The 2026 ITC Cyber Summit brought together cyber security leaders, practitioners and innovators to confront a growing reality: cyber threats are evolving faster than many organisations are prepared for.
As AI accelerates both opportunity and risk, traditional security strategies are quickly becoming outdated. Attackers are operating at machine speed, new attack vectors are emerging, and fragmented security architectures are struggling to keep up.
The message from this year’s summit was clear: organisations must rethink how they approach cyber security, from leadership decision making to technology strategy, if they want to remain resilient.
Below are the key insights from the day, featuring perspectives from Sir Graeme Lamb, Microsoft’s security leadership, and ITC Secure experts.
The Threat Landscape Is Accelerating and SO MUST WE
Sir Graeme Lamb opened the event with a clear warning: the digital threat environment is evolving faster than many organisations’ ability to respond.
- Criminal groups and hostile states are using automation and AI to scale attacks, while cyber operations now occur continuously and largely unseen.
- His message to leaders was direct: organisations must rethink how they communicate risk, prioritise security investment and embed cyber resilience into strategic decision making. Those that fail to adapt risk becoming increasingly exposed.
AI Is Reshaping Security and the Attack Surface
Microsoft’s Gabby Gradden and ITC CTO Matt Ross explored how AI and agentic systems are transforming cyber security. AI is not just improving tools. It is changing the speed and scale of attacks.
Key shifts include:
- Attackers are moving at machine speed
Automated phishing, AI-enabled attack tools and rapid lateral movement mean defenders now have minutes, not months, to respond. - New attack vectors are emerging
Prompt injection, data poisoning and agent manipulation introduce risks that traditional security controls were not designed to manage. - AI brings both opportunity and complexity
Organisations deploying copilots or agents must build governance, security boundaries and trust frameworks from the start.
Unified Security Tooling Is Now a Business Imperative
Security tool sprawl was another major theme. Many organisations now operate 40 to 80 security tools, creating complexity that slows detection and leaves visibility gaps.
Microsoft’s unified stack, including Defender, Purview, Entra, Sentinel and Intune, was highlighted to address this challenge.
Why consolidation matters more than ever
- Reduce blind spots created by siloed tools
- Accelerate detection and response by correlating identity, endpoint, cloud and data activity
- Strengthens AI defence by feeding richer, connected context into models
- Improves ROI by replacing overlapping legacy tools
- Simplify SOC operations and reduce alert fatigue
In an era of AI-driven threats, fragmented tooling is increasingly unsustainable. The message was clear: defending against AI-powered threats requires an AI-powered, unified security foundation.
Data Governance Must Be the Foundation
ITC’s Alan and Jonathan reinforced that strong data governance is essential for modern cyber security, particularly as organisations adopt AI.
Key recommendations included:
- Understand where data lives and who can access it
- Prioritise controls based on clear risk
- Simplify data labelling and avoid overengineering
- Secure data paths that AI systems interact with
- Ensure engagement with strong C-suite sponsorship to drive adoption
As AI systems analyse and generate insights from large volumes of data, poorly governed information becomes a major security risk.
The Path Forward: Trusted, Unified, AI-Ready Security
Across the summit, one message stood out: organisations must evolve their security strategies to match the pace of modern threats.
This means:
- Adopting AI responsibly and securely
- Unifying fragmented security tools
- Treating data as a strategic asset
- Embedding security across operations
- Strengthening leadership alignment and decision making
Cyber security is no longer just a technical function. It is a strategic capability that underpins trust and resilience.
Final Thoughts
The 2026 ITC Cyber Summit highlighted how AI is reshaping cyber security for both attackers and defenders.
Organisations that strengthen data governance, consolidate security platforms and build AI-ready defences will be far better positioned to navigate this shift. Those that delay risk falling behind an increasingly sophisticated threat landscape.
If you are evaluating how to consolidate security tools, govern AI adoption or strengthen your cyber resilience strategy, our experts would be happy to help. Get in touch here.
