What Security Leaders Learned in 2025 (And What They're Watching in 2026)

48,185 CVEs. $2.5 billion ransomware impact. 64% of victims refusing to pay. 30 days from disclosure to botnet weaponization. We asked 25+ security practitioners what these numbers actually mean for 2026—and found the reality is more nuanced than the headlines suggest.

The Year Security Got Real

2025 wasn't supposed to be this hard.

The year opened with predictions about AI transforming security operations, promises of better tooling, and hope that maybe—finally—we'd get ahead of the vulnerability curve. Instead, we got a record-breaking CVE year, watched React2Shell go from disclosure to botnet weaponization in 30 days, and learned that Trust Wallet lost $8.5 million because of an npm package compromise.

We surveyed everything we could find across security researchers, CISOs, practitioners, and analysts to understand what actually happened in 2025 and what it means for 2026. Their insights cut through vendor hype and conference buzzwords to reveal what's actually changing.

Their shared conclusion: 2026 will be the year where abstract risks become concrete consequences—and the gap between organizations that adapt and those that don't will become irreversible.

2025 By the Numbers: The State of AppSec

The Vulnerability Explosion

• 48,185 CVEs published in 2025, up 21% year-over-year (Jerry Gamblin, 2025 CVE Data Review)

• 115 CVEs disclosed daily on average

• 305,000+ total CVEs in the database

• 1,484 entries in CISA's Known Exploited Vulnerabilities catalog, growing 20% in 2025 alone

The Skills Reality

• 88% of organizations experienced security incidents due to skills gaps, not headcount (ISC2 2025 Workforce Study)

• 29% of organizations cannot afford staff with needed skills

• 33% lack sufficient budget to adequately staff security teams

The Exploitation Timeline

• 30 days: Time from React2Shell disclosure to RondoDox botnet weaponization

• 5 years: How long CVE-2020-12812 has been exploited in FortiOS firewalls—with 10,000+ still vulnerable

• $8.5 million: First major dollar figure publicly attributed to npm supply chain compromise (Trust Wallet)

The Ransomware Reality (Verizon DBIR 2025)

• 44% of all breaches now involve ransomware (up from 32% in 2024)

• 64% of ransomware victims refused to pay (up year-over-year)

• $115K median ransom payment (down year-over-year)

• 30% of breaches traced to third-party compromise (doubled from 15%)

The Breach Economics (IBM Cost of a Data Breach 2025)

• $10.22M average breach cost in the United States (up year-over-year)

• $4.44M global average breach cost

• 241 days average breach lifecycle—fastest in a decade

• 32% of organizations now pay regulatory fines post-breach (first year tracked)

These aren't abstract statistics. They represent the operating environment security teams navigate daily.

The Velocity Crisis: When CVEs Outpace Human Response

Every security professional we spoke with mentioned the same fundamental challenge: the rate of vulnerability disclosure has outpaced human capacity to respond.

"You Can't Patch Everything"

Jerry Gamblin, the security researcher behind the annual CVE Data Review, summarized the situation bluntly: "You can't patch everything. Your only move is to ruthlessly prioritize based on exploitability and automate the rest."

His analysis of 2025's 48,185 CVEs reveals a troubling pattern. The growth isn't slowing—it's accelerating. And traditional "fix all criticals" strategies are mathematically impossible at scale.

Sean Atkinson, CISO at CIS (Center for Internet Security), sees the same trajectory: "Vulnerability disclosures will accelerate, creating operational challenges for organizations that haven't invested in vulnerability intelligence and prioritization."

The numbers bear this out. Organizations with 100,000+ vulnerability backlogs aren't outliers anymore—they're the norm. The average time to remediate sits at 252 days, but exploit timelines have compressed to weeks or days.

"One Click, Game Over"

Kelly Shortridge, CPO at Fastly, characterized the React2Shell vulnerability in December with a phrase that captured 2025's reality: "A one click, game over kind of vulnerability. We see it basically hitting everyone."

The RondoDox botnet weaponized React2Shell within 30 days of disclosure. Before most organizations finished initial assessments, commodity attackers were actively exploiting production systems.

This compression of exploit timelines changes everything. Randy Rose, Senior Director for Operations and Intelligence at CIS, puts it directly: "The cybersecurity industry is long overdue for a holistic, unified approach. The traditional 'detect and remediate' model is unsustainable because the attackers have time on their side."

