Security

What Cybersecurity Threats Are Coming in 2026 | Steve Winterfeld, Akamai | TFiR

0

Finance and commerce organizations are entering the second half of 2026 with incomplete visibility into how AI is reshaping fraud and abuse tactics. Industry-specific threat research has historically lagged behind attacker innovation, leaving security teams to defend against threats they have not yet been briefed on. Understanding what researchers are tracking now is the only way to close that gap before incidents occur.

In this interview on TFiR, Steve Winterfeld, Advisory CISO at Akamai, walks through the research Akamai is publishing in 2026, including upcoming industry-focused reports on finance and commerce, and second-half coverage of AI, fraud, and abuse trends.

Guest: Steve Winterfeld, Advisory CISO at Akamai
Show: TFiR

Here is what every security practitioner and CISO needs to know.

Technical Deep Dive

Q: What cybersecurity research is Akamai publishing in the second half of 2026?

Steve Winterfeld, Advisory CISO at Akamai, outlines two primary research tracks for the rest of 2026. The near-term reports are industry-focused, covering threats specific to the finance and commerce sectors. In the second half of the year, Akamai’s research shifts to AI threats and fraud and abuse as the primary focus areas.

“The next couple reports we’re going to put out are very industry focused. We’re going to talk about what’s going on in the finance industry and the commerce industry.” — Steve Winterfeld, Advisory CISO, Akamai

Q: Why should security teams outside finance and commerce still read Akamai’s industry-specific threat reports?

Winterfeld explicitly encourages all security practitioners to read Akamai’s industry-specific reports, not just those working within the targeted verticals. The reports provide deeper, more specific insights into threat patterns that often cross industry boundaries. Reading outside your own sector builds broader situational awareness of attacker methodologies.

“I encourage everybody to read those. It’s insights that we can go a little deeper into specifics within specific industries.” — Steve Winterfeld, Advisory CISO, Akamai

Q: What AI and fraud threats is Akamai tracking for the second half of 2026?

Winterfeld identifies AI and fraud and abuse as the two primary research areas Akamai will focus on in the second half of 2026. Specific details on findings are not yet published, as these reports are forthcoming. The focus signals that Akamai’s researchers see AI-enabled fraud as a leading threat vector requiring dedicated analysis.

“In the second half, we’re going to look at what’s going on with AI and what’s going on with fraud and abuse, and those will be our primary areas.” — Steve Winterfeld, Advisory CISO, Akamai

Q: Where can security practitioners find Akamai’s threat webinars and deep-dive content?

Akamai publishes webinars covering specific threats on Bright Talk and several other platforms. In addition to webinars, Akamai’s blog contains deep-dive articles on specific attack methodologies, including recent coverage of the Glasswing threat. Winterfeld recommends the Akamai blog as a consistent, time-efficient resource for staying current on emerging threats.

“If you go out to Bright Talk and a few other platforms, you can see us talking about very specific threats. We put out blogs that do deep dives into specific methodologies.” — Steve Winterfeld, Advisory CISO, Akamai

Q: How should security professionals structure ongoing threat education into their weekly routine?

Winterfeld recommends blocking a few hours each week on your calendar specifically for security education, treating it as a non-negotiable commitment rather than an ad hoc activity. He includes Akamai’s blog as a quick, high-value check-in point within that routine. The practice reflects a broader principle that continuous self-education is a core discipline for any security professional.

“I set aside a little bit of time every week to try to educate myself. A couple hours blocked off on my calendar, and I would include something like Akamai’s blog as a quick place to check in.” — Steve Winterfeld, Advisory CISO, Akamai

Resources & Documentation

  • Akamai Security Blog, deep-dive articles on specific threat methodologies including Glasswing malware analysis

***

👇 Click to Read Full Raw Transcript

Swapnil Bhartiya: I mean, it’s April. We still have a whole year ahead of us. What research directions is Akamai pursuing this? Of course we’ll talk about them. Just give us a teaser what other reports we can expect and what are the areas you will be looking at.

Steve Winterfeld: So I will tell you that, you know, again, I’m really proud of our researchers here at Akamai. The next couple reports we’re going to put out are very industry focused. We’re going to talk about what’s going on in the finance industry and the commerce industry. You know, and I, I include everybody, I encourage everybody to read those. But really it’s insights that we can go a little deeper into specifics within specific industries. Then we’re going to step in in the second half and look at, you know, what’s going on with AI and what’s going with fraud and abuse, and those will be our primary areas. We continue to put out a number of webinars. If you go out to Bright Talk and a few other platforms, you can see us talking about very specific threats. We put out blogs that do deep dive into specific methodologies. You know, we have a couple. We talked about glasswing, Moni or coo, put out a great article on that. So I would encourage you, if you’re like me, I set aside a little bit of time every week to try to educate myself. So a couple hours blocked off on my calendar, you know, and I would include something like Akamai’s blog as a quick place to check in there.

“`

Why Enterprise AI Infrastructure Cost Models Fail Before Deployment Starts | Rob Hirschfeld, RackN | TFiR

Previous article

How to Adopt AI Observability Without Exposing Sensitive Data to Your Vendor | Shahar Azulay, groundcover | TFiR

Next article