SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Secure data center glowing digital locks quantum particles ai technology
#
Ransomware
#
Physical Security
#
Quantum Computing

Quantum, agentic AI & Web 4.0 to transform cybersecurity

Wed, 19th Nov 2025
Author image
By Sean Mitchell, Publisher

The convergence of quantum computing, agentic artificial intelligence, and the emergence of Web 4.0 is set to redefine the cybersecurity landscape by 2026. Technological shifts in autonomy, immersive interfaces, and advanced threats are expected to test the resilience and adaptability of organisations across sectors.

Agentic AI emergence

The adoption of agentic AI, marked by systems that transition from basic automation to independent decision-making and execution, is expected to reshape operational environments. Autonomous AI agents will manage tasks such as supply chain optimisation, product prototyping, and dynamic manufacturing adjustments. This shift, moving from Industry 4.0 to Industry 5.0, reduces human oversight and accelerates efficiency but increases the need for new governance approaches. Clear policy guardrails, transparency into AI agent actions, and unalterable audit trails are seen as necessary to mitigate risks associated with autonomous operations.

Web 4.0 infrastructure

The next generation of web technology, Web 4.0, will be underpinned by immersive and intelligent integrations of spatial computing, digital twins, and AI at an operating system level. Digital twins, once primarily used in manufacturing, will extend to urban management and critical infrastructure. This will enable real-time simulations of maintenance, predictive testing of security patches, and early identification of operational issues. Extended Reality (XR) technologies such as AR and VR will become common tools for technical teams. However, achieving seamless communication between disparate systems remains a significant challenge.

Quantum security threat

The threat posed by quantum computing, specifically its potential to render current encryption methods obsolete, is creating a heightened focus on cryptographic agility. The strategy of "Harvest Now, Decrypt Later", where adversaries accumulate encrypted data to decrypt with future quantum technologies, increases urgency for post-quantum cryptography readiness.

"Post-Quantum Cryptography (PQC) will cease to be a theoretical concern and become an immediate compliance and business continuity issue. Expect to see investment in quantum security exceed 5% of the total IT security budget for major corporations. This spending will not be on building quantum computers, but on the painstaking process of achieving cryptographic agility. The first practical steps involve creating a comprehensive inventory of all cryptographic assets and mapping all long-lived sensitive data-patents, customer information, and trade secrets. Organisations must begin piloting the migration to NIST-approved post-quantum algorithms in non-critical systems and conduct rigorous due diligence on their vendors' PQC roadmaps," said Jayant Jay Dave, CISO, Check Point Software.

Migration to PQC is expected to be a multi-phase process, running over a decade from discovery to full implementation for all enterprise systems and products.

AI arms race

The increasing sophistication of agentic AI is intensifying the cyber threat landscape. Attackers are expected to leverage autonomous AI for complex attacks, including deepfake-enabled social engineering and adaptive ransomware. Security operations are adapting with predictive, AI-powered measures that can identify and counteract threats before human analysts intervene.

"In response, defense is shifting from reaction to prediction. AI-powered preemptive security will become the standard. Autonomous Security Operations Centres (SOCs) will leverage predictive AI to not just detect a breach in seconds, but to anticipate, isolate, and neutralize threats in milliseconds-before a human analyst even sees an alert. Verifying the source of your security models, conducting constant adversarial testing, and maintaining human-in-the-loop escalation paths for novel threats will be critical to staying ahead in this new, automated conflict," said Dave.

Critical infrastructure resilience

Energy, water, telecommunications, and transport sectors face mounting cyber-physical risks. Attacks on operational technology could cause real-world disruptions, making segmentation of OT and IT systems crucial. Urban Digital Twins (UDTs) are seen as emerging tools for simulating failures and response plans, enhancing real-time defensive readiness.

"To counteract these rising threats, CI operators are embracing Urban Digital Twins (UDTs). These advanced, virtual replicas allow organizations to stress-test their systems for cascading failures-for example, understanding how a substation outage could ripple through water treatment and transportation networks. AI-driven digital twins enable teams to simulate crisis scenarios, proactively run maintenance, and test emergency responses in virtual environments-empowering operators to intervene before problems escalate in the real world. As these interconnected risks grow, some governments will respond with decisive measures, including the nationalization or strict regulation of telecom and utility infrastructure to ensure digital sovereignty and control over an ever-expanding attack surface," said Dave.

Supply chain transformation

Global supply chains are being reshaped by autonomous AI and regulatory pressures. Real-time, autonomous risk assessments will replace periodic reviews, allowing instant adaptation to disruption risks. Compliance checks are increasingly automated, but interdependencies are growing, with vulnerabilities now extending to fourth-party relationships.

"Compliance, too, is becoming automated. Specialised AI agents will traverse massive networks of suppliers, checking carbon footprints and ensuring regulatory mandates-from conflict minerals to privacy-are scrupulously met. But hyper-connectivity brings new exposure: not just third-party (your direct suppliers) but fourth-party risk (their suppliers, partners, and underlying cloud services) now becomes a primary vector for breaches. The emphasis is shifting toward continuous vendor assurance, embracing always-on security monitoring and zero-trust principles across the entire supply chain ecosystem. Regulatory frameworks are moving fast, with strong cyber security posture and proactive risk controls becoming prerequisites for commercial relationships-not a nice-to-have, but a gatekeeper for participation in the global economy," said Dave.
Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
AI agents to transform enterprise, retail & security by 2026
AI-driven cyber wars to reshape security in 2026
AI reshapes cloud spend as firms shift from SaaS to agents
CrowdStrike warns AI will redefine cyber threats by 2026
AMD unveils EPYC Embedded 2005 chips for dense edge AI

Top stories

Industrial ransomware attacks surge, manufacturing hit hardest
Arctic Wolf: agentic AI to reshape SOCs & Zero Trust
GhostFrame iframe phishing kit powers 1m attacks
Watch out for these eight trends to impact cybersecurity teams in 2026
Real people, real numbers: Why phone verification is your new trust filter