- From experimentation to the agentic future
Artificial intelligence has matured from a pilot project to one with a purpose. IDC calls this the "agentic future," where humans and AI act with autonomy and intention. The most visible shift is in conversational AI, which powers customer interaction, operations, and even cyberattack response. But these systems are only as reliable as the data they learn from. If that data is compromised, bias and misinformation result. This makes AI integrity a critical pillar of resilience in 2026. What's emerging next is the use of conversational AI to manage resilience itself. Instead of navigating dashboards and scripts, teams can simply request, in natural language, that a workload be protected, a policy be checked, or recovery readiness be validated across SaaS, multicloud, and hybrid environments. By 2026, resilience will evolve from reactive protection to self-healing intelligence, and conversational AI will be the everyday interface that makes that intelligence accessible, reliable, and continuous.
2. Cloud sovereignty as a strategy
From NIS2 to the EU Data Protection Act, cloud sovereignty has become the new strategic frontier. Forrester predicts that by 2026, half of all enterprises will prioritize regional infrastructure and policy-based data controls. Sovereignty isn't about isolation, but about control and choice. In a multi-cloud, multi-regional world, businesses need the freedom to decide where data resides—on-premises, in a private cloud, in a local cloud region, or in a global cloud—while maintaining full visibility into the laws to which it is subject and how it can be retrieved without crossing borders. Architectures are becoming sovereignty-by-default, with encryption, access policies, and compliance rules moving with the data, across borders and clouds. When sovereignty is built into the design, compliance becomes a competitive advantage. By 2026, this combination of sovereignty and freedom of choice will enable organizations to innovate with confidence within trusted boundaries.
3. Identity: the invisible infrastructure of resilience
As borders cease to exist for digital ecosystems, identity is replacing infrastructure as the security perimeter. Every credential, whether human or related to a technological element, represents a potential point of vulnerability. IDC predicts that, by 2026, cyber-resilient organizations will merge identity, data, and recovery policies into a continuous security framework. This redefines recovery, shifting it from a technical exercise to a matter of trust. The ability to restore the verified integrity of users, not just systems, will become the cornerstone of operational assurance. This becomes even more critical as AI begins to communicate with AI: autonomous agents initiating actions, sharing data, and making decisions on their own. In this AI-centric world, a trusted identity becomes the first security checkpoint. AI systems must be certain of who or what they are interacting with before acting.
4. Data rooms: turning protected data into reliable fuel for AI
By 2026, companies will recognize that their AI initiatives are stalled not by a lack of data, but by an inability to securely access and prepare the data they already have. Historical data will evolve from a "backup insurance" to a strategic intelligence asset if activated responsibly. This will accelerate the rise of sovereign and resilient data rooms—secure environments that connect governed backup data directly to AI platforms and data lakes. By providing controlled, self-service access with built-in classification, traceability, and compliance, data rooms will transform protected data into clean, compliant, and AI-ready fuel. Organizations that take this step will achieve faster and more secure AI adoption, as well as a distinct competitive advantage.
5. Quantum preparedness: the next frontier of resilience
While AI dominates today's headlines, quantum computing defines tomorrow's risk. Data protected with current algorithms (RSA, ECC) may be vulnerable within a decade. Forward-thinking companies are beginning to conduct cryptographic inventory audits, implement secure quantum algorithms, and redesign backup and recovery systems with cryptographic agility. Quantum preparedness isn't about predicting when quantum attacks will arrive, but about ensuring sovereignty, encryption, and recovery are in place when they do.