The Mathematical Reality

The math doesn't work for human-scale remediation:

• 115 CVEs disclosed daily

• Typical AppSec team: 5-10 engineers

• Average remediation time: 252 days

• Backlog growth rate: Exponential

Chris Hughes, author of Resilient Cyber and cybersecurity researcher, has been tracking this disconnect for years. His analysis of 2025's data confirms what practitioners experience daily: "The vulnerability growth rate isn't linear—it's compounding. Every AI coding assistant, every new framework, every dependency adds to the surface area."

The Takeaway: "Fix all criticals" died in 2025. The organizations surviving 2026 will be those who shifted to exploitability-based prioritization and automated remediation at scale.

AI Changes Everything—Including the Threat Surface

If 2025 had a theme, it was AI—both as a solution and a new attack surface.

‍

The experts we spoke with are watching three distinct AI-driven transformations.

AI Agents Take Over Security Operations

Mandy Andress, CISO at Elastic, captured the acceleration: "Swifter attacks are being fueled by artificial intelligence. Threat actors are leveraging AI to automate reconnaissance, craft highly personalized lures, and generate audio and visual deepfakes that exploit human trust at scale. The result is a growing convergence of technical and psychological attack surfaces that target the human link or bypass traditional detection systems."

Daniel Miessler, creator of Unsupervised Learning and one of security's most-read voices, published his 13 predictions for 2026. The through-line across all of them: "AI agents will increasingly handle security operations that humans currently perform manually. Not as assistants, but as autonomous operators."

His specific predictions are worth attention:

1. Security tools will fade into the background as AI agents become the interface

2. Human analysts will shift from operators to supervisors of AI systems

3. Companies will compete on agent capability rather than feature lists

4. The talent market will stratify—top-tier practitioners will become more valuable as mid-tier tasks get automated

Miessler isn't alone in this assessment. The December cybersecurity M&A roundup showed 30 deals, with multiple acquisitions focused specifically on AI-driven automation capabilities. When vendors pay premium multiples for automation, they're betting on where the category is headed.

"2026 Will Be the Year of the AI-Coded Breach"

Not everyone sees AI as purely beneficial. Liav Caspi, CTO at Legit Security, offered a stark prediction: "2026 will be the year of the AI-coded breach. We'll see major incidents traced back to vulnerabilities introduced by AI coding assistants."

The concern isn't theoretical. AI-generated code ships faster than human-written code, often bypassing traditional code review. And unlike human developers, AI doesn't maintain the code it writes.

Randall Degges, VP of Developer Relations at Snyk, articulated the maintenance gap: "AI-generated code lacks maintainers. Nobody owns it. Nobody understands it deeply. And it doesn't generate its own CVEs—the vulnerabilities get attributed to the projects that absorb it."

This creates a tracking nightmare. Traditional vulnerability management assumes someone, somewhere, owns each piece of code. AI-generated snippets scattered across thousands of repositories violate that assumption.

Richard Bird, CSO at Singulr AI, sees accountability as the defining challenge: "The biggest lesson of 2025 was that most AI risks did not come from rogue models. They came from a lack of visibility and accountability. By year-end, model lineage, continuous agent verification, validation, and audit-level traceability will be standard expectations."

The MCP Problem

Chris Hughes has been particularly focused on the Model Context Protocol (MCP) risk: "MCP and agentic browsers are creating new attack surfaces that we don't have models for yet. When AI agents have direct access to systems and APIs, the blast radius of a compromise changes completely."

The MCP architecture allows AI systems to interact directly with tools, databases, and external services. This capability enables powerful automation—but also creates new vectors that traditional security controls don't address.

Don Freeley, Director of Technology and Enterprise Security Officer at Community Bank, raised a related concern: "While AI promises faster threat detection, its misuse by cybercriminals is equally concerning. Organizations must balance embracing innovation with hardening their cyber defenses."

What This Means for 2026: AI is simultaneously the biggest opportunity and the biggest risk in security's future. Organizations that ignore AI-driven automation will fall behind. Organizations that adopt it carelessly will create new vulnerabilities. The winners will be those who do both deliberately.

The Contrarian View: Is AI Risk Overhyped?

Not everyone agrees AI threats have materialized as predicted.

Ivanti's 2025 research found no observed spike in AI-generated malware, despite vendor warnings. Their analysis concluded that "AI enhances productivity but doesn't yet redefine malware"—adversaries are leveraging AI to automate phishing content and accelerate reconnaissance, but traditional attack techniques still dominate.

