Samsung SDS said on the 23rd that after analyzing cybersecurity issues that occurred at home and abroad last year, it selected the "top five cybersecurity threats of 2026" that will affect corporations this year.
The top five cybersecurity threats include security threats from the abuse and misuse of artificial intelligence (AI), ransomware, cloud security threats, phishing and account takeover, and data security threats. Samsung SDS compiled opinions from 667 domestic IT and security practitioners, managers, and executives, and presented response measures for each security threat.
For AI-based security threats, it advised granting minimum privileges to AI agents, which are evolving into autonomous actors, and, when executing sensitive commands such as information changes or payments, using AI guardrails (a control technology that ensures AI systems operate within safe and trustworthy boundaries) to conduct real-time monitoring, detect and block abnormal behavior, and require a user approval process.
It explained that to respond to ransomware attacks, it is necessary to establish a backup system for early recovery and normalization and to respond in stages, such as blocking execution of malware in advance, detecting abnormal behavior, and isolating, analyzing, and recovering after malware execution. Ransomware is a portmanteau of ransom and software, and is a cyberattack that hacks into or encrypts the computers and servers of individuals or corporations and then demands money in exchange for recovery.
According to Samsung SDS, recent ransomware is evolving into a quadruple extortion model, including encryption of victim corporations' data, threats to publish stolen data, distributed denial-of-service (DDoS) attacks, and pressure on the victim corporations' customers, partners, and media.
Regarding cloud security threats, Samsung SDS said that by establishing a constant inspection system, it is necessary to identify in real time vulnerabilities in account permissions or resource configurations, and to automatically detect and remediate weak settings—such as external exposure or missing encryption—in accordance with predefined policies. It suggested applying multi-factor authentication (MFA) to counter phishing threats targeting corporate users, and using behavior-based access control for users to respond to threats of data damage or theft.
Jang Yong-min, head of the security business team (senior vice president) at Samsung SDS, said, "The spread of AI and AI agents will amplify new security threats such as sophisticated phishing, data leaks, and attacks targeting AI use environments," adding, "Corporations should shift from security reliant on specialists to proactive responses by introducing AI-based security solutions to automate measures such as AI-based monitoring, detection, and automatic blocking."