53% of the industry will turn to AI to close the cybersecurity talent gap, according to ZIUR's 2026 Outlook Report

Back 53% of the industry will turn to AI to close the cybersecurity talent gap, according to ZIUR's 2026 Outlook Report

2026 / 02 / 04

Gipuzkoako Foru Aldundiaren Zibersegurtasun Industrialeko Zentroak hornikuntza-katean arriskuak areagotzeaz, erregulazio-presioaz eta burujabetza digitala indartzeko beharraz ohartarazi du.

53% of the industry will turn to AI to close the cybersecurity talent gap, according to ZIUR's 2026 Outlook Report

The Gipuzkoa Industrial Cybersecurity Center, belonging to the Provincial Council, warns about the increase in risks in the supply chain, regulatory pressure and the need to strengthen digital sovereignty

ZIUR, the Gipuzkoa Industrial Cybersecurity Center, has launched its 2026 Outlook Report, a strategic analysis that identifies the main cybersecurity trends, risks, and priorities for the industrial sector in a context marked by technological acceleration, the integration of artificial intelligence, and increased connectivity in production environments. The report positions 2026 as a turning point for industry, in which advanced digitalization, the integration of artificial intelligence, and massive connectivity generate significant opportunities for efficiency and innovation, but also significantly expand the attack surface and the complexity of cyber risks.

“Industry is entering a phase of hyperconnectivity in which cybersecurity ceases to be a technical element and becomes a strategic factor for competitiveness and operational continuity,” says María Penilla, CEO of ZIUR. “Industrial organizations must anticipate a scenario of more sophisticated, persistent, and cross-cutting threats,” she warns.

One of the main challenges identified in the report is the shortage of specialized talent in industrial cybersecurity, especially in OT and IIoT environments. According to ZIUR's analysis, 53% of organizations prioritize the use of artificial intelligence and machine learning tools as a way to close the cybersecurity talent gap in the short term.

Agent AI: A Strategic Differentiator

In this regard, the report highlights the growing role of agent AI, based on autonomous agents capable of learning, making decisions, and acting in real time. These solutions allow for the simultaneous monitoring of thousands of variables in industrial environments and automatic responses to anomalous behavior or emerging attacks.

"Agent AI will be one of the major differentiators in industrial cyber defense," emphasizes Penilla. "Its ability to detect threats in real time and activate autonomous responses is key in environments where every second counts and the operational impact can be critical."

The report also reveals that 47% of cybersecurity leaders identify skills gaps in OT and IIoT as a barrier to the effective protection of their infrastructures, while 39% point to deficiencies in governance and the allocation of responsibilities. In this context, the deployment of specialized managed services emerges as a strategic lever: 48% of organizations that have suffered cybersecurity incidents consider them a priority for accelerating capabilities and mitigating risks.

The supply chain, a critical risk vector

The ZIUR 2026 Outlook Report focuses on the growing exposure of the industrial supply chain, which is becoming increasingly interdependent and digitized. According to Gartner, 45% of security breaches globally are related to vulnerabilities in third parties.

“Infiltration through a third party can have severe consequences, not only in terms of production, but also in terms of physical security and the integrity of facilities,” warns Penilla. Therefore, ZIUR recommends implementing advanced third-party risk management frameworks, including identification, assessment, continuous monitoring, audits, and proactive mitigation measures.

Regulatory Pressure and Digital Sovereignty

The report also highlights the growing importance of regulatory compliance as a strategic pillar for the industry, given regulations such as the NIS2 Directive, the Cyber Resilience Act (CRA), and standards like TISAX, UNECE R155, and MDR. ZIUR emphasizes that compliance should be addressed not only as a legal obligation, but also as "an engine that drives continuous improvement, innovation, and sustainable competitiveness," Penilla insists.

At the same time, digital sovereignty is consolidating as a key pillar for protecting the industry's strategic assets against technological dependencies and geopolitical tensions. The adoption of proprietary infrastructures, hybrid architectures, advanced cybersecurity solutions, and robust risk management strategies strengthens operational resilience against sophisticated threats such as targeted attacks, industrial espionage, and disruptions in the technology supply chain.

“Investing in digital sovereignty is an essential pillar for guaranteeing control, autonomy, and protection of critical assets in the industry of the future,” says María Penilla. “Any industry that wants to be competitive in 2026 must integrate talent, technology, regulation, and risk management into a shared strategic vision,” she concludes.

Consulta el informe aquí: https://www.ziur.eus/en/-/2026-prospects-report-for-the-industrial-sector