In this blog series, Aviatrix leaders discuss their predictions for cloud security in 2026, from an AI explosion to quantum computing.
AI was the major theme in cloud security in 2025: AI deployment and enablement within enterprises as IT teams integrated AI into their tech stacks; employees becoming more AI proficient and AI-native in their task workflows; people designing their own AI agents with greater ease. While many of these developments are unlocking innovation and efficiency, they also open new security challenges as LLMs and AI agents change the tech ecosystem.
Here are my predictions for 2026 considering rapid AI adoption with its opportunities and risks:
1. Hardening Strategies for “AI Security”
“AI security” has become a buzzword – a vague one. As AI adoption grows and AI agents become increasingly easier to build and deploy, CISOs will have to determine what it actually means to secure an AI agent and the servers those agents talk to:
Identity – We’ll need to make sure the identity controls for users extend to their AI agents to make sure those agents only fetch data they are authorized to access. This means carrying identity through the workflow and in the enterprise environment.
Segmentation – We need to make sure we understand what these agents will do in a predictable manner. Part of that certainty is making sure agents can’t access information or services we don’t want them to access, and can’t send information where we don’t want it to go. The key to this security control is network segmentation with boundaries that AI agents can’t penetrate.
Ingress and egress filtering – Alongside segmentation, CISOs will focus on network inflows and outflows for agentic AI use to protect the boundaries of our networks: keep bad actors out and sensitive data inside.
2. A Networking Education for CISOs
With AI-assisted security attacks on the rise, network-layer defense is now foundational for protecting cloud workloads. While identity and endpoint security remain critical, CISOs must prioritize network-layer controls to contain threats that move laterally and exploit multicloud environments.
This means deepening your knowledge of cloud networking fundamentals, understanding the default security posture of each CSP, reducing overall attack surface, and mastering concepts like encryption, traffic inspection, segmentation, logging, and high availability in a multi-cloud context.
If we CISOs can develop expertise in foundational concepts, we can unify security, networking, and DevOps teams to build success together instead of striving for siloed goals. Our organizations can benefit from a strategic approach that strengthens security, enhances performance, provides continuous compliance, and optimizes costs without compromise. We will also be able to cultivate a security-first culture in our organizations to combat widespread problems like shadow AI and shadow IT.
3. Exchanging Overwhelm for Prioritization
CISOs struggle with overwhelm: many alerts, many tools, and many priorities compete for our attention. Any long-term security overhaul or redesign project is difficult to implement with so many immediate concerns. In 2026, I predict that CISOs and other security leaders will make strides to exchange overwhelm for prioritization and focus on the “big picture” of what really matters for enterprise cloud security.
Wiz, one of Aviatrix’s new partners, is an excellent example of what that prioritization looks like tactically. Wiz helps organizations exchange alert fatigue with a simple visualization of highest priorities and “toxic combinations” of high-risk, high-value workloads. This visualized approach helps companies focus on what really matters instead of trying to pay attention to everything all the time – and, with Aviatrix’s security policy enforcement, act on the biggest threats in the runtime.
Prioritizing in cloud security means asking, “what really matters here?” Instead of chasing down every alert and every new security solution, it means using the zero trust framework (see the next prediction) to limit, isolate, and neutralize potential threat actors with a simple set of security best practices.
4. Transforming Zero Trust From Theory to Reality
2025 witnessed a series of sobering cyber attacks: APTS like Salt Typhoon, Silk Typhoon, and APT40; ransomware like Medusa and PromptLock; and many more. The attack surface of the cloud is too wide, and the boundaries are too porous, for traditional networking solutions and cloud native tools alone. CISOs will need to lead an effort to transition their organizations from traditional security to optimal security according to the Zero Trust Maturity Model (ZTMM 2.0).
Focusing on the five pillars of zero trust – identity, devices, networks, applications & workloads, and data – CISOs can design and execute an organized, systematic elimination of threats. Zero trust principles are critical for securing AI workloads: stopping lateral movement, flagging suspicious activity, limiting the blast radius of an incident, and preventing data exfiltration.
Some of the security news of 2026 is already written: there will likely be data breaches, regulation updates, new AI agents, and new security solutions on the market. No matter what the headlines are, CISOs and other security leaders who implement zero trust principles will begin to see the rewards as they regain control of their cloud security at the network layer.
Read Aviatrix CEO Doug Merritt's predictions for cloud security in 2026.
Learn how to enforce zero trust for AI workloads.
