Copyright © Sullivan Wright All Rights Reserved
What’s Next for Cybersecurity
In a column for the Arkansas Democrat-Gazette, Chris Wright, co-founder of Sullivan Wright Technologies, reflected on the major cybersecurity developments of 2025 and what they may signal for 2026.
A central theme is the rapid expansion of artificial intelligence (AI). As demonstrated at the Consumer Electronics Show (CES), AI is being integrated into an ever-growing range of products and services. Organizations and cybercriminals alike embraced AI, creating both opportunities and risks.
Among the year's setbacks, Chris highlighted the significant weakening of the Cybersecurity and Infrastructure Security Agency (CISA). Staff reductions, reduced federal oversight, and the dismantling of collaborative cybersecurity programs have diminished critical communication channels that help organizations prepare for and respond to cyber threats.
On a more positive note, Chris pointed to increased action by federal and international law enforcement agencies against cybercriminal networks. Operations targeting ransomware groups and other malicious actors disrupted criminal infrastructure and produced measurable results. However, ransomware-as-a-service groups remain active and continue adapting their tactics, making ongoing vigilance essential.
Another encouraging trend was a shift away from a compliance-only approach to cybersecurity. Chris noted that more organizations now view cybersecurity as a core business function focused on risk management and resilience rather than simply meeting regulatory requirements. Leaders are increasingly treating cyber threats similarly to other business risks, such as supply chain disruptions or natural disasters.
AI, a trending technology, remains a mixed blessing. Security professionals have successfully used AI to identify vulnerabilities and improve defensive capabilities, while attackers have leveraged the same technology to create more convincing phishing campaigns and ransomware attacks. Chris emphasized that organizations achieved the best outcomes when AI was implemented thoughtfully, with appropriate training, governance, and human oversight.
While technology and threats will continue to evolve rapidly, Chris noted that long-term cybersecurity success depends on strong fundamentals, comprehensive security strategies, and sustained investments in cyber resilience rather than chasing the latest technology trends.
