AI-Driven Social Engineering Top Cyber Threat for 2026, ISACA Survey Reveals

AI-driven social engineering is set to be one of the most significant cyber threats in 2026, a new ISACA report revealed. The 2026 ISACA Tech Trends and Priorities report found that this type of AI threat is seen as a major challenge by 63% of the 3000 IT and cybersecurity professionals surveyed.

This is the first time AI-driven social engineering has topped the ISACA report’s findings, surpassing long-standing threats such as ransomware and extortion attacks (cited among the top threats for 2026 by 54% of respondents) and supply chain attacks (mentioned by 35% of those surveyed). A minority of organizations (13%) said they feel “very prepared” to manage generative AI risks, half said they feel “somewhat prepared” and 25% “not very prepared” for this task.

Regulations, especially AI safety and security regulations, are seen by many respondents as primarily helping them close this preparedness gap, Karen Heslop, ISACA’s VP of content development, said during a press briefing at the ISACA Europe conference on October 16. She emphasized that the EU is the one that “leads the way in technology compliance,” including in cybersecurity and AI security.

On the other hand, she described the situation in the US, where several individual states are working on AI safety and security laws in the absence of federal legislation, as “a compliance nightmare.” “Say I’m a small company that operates across 12 US states. I could end up having 12 sets of laws to comply with in a single country. That’s very prohibitive,” she added.

To read the complete article, see: Infosecurity Magazine