Cybersecurity in 2026: Why resilience now matters more than ever
By Nick Harding, Head of IT Security, Recarta
The World Economic Forum’s Global Cybersecurity Outlook 2026 confirms what many of us working in enterprise IT already see day to day. Cyber risk is accelerating and resilience is becoming the defining factor between disruption and continuity.
The report is explicit. Cybersecurity risk in 2026 is “accelerating, fuelled by advances in AI, deepening geopolitical fragmentation and the complexity of supply chains” (Foreword, p.3) . This is no longer a technical issue. It is a business one.
Cyber risk is now operational risk
One of the clearest signals in the report is the divergence in how risk is perceived at senior levels. CEOs now rank cyber-enabled fraud and phishing as their top concern while CISOs continue to focus on ransomware and supply chain disruption (Table 1, p.8) .
When systems go down, data becomes unavailable or recovery can be slow, then the impact is immediate. As the report notes, recent cyber incidents have caused “major operational disruptions and data losses” even in organisations that considered themselves prepared (Section 3.4, p.34) .
In practice, cyber incidents become operational failures when core platforms are fragile or overly complex.
AI accelerates impact, not just attacks
The report states plainly that AI is “anticipated to be the most significant driver of change in cybersecurity in the year ahead, according to 94% of survey respondents” (Executive Summary, p.4) . It also highlights that “87% of respondents identified AI-related vulnerabilities as the fastest-growing cyber risk” (Figure B, p.5) .
What matters operationally is speed. AI enables attacks to scale faster and move more precisely. Environments that are fragmented, poorly governed or heavily reliant on legacy systems struggle to contain that speed. Those with simpler, well-designed platforms recover more effectively.
This is why resilience is shifting beyond prevention. As the report puts it, cyber resilience underpins an organisation’s ability “to minimise the impact of significant cyber incidents on its primary business goals” (Section 3.4, p.34) .
Legacy infrastructure is now a resilience risk
A point worth emphasising is the role of legacy infrastructure. The report identifies legacy systems as one of the greatest challenges to achieving cyber resilience, cited by 31% of respondents (Figure 25, p.35) .
This is not about age for its own sake. Legacy systems are hard to secure, expensive to maintain and increasingly incompatible with modern tools. Years of incremental change have created what the report describes as security debt, where modern controls are layered onto platforms that were never designed for today’s threat environment (Section 3.4, p.35) .
For many organisations, resilience now depends on whether those systems can be isolated, recovered and operated safely when disruption occurs. Private cloud environments offer a practical path forward by allowing existing workloads such as databases, applications and integrations to run in dedicated, isolated infrastructure designed for security and performance, without forcing immediate replacement.
Confidence built on fragile foundations is increasingly risky. As cyber incidents accelerate in speed and impact, platforms that cannot adapt or recover quickly turn technical weaknesses into operational failures.
Resilience depends on ecosystems, not silos
The WEF findings also show that highly resilient organisations see third-party and supply chain dependencies as their biggest remaining challenge. 78% of CEOs in highly resilient organisations cite this as their primary concern (Figure 4, p.14) .
Resilience, the report concludes, is no longer built in isolation and increasingly depends on visibility across ecosystems, suppliers and partners (Section 2, p.13) .
From an infrastructure perspective, this often shows up as unmanaged dependencies, unsupported platforms and recovery plans that stop at organisational boundaries.
What leaders should focus on now
Only 19% of organisations say their cyber resilience exceeds requirements, despite improving confidence overall (Figure 24, p.34) . The message is clear. Minimum resilience is not enough.
The organisations that will navigate the next phase of cyber risk most effectively will treat resilience as a design principle. That means simplifying complex environments, modernising critical platforms and ensuring data and systems can be recovered quickly and safely when disruption occurs.
The WEF report highlights what many organisations are already experiencing. Legacy infrastructure is no longer just a technical constraint. It is a resilience risk.
At Recarta, we work with organisations to modernise critical infrastructure in a way that reduces operational fragility and supports recovery, compliance and long-term security. That does not always mean wholesale replacement. It means making deliberate decisions about which platforms remain, which evolve and which no longer serve the business.
Our approach to infrastructure modernisation was recognised in 2025 when Recarta was named IBM Partner of the Year in EMEA for modernisation. That recognition reflects a practical focus on building platforms that are secure, resilient and operable at scale.
In 2026, cybersecurity will not be defined by how well incidents are prevented. It will be defined by how well organisations continue to operate when something goes wrong.
If you want to discuss what the WEF findings mean for your organisation and your infrastructure, please get in touch.