Independent researcher Kevin Beaumont was blunter: "CISOs are scared by generative AI threats because vendors and educational institutions scare them—not because of the actual level of threat, but for financial motivations." He pointed to widely-cited research, including an MIT working paper claiming 80% of ransomware attacks used generative AI, that was quietly retracted after scrutiny.

The takeaway isn't that AI risk doesn't exist. It's that separating vendor fear-marketing from evidence-based threats matters. As Kim Larsen, CISO at Keepit, noted: "Defenders will match AI-driven attacks only if they adopt AI with intention and transparency. Success will depend on knowing how an AI system works, what data it relies on, and how decisions are made."

The Skills Gap Isn't About Headcount

The ISC2 2025 Workforce Study dropped a statistic that reframed the security staffing conversation: 88% of organizations experienced security incidents due to skills gaps, not insufficient headcount.

This isn't about hiring more people. It's about whether the expertise you have can scale to threat velocity.

The Skills Gap Isn't What You Think

Karen Sorady, VP of Member Engagement at CIS, observed the shift: "Security is becoming a general business skill in the same way that technology literacy has. Organizations need every employee to demonstrate competency—not just the security team."

Dr. Sybe Izaak Rispens, CISO at Trade Republic Bank, captured the role expansion with characteristic bluntness: "So, the enshittodomptor now also serves as intelligence analyst, diplomat, and strategic advisor, helping leadership understand that cybersecurity decisions are now inseparable from business strategy and geopolitical positioning. The integration of cyber operations into geopolitical conflict is permanent. The role will never return to its pre-2025 form."

The traditional model—specialized security team handling all security concerns—breaks down when every developer is using AI coding assistants, every employee is a potential phishing target, and every business unit is deploying SaaS tools with their own security implications.

Daniel Miessler's talent stratification prediction connects directly: "The market will split. Top-tier security practitioners who can architect systems, supervise AI agents, and make strategic decisions will become dramatically more valuable. Mid-tier tasks—alert triage, basic remediation, routine scanning—will be increasingly automated."

For security leaders, this creates a strategic question: Do you invest in headcount for tasks that will be automated within three years? Or do you invest in capabilities that will remain human-essential?

Why Automation Becomes Mandatory

The math forces the answer. At 115 CVEs per day, no team can manually triage, prioritize, and remediate at the required pace. Scott Gregory, CISO at Sonar, describes the current state: "Alert fatigue at hyper-scale. Teams drown in findings while actual risks slip through. The volume has exceeded human bandwidth."

Marcus Sachs, former SVP and CSO at the North American Electric Reliability Corporation, sees this playing out across critical infrastructure: "A significant cyberattack against digital infrastructure will demonstrate the fragility of global interconnectedness. In response, governments will accelerate mandates for automated security controls."

The regulatory environment is already moving in this direction. CISA's KEV catalog, the SEC's incident disclosure rules, and pending software liability legislation all assume organizations can move at machine speed.

The Talent Strategy That Works

Lee Noriega, VP of Security and Technology at CIS, offered the practical framing: "The most effective security teams in 2026 will have fewer people doing fundamentally different work. They'll be supervisors of automated systems, architects of secure-by-default pipelines, and strategic advisors to the business."

This isn't hypothetical optimization. It's adaptation to mathematical reality. The organizations that automate commodity tasks preserve human expertise for decisions that require judgment.

The Strategic Question: Hiring your way out of the security skills gap was never possible. In 2026, it's not even a strategy. The question isn't whether to automate—it's what you automate first.

Supply Chain Gets a Price Tag: $8.5M and Counting

2025 was the year supply chain risk got a price tag.

$8.5 Million and Counting

Trust Wallet's $8.5 million loss marked a turning point. For years, supply chain attacks were theoretical risks—dangerous but difficult to quantify. Shai-Hulud 2.0 changed that equation.

The attack vector traced back to an npm package compromise that exposed GitHub secrets at scale. Those secrets gave attackers access to inject malicious code into Trust Wallet's Chrome extension. Users' cryptocurrency wallets were drained.

This wasn't a sophisticated nation-state operation. It was the natural evolution of supply chain attacks becoming commoditized.

The Verizon DBIR 2025 quantified the trend: 30% of all breaches now trace to third-party compromise—double the 15% reported just one year prior. Supply chain isn't a specialized risk category anymore. It's a primary attack vector.

