Kristen Smith 
Cybersecurity leaders entered 2026 with a clearer view of how artificial intelligence-driven threats, operational technology risk and hybrid infrastructure reshaped security decisions in 2025.
Drawing on a global survey of more than 500 chief information security officers, Trellix’s “Mind of the CISO: The Future of Cyber Resilience” report, released in December, found that 97 percent of respondents view hybrid infrastructure as more resilient than cloud-only or on-premises models.
The survey results also showed that almost all respondents see hybrid environments as essential for meeting regulatory and compliance requirements, as well as for managing obligations related to data sovereignty and residency.
An April ExecutiveBiz guide on integrated IT infrastructure mirrors that perspective, highlighting how legacy systems, siloed data and uneven modernization continue to complicate federal IT environments, reinforcing the need for architectures that can support compliance, scalability and operational efficiency at the same time.
The guide emphasized that integrated and hybrid approaches—combining on-premises infrastructure with cloud and edge capabilities—have become central to addressing federal requirements tied to frameworks such as the Federal Risk and Authorization Management Program, National Institute of Standards and Technology Special Publication 800-53 and the Cybersecurity Maturity Model Certification.
How Did OT and IT Risk Converge in 2025?
The convergence of operational technology and information technology remained one of the most persistent cybersecurity challenges during the year. While 96 percent of CISOs said OT-IT convergence is critical to protecting critical infrastructure, fewer than half reported plans for significant near-term investment due to organizational complexity and resource constraints.
OT systems underpin military platforms, energy grids, transportation networks and federal facilities, increasing cyber-physical exposure even as accountability and funding remain distributed across agencies.
Concerns about that convergence were reinforced in December when the Cybersecurity and Infrastructure Security Agency and allied cybersecurity authorities released joint guidance on securing artificial intelligence integrated into OT environments. The document, titled “Principles for the Secure Integration of Artificial Intelligence in Operational Technology,” addressed the growing use of machine learning, large language models and AI agents in systems supporting public services while warning that AI adoption introduces new adversarial pathways.
“AI holds tremendous promise for enhancing the performance and resilience of operational technology environments – but that promise must be matched with vigilance,” said Madhu Gottumukkala, acting director at CISA, describing OT systems as the backbone of national critical infrastructure.
The guidance outlined four core principles for AI use in OT: training personnel to understand AI risks and benefits, assessing AI based on operational and data impacts, establishing governance through testing and compliance, and maintaining safety and security through human oversight and incident response planning.
How Did AI-Driven Threats Shape Security Decisions?
AI emerged in 2025 as both a defensive tool and a threat accelerator. CISOs cited ransomware and extortion, autonomous AI-enabled attacks and targeted assaults on OT environments as the primary threats driving changes in security strategy.
While 94 percent said emerging threats are forcing a rethink of cybersecurity and infrastructure priorities, fewer than half expressed high confidence that AI-powered defenses can fully counter autonomous attacks.
