New Delhi [India], April 14 : Organizations must urgently recalibrate their cybersecurity strategies to align with artificial intelligence (AI), geopolitical risks, and evolving regulatory demands, according to a latest report by KPMG on "Cybersecurity considerations 2026."
The report highlights that cybersecurity is no longer a support function but a core business enabler, requiring enterprises to balance protection with innovation.
KPMG emphasizes that enterprises should define and implement adaptive data, service, and technical architectures to respond to rapidly changing threat landscapes. Data governance is emerging as foundational, with organizations advised to treat data classification and tagging as a "survival mechanism."
The report calls for the deployment of autonomous security architectures within Security Operations Centers (SOCs), enabling continuous monitoring, faster threat detection, and management of AI-driven risks. Organizations are also encouraged to maintain human oversight ("human-in-the-loop") to ensure accountability and control over AI systems.
With the rise of AI agents, KPMG recommends establishing centralized identity stores to track both human and non-human identities, ensuring controlled access and reducing exposure to cyber threats.
Enterprises are advised to adopt zero trust architectures, decentralized identity management, and continuous monitoring. Security must be embedded from the design stage, particularly across AI systems and digital platforms.
The report stresses building cryptographic inventories and agility frameworks to prepare for post-quantum risks, highlighting the need for early transition planning to avoid future vulnerabilities.
Organizations should extend risk management beyond traditional vendors to include multi-tier supply chains, with continuous monitoring and stronger contractual obligations for cybersecurity compliance.
KPMG notes that cybersecurity strategies must integrate geopolitical risk assessment and regulatory compliance, ensuring resilience across global operations while meeting evolving legal requirements.
The report underlines the need for cross-functional collaboration across IT, risk, legal, and business teams, along with stronger engagement with suppliers and OEMs to build secure ecosystems.