AI-driven social engineering surpasses ransomware as leading cybersecurity concern

Infosecurity Magazine reports that artificial intelligence-powered social engineering was cited by 63% of IT and cybersecurity professionals as the leading cybersecurity threat next year, compared with only 54% and 35% who regarded ransomware and supply chain attacks as the foremost threats, respectively.

Only 13% said they feel "very prepared" to handle generative AI risks, while 25% admitted being "not very prepared," according to the 2026 ISACA Tech Trends and Priorities report.

"Most IT and cybersecurity professionals are still developing governance, policies and training, leaving critical gaps," the report stated. However, over half said AI and machine learning remain top investment priorities. ISACA Vice President of Content Development Karen Heslop praised the EU's AI Act as a model for compliance but described the fragmented U.S. regulatory landscape as "a compliance nightmare."

Only 18% of respondents reported strong talent pipelines, and 44% expect difficulty hiring for digital trust roles in 2026. ISACA urged companies to strengthen AI governance, compliance readiness, workforce skills, and cyber resilience.