevitable consequences. 

Prediction 1: AI Will Cause a 500-2,500% Increase in Breaches

Everyone is prioritizing AI innovation, as they should. But they are bolting "Gen 4" Agentic AI onto an already fragmented and unsecured foundation. This is the source of my prediction: I believe 2026 will see a 500% to 2,500% increase in breaches. 

  • Real-World Scenario: Consider a new "AI Call Center Agent." To be useful, it needs access to the Gen 1 customer database, the Gen 2 billing microservice, and a Gen 3 "send-summary" function. This agent is the multi-generational fragmentation. An attacker doesn't have to breach your perimeter; they just "poison" the agent's prompts or compromise its credentials. The agent, with its trusted access, becomes the attacker, moving laterally across all your systems. 

This isn't because AI is "dangerous." It's because we are multiplying complexity at a rate we cannot manage. 

Some security vendors will suggest you "fix" this by routing all this traffic out of your cloud to an external security service (like a SASE/SSE solution) and then back in. This is an architectural trap. That model was designed to secure users (people) accessing apps (SaaS). It was never designed for high-speed, low-latency workload-to-workload or agent-to-agent traffic inside your cloud. 

The "tromboning" of traffic adds massive latency, breaks native cloud services, and creates crippling data egress costs. The only viable control point is in the cloud's native path, a fabric that can inspect and secure traffic right where the workloads live, without forcing it to leave your environment. 

Prediction 2: The 98% Will Continue to Fail at Zero Trust

CISA, NIST, and MITRE all agree that true Zero Trust requires "pervasive encryption" and "pervasive workload protection." This means securing workload-to-workload (east-west) traffic, not just the perimeter. This is where the concept of microsegmentation is supposed to come in. But it's failing. 

  • Real-World Scenario: An attacker compromises a single K8s pod (Gen 2) via a simple vulnerability. Because there's no microsegmentation, that pod can scan the network and find your "lift-and-shift" Oracle database (Gen 1). They exfiltrate all your customer data. The breach didn't happen at the perimeter; it happened inside, in the "trusted" east-west corridor. 

A proper security architecture would have prevented this. The problem is that legacy segmentation relies on IP addresses. In a K8s world, a pod's IP address is ephemeral; it's gone in seconds. You can't write a firewall rule for something that doesn't exist. 

A modern architecture stops this breach by enforcing policy based on persistent, cryptographic workload identity and rich context (like K8s labels: app=billing, env=prod). This allows you to write a single, human-readable policy, like "Allow app=billing to talk to db=oracle-prod,” and the fabric enforces it, regardless of what IP address the pod has or where the VM lives. This stops lateral movement cold. 

About 2% of organizations have the architecture to enforce this. This 2% isn't smarter; they just have a smarter architecture. They have already built or adopted a unified abstraction layer. This layer gives them the three things the 98% lack: 

  1. Unified Visibility: A single graph of all flows. 

  2. Unified Policy: A single place to define intent. 

  3. Unified Enforcement: A single fabric to enforce that intent everywhere, from Gen 1 to Gen 4. 

The other 98% are overwhelmed, trying to manage 4+ different segmentation tools for 4+ generations of workloads. The data breaches of 2026 will be traced back to this simple, architectural failure. 

Summary: Your Action Plan

There is no quick fix. My advice is to embrace the "ChAIos" by refusing to play the game. Stop trying to stitch 12 disparate teams and their unique tools together. 

Here is your action item: Go back to your office and ask your team, "Can you show me, on one screen, the real-time, east-west traffic between our new K8s cluster and our production VM database?" The silence you'll likely get is your real-world fragmentation gap. 

To fix this, "slow down to go fast." Go back to first principles and ask: "What is my architectural plan to manage this fragmentation?" The solution is not more tools; it is a smarter architecture. A single abstraction layer is the "one stone" that solves five problems at once. It’s the only way to build a pervasive security and encryption strategy that can finally tame the multicloud, multi-generational mess and allow you to innovate with AI, securely.  

Call to Action: 

resources_orange_glow
related posts
Rethinking Access How Aviatrix and AWS Are Simplifying Trust and Security card image

Rethinking Access: How Aviatrix and AWS Are Simplifying Trust and Security

Why Everyone Should Care About DORA card image

Why Everyone Should Care About DORA

Understanding the Roadmap for DORA Compliance card image

Understanding the Roadmap for DORA Compliance

Subscribe
Doug Merritt
Doug Merritt

CEO

Doug Merritt is Chairman, Chief Executive Officer, and President of Aviatrix. Most recently, Doug served as Splunk President and CEO from 2015 to 2021. During his tenure as CEO, Doug led the transformation of Splunk from an on premise, perpetual license software company with the equivalent of $220 million in Annual Recurring Revenue (ARR), to a cloud-based SaaS company with ARR of $3.12 billion.

Featured Categories

orange-pattern-center

ACE Program

card image

Customers

card image

Cloud Network Security

card image

AWS

card image

Partners

card image

Cloud Networking Heroes

card image

Azure

card image

Events

card image
PODCAST

Altitude

View All
subscribe now

Keep Up With the Latest From Aviatrix

Cta pattren Image