2026年网络安全考量

innovation in a dynamic worldkpmg.com/cyberconsiderations Contents Foreword...............................................................................03Eight keycybersecurity considerations for 2026...............05Sector insights: Emerging cybersecurity priorities......................06Cyber strategies for 2026.....................................................40How KPMG professionals can help.....................................41Meet the authors..................................................................42Acknowledgements..............................................................43 Foreword As organizations transformfor growth, the speed and intensity of technological change bring both opportunity and risk. Chief Information Security Officers(CISOs), and those responsible for balancing business agility with cyber risk, must keep pace with developments in technology, the geopolitical landscape andevolving compliance requirements that directly impact cybersecurity. They must support trusted operations and innovation in the face of an expanding cyberattack surface. The ubiquity of technology continues to expand their role across every business function, requiring CISOs to work with multiple stakeholdersand present a strong case for investment in cybersecurity. This imperative is informed by several critical drivers that are currently shaping the world ofcybersecurity for CISOs and enterprise leaders alike: AI is at the center of today’s disruptive period and is proving to be a double-edged sword for Geopolitics has become a common feature of cyber conversations, with rising tensions causing cybersecurity professionals. On the one hand, those charged with defense, protection and responsecan leverage AI to detect and address threats faster and more efficiently than humans alone. On theother hand, AI empowers threat actors, who not only automate and scale their efforts, but also usemore sophisticated methods and tools to breach cyber defenses. Agentic AI and the proliferation ofdigital agents is also placing digital identity management under greater scrutiny as CISOs strive toprotect the plethora of non-human identities and keep their activities under control.Regulation and sovereignty add complexity (sometimes rapid) decoupling of former trading partners. As organizations rethink where they operateand who they source from, these decisions have a cascading impact on CISOs as they manage thethreats from nation states and help ensure a safe transition to new supply chains.CISO visibility and responsibility continues to increase Cybersecurity is now everyone’s responsibility, and CISOs should continue to raise awareness ofrisks, instill responsible digital behaviors, and communicate cyber risk in the language of business to leadership, employees, suppliers, and partners. By adopting a principle of ‘radical transparency’,CISOs can help the organization and its partner ecosystem understand the importance ofcybersecurity and make decisions based on signals, risk and intelligence. As the global regulatory environment becomes more fragmented, CISOs and Chief Risk Officers(CROs) are increasingly involved in efforts to comply with digital safety, sovereignty and resilience requirements. The range and complexity of these obligations are straining the resources andcapabilities of cybersecurity teams striving to keep data secure and private. Quantum presents a real threat inthe medium term About this paper The transition to post-quantum cryptography (PQC) presents a significant transformationrequirement and, for sectors like finance and defense, an existential one. Proactively preparing forquantum-related cyber risks now can help secure organizations’ futures by making them moreresilient, supporting business continuity, and managing regulatory changes. Cybersecurity considerations 2026 presents insights from more than 20 leading KPMG cyberexperts around the world, alongside senior leaders from our cybersecurity alliance portfolioincluding Google, Microsoft, Palo Alto Networks, and ServiceNow. It is further informed byfindings from KPMG global and regional surveys.The paper explores eight key considerations on the agenda of CISOs and other senior leaders As digital and physical systems merge, hyperconnectivity makes the operational technology across the enterprise, spanning multiple sectors. At a time of heightened cyber challenges,it aims to contribute to the future direction of cybersecurity and highlights opportunities tostrengthen resilience, improve organizational performance, and embed AI safely and effectively. (OT) environment in sectors like Utilities, Oil and Gas, Natural Resources, Manufacturing, andTelecommunications more vulnerable to breaches via vast numbers of internet of things (IoT)devices. Data centers are now considered critical infrastructure and their immense thirst forelectricity raises the pressure to safeguard power and utility facilities. Power plants are beingcon