The Coordinated Focus on Developer Tooling

The same week Trust Wallet disclosed their loss:

• GitHub Actions compromise affected 23,000 repositories

• GlassWorm distributed trojanized VSCode extensions via OpenVSX marketplace

• NeoShadow combined JavaScript, MSBuild, and blockchain techniques in a multi-stage npm attack

Varun Badhwar, CEO of Endor Labs, has been tracking these patterns: "Attackers realized that developer tooling offers the highest leverage. One compromised npm package or GitHub Action can affect thousands of downstream systems. Traditional perimeter security doesn't help when developers work with tools that provide direct paths to production."

The pattern is clear. npm packages. VSCode extensions. GitHub secrets. CI/CD pipelines. Attackers are systematically mapping the software supply chain and identifying high-leverage points.

What Actually Works

Valecia Stocchetti, Senior Director of Cybersecurity at CIS, offered guidance: "Supply chain security starts with visibility. You can't protect what you can't see. Before investing in advanced controls, organizations need comprehensive inventory of their dependencies, build processes, and deployment pipelines."

The organizations with better supply chain security outcomes in 2025 shared common characteristics:

• Software Bill of Materials (SBOM) generation and monitoring

• Dependency pinning and signature verification

• Segmented build environments

• Secrets scanning and rotation automation

None of these are revolutionary. All of them require investment before an incident occurs.

The Uncomfortable Truth: Supply chain attacks crossed from theoretical to quantified in 2025. The $8.5 million figure will be the floor, not the ceiling, in 2026.

The Regulatory Reckoning: Billion-Dollar Consequences

2025 was also the year security failures got price tags from regulators—and the numbers were staggering.

The Billion-Dollar Precedents

Company	Amount	Type	Significance
Jaguar Land Rover	~$2.5B	Ransomware + economic impact	Largest UK cyber event; 5,000+ orgs affected
Google (Texas AG)	$1.375B	Privacy settlement	Largest single-state fine in US history
NY Auto Insurers (8)	$19.2M	Cybersecurity regulation fines	State-level cyber enforcement pattern
Disney	$10M	COPPA violation	Children's data protection enforcement
Illumina	$9.8M	False Claims Act (cybersecurity)	First cyber-specific FCA settlement

The Jaguar Land Rover incident deserves particular attention. A ransomware attack that began in late August 2025 halted production for weeks across UK facilities, disrupting approximately 5,000 vehicles per week. The UK Cyber Monitoring Centre calculated the total economic impact—including supply chain ripple effects and lost productivity—at $2.5 billion.

This isn't just a loss figure. It's a precedent for how systemic cyber risk gets measured.

The Enforcement Acceleration

IBM's 2025 Cost of a Data Breach report introduced a new metric: 32% of organizations now pay regulatory fines following a breach, with nearly half of those fines exceeding $100,000. Some exceeded $250,000. This is the first year IBM tracked regulatory penalties as a distinct breach cost category—a sign of where the industry is heading.

The NYDFS auto insurer settlements illustrate the pattern at state level. Eight companies paid a combined $19.2 million not for a breach itself, but for failing to implement required cybersecurity controls. The enforcement action targeted inadequate access management, missing encryption, and failure to timely report incidents.

The Counterintuitive Finding: Regulation Works

The SANS ICS Security Survey 2025 revealed a finding that challenges conventional wisdom: organizations in regulated industries experienced roughly the same number of incidents as their peers, but suffered approximately 50% fewer financial and safety impacts.

The difference comes down to structure and accountability. Regulations like NERC CIP, TSA pipeline directives, and EU NIS2 require asset owners to define critical systems, document access controls, maintain logging, and submit to regular audits. In other words, compliance forces organizations to operationalize discipline.

This doesn't mean "compliance equals security." It means that the structured approach regulatory frameworks require—visibility, documentation, accountability—creates more resilient organizations when incidents occur.

The New Reality: The era of consequence-free security failures is ending. Organizations that treat regulatory compliance as a checkbox exercise will pay the price—literally.

2026 Predictions: What the Experts Are Watching

We asked every expert the same question: What should security practitioners actually do differently in 2026?

Their responses, condensed:

Daniel Miessler, Unsupervised Learning

"Invest in understanding AI systems deeply. Not as tools to be used, but as systems to be secured. The security implications of agentic AI are barely understood, and the organizations that get ahead of this will have massive advantages."

