The increasing use of AI by cybercriminals, the increasingly accessible physical attacks on mobile devices, and the poor security of IoT and print infrastructure will fundamentally transform the way organizations and businesses protect their data and technology.
Alex Holland, senior expert at HP Security Lab, warns that 2026 will mark an accelerated growth in the use of AI agents by hackers: “We expect criminal groups to automate more and more stages of their attacks using AI agents – from analyzing targets to identifying vulnerabilities. Cyber criminals will not limit themselves to creating phishing content; they will use AI for complex tasks, expanding their operational capabilities and reducing the resources required“.
He points out that in the face of an increasing volume of AI-assisted cyberattacks, even the most advanced detection solutions will miss certain threats. “Organizations need to ensure that threats can be controlled, isolated and remedied, protecting their fleet, maximizing uptime and ultimately securing the future of work“, Alex Holland draws attention.
Physical attacks on devices, simpler and cheaper in the era of hybrid work
According to Boris Balacheff, an expert in security research and innovation at HP Inc., increased employee mobility exposes devices to unprecedented physical risks, and the tools needed to manipulate devices are becoming more accessible and cheaper: “Today, employees work in coffee shops, bars, hotels and conference centers around the world, providing ample opportunity for a cybercriminal to tamper with a device when the user walks away. They will also more often use shared peripherals and infrastructure, including printers. Through physical manipulation, hackers can attempt to extract data, take control of compromised devices for wider access to organizations’ networks, or even launch destructive attacks that break devices that don’t have built-in self-healing features from the design stage. To secure the future of work, organizations will need to prioritize hardware with built-in security and resilience at every level.”
Printer, IoT and Edge security becomes priority after a year full of attacks
Steve Inch, Global Senior Print Security Strategist, HP Inc., points out that despite increased attacks on endpoint devices, printers have long been overlooked: “For too many years, printers were the last priority for security teams. Many organizations lack basic visibility or control over their print infrastructure. This creates blind spots — from exploit attempts to insider threats, outdated firmware, malicious updates, and misconfigurations such as open ports or unmodified default credentials. These security gaps provide cybercriminals with a potential launch pad to compromise not only the printer and the data stored on it, but also other devices on the network. Next year, organizations and governments will demand that endpoint devices, such as printers, include active and continuous monitoring throughout their lifecycle.”
Quantum computing resistance becomes mandatory for vendors
Quantum resilience will become an essential criterion in hardware purchases, especially in critical industries and for long-life devices such as PCs and commercial printers.
“Continued technological advance in quantum computing makes increasingly plausible the scenario where a quantum computer capable of breaking asymmetric cryptography could appear in less than a decade. With an average commercial PC replacement cycle of just over 4 years and a commercial office printer lifespan of 4 to 5 years, devices purchased in 2026 have the potential to still be in use when a cryptographically relevant quantum computer will become a reality. By embedding quantum resilience now, organizations can trust the technologies that are shaping the future of work.” says Thalia Laing, Principal Cryptographer at HP Security Lab.
