Cybersecurity remains a highly dynamic topic as the new year begins: emerging threats, increasing complexity, and growing requirements continue to shape the landscape for organizations. Looking back while also looking ahead, the question is: What lessons can we take from the past year, and what should we prepare for next?
Today we’re talking to Christoph Zajic, Head of the Process Consulting Team.
2025 has already flown by. Looking back at the past year, what do you think were the biggest cybersecurity challenges for organizations?
Christoph Zajic: From my perspective, one of the biggest challenges in 2025 was undoubtedly NIS2—particularly the long wait for clarity. For months, many organizations simply did not know what exactly would be required of them or when specific obligations would actually become legally binding.
As we enter 2026, which cyber threats do you consider particularly dangerous this year?
Christoph Zajic: When it comes to cyber threats, I don’t expect fundamentally new developments in 2026. Regardless of whether AI is involved or not, we as defenders are usually one step behind the attackers.
One topic that will become significantly more important, however, is fake news. Young people in particular, who increasingly rely on social media as their primary source of information, will be confronted with ever more AI-generated content and videos. In many cases, common sense is becoming the only reliable way to distinguish authentic content from manipulated material. And unfortunately, that very skill seems to be exercised less and less among younger generations.
Which regulatory developments are on the horizon, and how can organizations prepare?
Christoph Zajic: From a regulatory perspective, AI will continue to gain importance as well. Organizations will increasingly need to address how AI is being used within their business and which regulatory frameworks and requirements apply.
AI has also become increasingly integrated into our own company. Do you have an AI tip or a particularly useful use case you’d like to share?
Christoph Zajic: I don’t have a specific AI hack to share, but my team is currently experimenting extensively with different AI tools, and we’re already exploring some very promising use cases.
What advice would you give organizations to prepare for 2026?
Christoph Zajic: My advice is relatively simple: do your homework and clean up your legacy issues. Many problems can be avoided if organizations address the fundamentals properly before moving on to more advanced topics.
From the perspective of your area of expertise, what do you hope to see in 2026?
Christoph Zajic: For 2026, my biggest wish is simple: plenty of exciting projects—and just as many happy customers. 😉
