Imagine a world where, as Alexandra Forsyth put it, hackers “just play around.” No fixed target and no geopolitical motive, just curiosity, chaos, and increasingly powerful AI tools. That’s the direction enterprise cybersecurity is heading, she warned, and the stakes are high.
Forsyth, a cybersecurity expert, consultant, and podcast host, suggests to UC Today that the next era of enterprise cybersecurity may not be about “who attacked you,” but rather “what they discovered while poking around.”
In our interview, Forsyth outlined how AI is accelerating opportunistic cybercrime, why identity and human processes are increasingly the battlegrounds, and how quantum computing is quietly becoming a looming menace in board-level strategy. Real-world provocations illuminate her views; Jaguar Land Rover’s recent shutdown, Cl0p’s extortion campaigns, and the accelerating race to quantum-safe cryptography.
Together, they map the high-stakes challenge for IT and C-Suite leadership in 2026 and beyond.
The Rise of Opportunistic Attackers
Forsyth warned that cybercriminals are increasingly opportunistic, exploiting human error, misconfiguration, and moments of chaos rather than orchestrating long-term, state-backed campaigns.
She highlighted:
A lot of the cyber threats we see now aren’t the big, sophisticated operations people imagine. They’re opportunistic, quick, and often driven by younger actors who are just probing for weaknesses.”
This was clear in the Marks & Spencer breach earlier this year, when a social-engineering campaign targeting a third-party vendor brought one of the UK’s biggest retailers to a halt. The attack forced temporary store closures and cost an estimated £300 million in profit losses, with over £500 million wiped from its market valuation.
Investigations suggest the hackers didn’t begin with a clear goal; they exploited an exposed human link, gained access, and escalated from there. The breach disrupted payments, logistics, and customer service systems, marking a vivid example of how a single vendor misstep can cascade across an enterprise network.
For Forsyth, that typifies the new reality: “It’s no longer just about defending the perimeter. It’s about continuous vigilance, real-time awareness, and a culture where everyone, from the CEO to the intern, recognises they have a role in security.”
“A lot of the cyber attacks that have taken place this year have been carried out by young individuals,” Forsyth noted. “We’ve been seeing young hackers come to the forefront.”
For CISOs, that trend means traditional defences, such as firewalls, patching, and MFA (multi-factor authentication), are no longer enough. The new battleground is lateral movement and early detection: spotting intrusions before they know what they’ve found.
Identity and Human Risk: The Perimeter Has Shifted
With attackers exploiting the messy intersections of people and processes, identity has become the frontline of defence.
It’s the kind of aspirational control that could prevent countless internal breaches, from fake password resets to rogue access requests. Yet, Forsyth warned that organisations often overlook the basics. “The more information you’re sharing… it can increase the risks.”
CISOs face a double challenge of balancing identity governance with employee productivity and efficiency. Offboarding is a prime example. Dormant credentials, orphaned accounts, and unmanaged API tokens continue to be a consistent vector. “Identities that aren’t revoked quickly enough become attack vectors,” she said.
A 2025 IBM study found that compromised credentials were the initial attack vector in nearly 19 percent of breaches, costing firms an average of $4.3 million per incident.
Innovation vs. Resilience: Slowing Down to Speed Up
Forsyth’s offers some sage advice when it comes to discussing the pace of AI and cloud adoption:
If you’re building the LLM or migrating to the cloud, don’t do it quickly and fast, but take your time. Constantly ask yourself why you need to do all of these things.”
That might sound conservative, but it’s a blueprint for resilience. CISOs and CIOs under pressure to modernise could reengineer how transformation projects are governed. Threat modelling and runbooks arguably should be written before migration, not after. “We create these reports because we want to have a workflow… a process to reflect on should an incident take place,” Forsyth added.
In this new world of AI-generated code, shadow APIs, and multi-cloud sprawl, that discipline can spell the difference between proactive defence and reactive panic.
Quantum is The Next Existential Threat
Beyond the chaos of today lies a quieter, longer-term risk. Forsyth predicted that “in the future, organisations might be implementing quantum computers… what do we do then?”
Quantum computing threatens to crack the cryptographic backbone of enterprise IT. RSA and ECC encryption, the standard for VPNs, digital signatures, and secure communications, could be rendered obsolete almost overnight. KPMG security researchers refer to it as the “harvest now, decrypt later” threat: attackers are already stockpiling encrypted data in the hope of breaking it when quantum decryption becomes viable.
The quantum cryptography market is forecasted to grow from $1.1 billion in 2024 to $7.6 billion by 2030, reflecting the increasing seriousness with which enterprises are approaching the issue.
CISOs and enterprise architects should already be evaluating post-quantum encryption standards (like NIST’s CRYSTALS-Kyber) and ensuring systems are agile enough to upgrade. Quantum resilience, Forsyth said, will soon separate “mature” enterprises from “vulnerable” ones.
Speaking the Board’s Language
For all the technology at stake, Forsyth believes that the biggest challenge remains effective communication. Of board interactions, Forsyth suggested:
I wouldn’t talk technically to them. They want to know business impact… how to minimise the risk of a cyber incident turning off operations.”
That means reframing cyber risk in financial and operational terms: downtime costs, regulatory penalties, lost customer trust. As M&S discovered, operational disruption now translates directly into shareholder value.
And accountability, Forsyth insisted, cannot sit solely with the CISO. “They [the board] are somewhat liable for the outcome. If a cyber attack takes place, there’s a bit of ownership there for them.”
Boards that understand this link and fund security accordingly will determine which organisations emerge stronger in the next crisis.
The Shape of 2026 Suggests Resilience is a Competitive Advantage
Looking ahead, Forsyth expects to see an escalation of AI-assisted opportunistic attacks, increased regulatory pressure, and a renewed focus on identity, governance, and quantum readiness. For CISOs and IT leaders, the task isn’t just to defend but to embed resilience into every layer of digital strategy.
“It’s an exciting space,” she concluded. “The best thing anyone can do is stay informed and adaptable.”
For security leaders and the C-Suite, adaptability grounded in process discipline, identity hygiene, and quantum foresight may soon be the ultimate differentiator.
