Full Report
This year’s threat forecast: ransomware, and a whole lot more
Analysis Summary
# Industry News: Broadcom’s 2026 Shift: AI, Geopolitics, and the Evolving Ransomware Crisis
## Summary
Broadcom’s Enterprise Security Group (Symantec and Carbon Black) has released its 2026 threat forecast, highlighting a shift from traditional malware to sophisticated identity-based attacks and cloud-native exploitation. The analysis underscores how AI and geopolitical tensions are fundamentally lowering the barrier for entry for disruptive cyber operations, necessitating a transition toward post-quantum readiness and deeper cloud security.
## Key Details
- **Date**: February 16, 2026
- **Companies Involved**: Broadcom (Symantec and Carbon Black divisions)
- **Category**: Market Analysis and Trend Prediction
## The Story
In a featured deep-dive on the SECURITY.COM podcast, analysts from Broadcom’s Enterprise Security Group outlined the "2026 Threat Predictions." The narrative has moved beyond simple ransomware delivery to a complex ecosystem where **social engineering** is the primary vector, bolstered by **Generative AI** that allows low-skilled actors to execute high-impact campaigns.
The forecast identifies three critical frontiers for the coming year: the weaponization of geopolitical instability for "disruptive" (rather than just financial) operations, the escalating migration of attackers into enterprise cloud backends, and the urgent requirement for organizations to begin "Post-Quantum Cryptography" (PQC) preparation to prevent harvest-now-decrypt-later scenarios.
## Business Impact
### For the Companies Involved (Broadcom/Symantec/Carbon Black)
The combined Symantec and Carbon Black portfolio is positioning itself as an integrated intelligence powerhouse. By leading with these insights, Broadcom aims to justify the consolidation of its security stack, proving that its "legendary" legacy brands are evolving to meet cloud-native and AI-driven threats.
### For Competitors
Competitors in the EDR (Endpoint Detection and Response) and XDR (Extended Detection and Response) space face pressure to match this level of threat intelligence. Firms like CrowdStrike and SentinelOne must demonstrate similar "geopolitical" and "post-quantum" foresight to maintain their share of the enterprise market.
### For Customers
Enterprises must shift their budgetary focus. The news implies that traditional "perimeter" defense is insufficient; customers will need to invest more in Identity Threat Detection and Response (ITDR) and cloud-native security tools to track attackers moving deep within their service layers.
### For the Market
The market is shifting from "threat prevention" to "resilience orchestration." The inclusion of post-quantum preparation in a 2026 forecast indicates that what was once a theoretical academic risk is now a boardroom-level financial risk.
## Technical Implications
- **AI-Driven Social Engineering**: Automation of deepfake audio/video and personalized phishing at scale.
- **Cloud-Deep Exploitation**: Moving beyond simple bucket misconfigurations to exploiting serverless functions and cross-tenant vulnerabilities.
- **Post-Quantum Cryptography (PQC)**: The need to inventory encryption assets to transition to quantum-resistant algorithms.
## Strategic Analysis
- **Market Positioning**: Broadcom is positioning itself as a "Macro-Level" protector, capable of defending against nation-state actors and systemic shifts, rather than just a software vendor.
- **Competitive Advantage**: The "Threat Hunters" team provides proprietary data from one of the world's largest installed bases (Symantec + Carbon Black), offering a data gravity advantage.
- **Challenges**: The primary risk is "alert fatigue." As attacks become more "human" and identity-based, distinguishing between legitimate user behavior and AI-powered social engineering becomes a high-friction task for security teams.
## Industry Reactions
- **Analyst Opinions**: General consensus suggests that the "path of least resistance" (social engineering) remains the greatest threat, vindicating Broadcom’s focus on human-centric security.
- **Market Response**: Increased interest in "Cyber Resilience" frameworks over simple antivirus solutions.
## Future Outlook
- **Predictions**: Expect an increase in "disruptive-only" attacks where the goal is operational paralysis rather than ransom, tied to global election cycles and conflicts.
- **What to watch for**: The first high-profile "Cloud-to-Cloud" worm that spreads via interconnected enterprise SaaS platforms.
## For Security Professionals
Practitioners should prioritize **Identity Security** and **Cloud Infrastructure Entitlement Management (CIEM)**. The 2026 landscape suggests that the "password" is truly dead, and the "identity" is the new perimeter. Additionally, security architects must begin auditing their current encryption standards for quantum vulnerability.