Cyprus firms set to boost cyber defences amid rising global risks
Cyprus is expected to see a strengthening of corporate and institutional cyber defences as part of its national digital policy, according to Andrey Leskin, chief technology officer of Qrator Labs.
Speaking to the Cyprus Mail, Leskin warned that the global cybersecurity landscape is set to become more complex and more dangerous by 2026.
“Digital capabilities and resilience to cyberattacks are among the key priorities of the country’s national digital policy, with the government strengthening the institutional framework and cooperation with the EU,” Leskin said, referring to recent remarks by Deputy Minister of Innovation Nicodemos Damianou.
“Therefore, we will see more companies and organisations strengthening their cybersecurity capabilities in 2026,” he added, pointing to a growing emphasis on prevention rather than reaction.
“That would involve systematic investment in technologies such as zero-trust architectures, and DDoS-mitigation solutions, and people that can manage them,” Leskin said, linking Cyprus’ policy direction to wider global trends.
Against this backdrop, Leskin said the cybersecurity threat environment by 2026 will not be defined by a single dramatic development, but by the steady accumulation of risks driven by artificial intelligence, ageing infrastructure and deepening interconnection between systems.
“We expect that in 2026 the cybersecurity landscape will change not through a single breakthrough threat, but through the steady accumulation of risks,” he said, warning that existing weaknesses are becoming more dangerous as they interact with each other.
One of the most significant shifts, according to Leskin, will come from the rapid spread of AI agents embedded directly into browsers, search engines and everyday digital tools.
“These assistants are designed to help users browse the web, compare products, fill in forms, and execute commands on their behalf,” he said, but added that they have already been shown to be vulnerable to manipulation.
Websites can hide instructions that are interpreted by AI assistants, allowing attackers to inject malicious prompts into browsing sessions without users realising it, he explained.
“As AI-enabled browsers become more widespread, security researchers expect public disclosures of attacks in which users unknowingly grant access to sensitive data,” Leskin said, including passwords, email accounts and connected services.
“In some cases, compromised AI agents may even be abused to launch attacks against third-party resources, including DDoS attacks,” he added, predicting that malicious websites designed specifically to exploit AI-assisted browsing will become a visible problem in 2026.
Leskin also pointed to the growing availability of smaller, more efficient AI models that can run locally on devices such as smartphones and laptops as a major security concern.
“Tasks that required cloud-based AI systems just a few years ago can now be handled by compact models capable of running locally,” he said, noting that this makes them attractive tools for attackers.
Instead of downloading traditional malware that can be detected by antivirus software, compromised systems can be instructed to use local AI models to generate malicious code on demand, making detection far more difficult.
“This approach allows attackers to bypass many traditional security controls without introducing clearly malicious files,” Leskin said.
He added that AI-enabled malware allows each compromised device to independently interpret instructions and generate unique attack behaviour, making large-scale campaigns harder to identify.
“The result is a highly diverse set of behaviours that are much harder to recognise using signature-based detection,” he said, particularly in application-layer attacks.
Beyond AI, Leskin warned that growing reliance on complex digital supply chains is increasing systemic risk across industries.
“A single incident at a service provider can trigger cascading disruptions across multiple organisations and even entire sectors,” he said, adding that such chain reactions are likely to become more common by 2026.
Ageing and unsupported software and hardware were also highlighted as a critical weakness, especially for medium-sized and large organisations whose core operations rely on outdated systems.
“Many organisations continue to rely on systems deployed years ago,” Leskin said, warning that end-of-life software leaves known vulnerabilities exposed to the internet.
He said similar problems affect small businesses and private users, particularly through devices such as routers, smart TVs and connected appliances that are rarely updated.
“These devices can be exploited for a wide range of purposes, from DDoS attacks and illicit mining to account compromise and data theft,” he said.
In response, Leskin said cybersecurity strategies will increasingly focus on intent rather than simply distinguishing between humans and bots.
“Instead of trying to determine whether traffic originates from a human or a bot, defenders need to focus on intent rather than form,” he said, as AI makes traditional controls like CAPTCHAs easier to bypass.
Despite technological change, Leskin stressed that basic security principles remain essential.
“Strong access control, careful monitoring of user actions, and reliable backups continue to form the foundation of resilience,” he said, describing backups as critical to recovery from potentially catastrophic incidents.
For individual users, he warned that AI-powered browsing tools are evolving faster than the safeguards designed to protect them.
“Users should be aware that they are assuming risks that are still difficult to clearly define or limit,” Leskin said.
Overall, he said cybersecurity in 2026 will be shaped by the interaction of existing threats rather than entirely new ones.
“In this environment, success will depend not only on how well organisations protect themselves, but also on how prepared they are to withstand disruption when protection inevitably fails,” he said.