By 2026, the feeling that “you can’t trust anything online” has stopped sounding paranoid and started to look like a fairly accurate description of reality. Artificial intelligence has moved deep into the dark side of the game: it powers fake videos and cloned voices, writes emails that sound exactly like your colleagues, and helps automate attacks that used to require dedicated, highly skilled teams.
In recent months, security experts have been warning that deepfakes and AI‑driven attacks are growing in both speed and impact. Several reports list deepfakes as one of the major threats for 2026, with cases ranging from CEOs’ voices being cloned to trick finance teams, to manipulated videos being used as weapons in geopolitical conflicts. At the same time, AI is doing the heavy lifting in the background: it gathers data on people and companies, scrapes professional profiles and public posts, and then crafts highly personalised messages aimed at each target.
One of the clearest warnings came from a Palo Alto Networks executive speaking at Mobile World Congress. He pointed out that in periods of geopolitical tension, cyberattacks tend to appear almost in parallel with military action, hitting not just government systems but also companies and national infrastructure, from telecom networks to power grids and financial systems. According to him, around 60% of organisations have already adjusted their cybersecurity strategy because of this environment.
In this context, artificial intelligence looks very much like a double‑edged sword. On the offensive side, attackers can now produce phishing campaigns and social‑engineering attempts that are almost indistinguishable from legitimate communication. Those badly written emails that used to give everything away are being replaced by flawless language, tailored to the victim’s role, interests and company, often built using public data from LinkedIn or other networks. On the defensive side, the security industry is also leaning heavily on AI, using it to detect suspicious behaviour sooner, automate parts of the incident‑response process and make sense of complex, hybrid environments where endpoints, networks, cloud and SaaS all intersect.
Identity is becoming the real battleground. If it is easy to fake what we see and hear, visual or audio cues alone are no longer a reliable signal of who is on the other side. That is why experts keep insisting on stronger multi‑factor authentication, out‑of‑band verification for sensitive requests, and, in some cases, shared “security phrases” that only the real person would know. At the same time, there is growing focus on securing human identities, machine identities and AI agents, which can be compromised like any other piece of software if they are poorly configured.
For product teams and engineering leaders, this all translates into very concrete responsibilities. You cannot simply plug an AI agent into your internal systems and hope for the best. You need to define clear boundaries, understand exactly which data the agent can access and which actions it is allowed to perform, and plan for what happens if it is taken over. The same goes for third‑party integrations: every new connection is another potential entry point for attackers.
In the end, the message is straightforward, even if it is not particularly comforting: AI is not going away from either side of the equation. The difference will be between organisations that accept this new reality and update their processes, tools and mindset, and those that still treat what appears on the screen as something inherently trustworthy. In 2026, “seeing is believing” is officially out of date.
