This voice is automatically generated. Please let us know if you have any feedback.
Diving overview:
- Moody's said the new year will see more dangerous AI-powered cyberattacks and increased obstacles to regulatory harmonization. 2026 Outlook Report Published on Thursday.
- The report also predicts an increase in crypto theft due to cyber-attacks on both transaction and storage platforms.
- Moody's said recent cloud computing outages due to accidents highlight the “potentially devastating effects if exploited by attackers.”
Dive Insight:
Moody's Cyber Outlook Report (part of a series of 2026 predictions closely tracked by business leaders) predicts that AI-related threats such as model poisoning will become “more prevalent and prominent” as more companies deploy the technology without proper safeguards in place.
Moody's said AI already makes it easier for attackers to personalize attacks through phishing emails and deepfake media, but 2026 is likely to see the emergence of “adaptive malware” that is harder for defenders to spot, as well as AI agents that help hackers launch attacks more quickly. The research firm even predicts “early signs of autonomous attacks” to emerge next year, something experts are increasingly worried about. inside a company recent disclosures.
On the defensive side, Moody's said that companies that did not invest in “AI-driven defenses” would be “increasingly vulnerable,” but the company also predicted that agent AI's autonomous capabilities could create “unpredictable behavior and the potential for error accumulation,” complicating companies' cyber incident response efforts.
“AI-enabled defense solutions are not a silver bullet; they introduce new risks and require strong governance,” Moody's said. “However, in the age of AI-powered cybercrime, businesses that rely solely on manual processes will fall behind and increase their exposure to costly breaches.”
Moody's doesn't expect fully autonomous malware — the type that can adapt to defender tactics in real time — for another three to five years, the Moody's report said.
Regarding regulatory harmonization, Moody's highlighted the different paths of the European Union, the United States, and countries in the Asia-Pacific region. The EU continues to pursue a highly harmonized regulatory framework that: Network and Information Security DirectiveMoody's said that in the United States, the Trump administration give up some Predecessor's regulatory efforts and delay others.
“Regional harmonization may gain momentum in 2026, but true global alignment will be difficult to achieve given competing domestic priorities and legislative agendas,” Moody's said. “The challenge will be to introduce harmonization that strengthens rather than weakens resilience, as attackers are exploiting the gaps faster than regulators can close them.
