Samsung SDS flags top 5 cybersecurity threats for 2026

Samsung SDS' headquarters in Songpa District, Seoul / Courtesy of Samsung SDS

Samsung SDS has published its report on the five major cybersecurity risks for 2026, Monday, based on an analysis of major cyber incidents in Korea and abroad over the past year.

The company forecasted that the five most critical risks expected to dominate corporate security agendas this year are artificial intelligence (AI)-driven cyberattacks, ransomware, cloud vulnerabilities, phishing and data security breaches.

The report, based on surveys of 667 IT and security professionals, outlined that the rapid adoption of generative AI — particularly AI agents autonomously executing tasks — could result in excessive access privileges, unauthorized operations and data leaks.

It advised businesses to implement AI guardrails, such as real-time oversight, automated blocking and human approval systems for high-risk commands such as modifying sensitive data or executing payments.

“AI and AI agents will amplify emerging threats, from meticulous phishing attempts to data leaks and attacks targeting AI-powered environments,” said Chang Yong-min, Samsung SDS head of security business unit.

“Traditional security solutions alone are no longer sufficient, so companies must transition toward AI-powered monitoring, detection and automated response.”

Samsung SDS also warned of ransomware’s evolution into quadruple extortion through data encryption, leak threats, distributed denial-of-service attacks and blackmailing victims. To mitigate such risks, the company urged multilayered recovery systems, continuous monitoring and organization-wide employee training.

Cloud security remains another pressing issue, with excessive sharing, weak access management and neglected default settings leading to cloud-related breaches. The company recommended continuous monitoring frameworks using cloud native application protection to identify vulnerabilities in accounts’ authorization and resource configurations in real time.

Phishing is becoming the front door for broader enterprise intrusions, from internal breaches and data theft to ransomware and supply chain compromises, calling for companies to have tighter governance over accounts and security policies.

Source: Korea Times News