Kaspersky has released its latest set of AI-driven cybersecurity predictions for 2026, highlighting how artificial intelligence will simultaneously accelerate cyber threats and strengthen cyber defence. The insights come at a time when the Asia Pacific (APAC) region is emerging as the world’s most dynamic AI testing ground, outpacing global adoption rates and reshaping how both attackers and defenders operate.
According to Kaspersky, 78% of professionals in APAC now use AI at least weekly, compared to a global average of 72%. This rapid uptake is being driven from the ground up by hyper-connected consumers, widespread device usage and digitally native younger populations—often well before enterprises formally roll out AI programmes. While this momentum is fuelling innovation and enterprise transformation, it is also redefining the scale, speed and sophistication of cyber risks.
AI’s double impact on cybersecurity
Kaspersky researchers warn that large language models (LLMs) and generative AI are becoming powerful tools on both sides of the cybersecurity equation. As AI becomes more embedded in everyday workflows, it is reshaping how threats are created, automated and delivered, while also enabling more advanced detection, analysis and response capabilities.
Ten AI-driven cybersecurity predictions for 2026
- Deepfakes become mainstream risks
Synthetic media will be a permanent fixture in security discussions. Organisations will increasingly train employees to recognise deepfakes, while general user awareness also grows as exposure increases across formats such as video, audio and text.
- Higher-quality deepfakes with lower barriers to entry
While visuals are already highly realistic, audio quality is expected to improve rapidly. At the same time, easier-to-use tools will allow non-experts to generate convincing deepfakes, expanding misuse by cybercriminals.
- Continued push for AI content labelling standards
Efforts to reliably label AI-generated content will intensify, though challenges remain due to inconsistent criteria and the ease with which labels can be removed—particularly in open-source environments.
- Real-time deepfakes remain advanced but dangerous
Live face- and voice-swapping technologies will improve, but remain largely in the hands of skilled attackers. Their use in targeted attacks, however, will grow more convincing and impactful.
- Open-weight AI models near parity with closed models
Open-source and open-weight models will approach the performance of closed systems in cybersecurity-related tasks, increasing opportunities for misuse due to fewer built-in safeguards.
- Blurring lines between legitimate and fraudulent content
As brands adopt AI-generated visuals and marketing materials, distinguishing real content from scams and phishing pages will become harder for both users and automated detection systems.
- AI embedded across the cyber kill chain
Attackers will increasingly use AI at multiple stages of an attack—from reconnaissance and social engineering to vulnerability discovery and malware deployment—while actively concealing signs of AI involvement.
- Security operations centres (SOCs) become more AI-driven
Agent-based systems will automate vulnerability scanning, investigation and contextual analysis, shifting security teams away from manual data gathering towards faster, decision-led response.
- Natural-language interfaces redefine security tools
Complex queries and dashboards will increasingly give way to conversational, prompt-based security analysis, lowering operational friction for SOC teams.
- AI governance becomes a decisive security differentiator
Organisations that manage AI responsibly—balancing innovation with oversight—will be better positioned to control both AI-enabled threats and AI-driven defences.
“AI is reshaping cybersecurity from both sides,” said Vladislav Tushkanov, Research Development Group Manager at Kaspersky. “Attackers are using it to automate attacks and create highly convincing fake content, while defenders are using it to detect threats and make faster, smarter decisions. The ability to manage AI safely will directly influence the future of cybersecurity.”
Adrian Hia, Managing Director for Asia Pacific at Kaspersky, added that the region’s rapid AI adoption presents both opportunity and risk. “Asia Pacific is setting the global pace for AI adoption, creating enormous potential but also redefining how cyber threats emerge and scale. Organisations can rely on Kaspersky’s decades of expertise to strengthen their defences in this new AI-driven threat landscape.”
Kaspersky concludes that 2026 will mark a turning point where AI’s role in cybersecurity is no longer experimental but foundational. For organisations across APAC and beyond, success will depend on their ability to harness AI defensively while anticipating how the same technologies are being weaponised by attackers.