Jerry Gamblin, Security Researcher

"Stop pretending you can fix everything. Build ruthless prioritization frameworks based on exploitability, not theoretical severity. Automate everything you can't prioritize."

Chris Hughes, Resilient Cyber

"Watch the MCP/agentic AI space closely. We're creating new attack surfaces faster than we're creating defenses. If your organization is deploying AI agents, security needs a seat at the architecture table."

Kelly Shortridge, Fastly CPO

"The exploitation timeline compression we saw with React2Shell is the new normal. Your response capabilities need to match attacker speed, not audit cycles."

Sean Atkinson, CISO at CIS

"Prioritize resilience over prevention. Accept that breaches will occur and invest in detection, response, and recovery capabilities that minimize blast radius."

Liav Caspi, Legit Security CTO

"Audit your AI-generated code. Today. Before you have an incident that forces you to. The vulnerabilities being introduced by AI coding assistants are real, and attribution will be painful."

Marcus Sachs, Former NERC CSO

"A major critical infrastructure incident is coming. Not as a prediction of doom, but as a realistic assessment of probabilities. Organizations need to plan for systemic disruption, not just local incidents."

Randy Rose, CIS Senior Director

"The unified approach is overdue. Break down the silos between security, development, and operations. The attackers don't respect your org chart."

Karen Sorady, CIS VP Member Engagement

"Democratize security skills. Training every employee is more effective than hiring more specialists. Security literacy needs to be as common as technology literacy."

Varun Badhwar, Endor Labs CEO

"Own your supply chain. Know your dependencies, monitor them actively, and have response plans for compromise. The attacks will keep coming."

Joanna Chen, CISO at Dashlane

"AI has lowered the barriers for threat actors to craft convincing attacks at unprecedented scale and speed. To remove phishing attacks, we need to remove the risk factor—the password—and move to phishing-resistant solutions."

Brennan Lodge, Fractional CISO at DeepTempo

"Zero-day exploits will become dramatically more common as AI accelerates vulnerability research and exploit development. Zero-days will shift from rare, high-effort tools to scalable offensive assets. You cannot wait for a CVE to show up before looking for suspicious behavior."

Brittany Allen, Senior Trust & Safety Architect at Sift

"The advantage isn't being the most sophisticated—it's being the fastest. Defense strategies built on quarterly reviews and annual budgets can't compete with adversaries who work in real-time."

Mayank Kumar, Founding AI Engineer at DeepTempo

"By 2026, AI agents will be capable of executing entire attack chains—initial access, privilege escalation, lateral movement, and data exfiltration—without any human in the loop. Intrusions that once unfolded over days will compress into minutes."

The Bottom Line

2025 taught security teams a set of hard lessons:

1. The vulnerability explosion is permanent. 48,185 CVEs wasn't a bad year—it's the new baseline. Build for scale.

2. Speed wins. 30-day disclosure-to-exploit timelines mean traditional patching cycles are obsolete. Automation isn't optional.

3. AI is both opportunity and threat. AI coding assistants create vulnerabilities while AI security agents help manage them. Navigate both deliberately—and skeptically.

4. Skills matter more than headcount. 88% of incidents from skills gaps means strategic capability investment beats hiring volume. The CISO role has expanded permanently.

5. Supply chain risk has a price. $8.5 million was just the beginning. 30% of breaches now trace to third parties. Visibility and control of dependencies are table stakes.

6. Regulators are watching. 32% of breached organizations now pay fines. $2.5 billion economic impacts get measured. The era of consequence-free security failures is ending.

7. Defenders are winning some battles. 64% of ransomware victims refused to pay. Breach lifecycles dropped to their lowest in a decade. The doom narrative isn't the whole story.

The experts we talked to weren't pessimistic. But they were realistic. The organizations that adapt to these realities will thrive. Those that don't will struggle.

The gap between them will widen in 2026.

Get Intelligence Like This Every Week

The experts in this roundup don't wait for annual reports to stay informed. Neither should you.

AppSec Weekly delivers curated vulnerability analysis, exploit breakdowns, and practitioner insights every Tuesday—the same intelligence that informed this report, delivered to your inbox before it becomes yesterday's news.

What you get:

• 5-7 CVEs that actually matter (we track 100+ so you don't have to)

• Exploit timelines and what they mean for your stack

• Practitioner perspectives, not vendor marketing

Join 5,000+ security professionals who start their week informed.

Subscribe to AppSec Weekly →

5-minute read. Zero fluff. Unsubscribe anytime.