For many organizations, 2026 feels like “just another year.” That is, until you see how rapidly cyberattacks are changing. This is not only because attackers are becoming smarter, but also because our technology and rules are evolving. Machines are becoming more digital and therefore more vulnerable, scams are becoming more convincing thanks to GenAI, and the question “What if it goes down for a while?” is slowly changing to “What if it goes down tomorrow?”

Are you also curious about our Cybersecurity Review of 2025, in which we look back on the most notable cybersecurity issues?

Below are the four trends that are expected to make a difference in 2026.

Machinery Regulation 2027: cyber becomes machine safety

The EU Machinery Regulation (Regulation (EU) 2023/1230) will apply from January 20, 2027, replacing the Machinery Directive from 2006. This makes 2026 the last full year of preparation.

Many people are surprised to learn that this regulation explicitly addresses the reality of modern machines. Today’s machines do more than just perform mechanical tasks; they run software, connect to networks, receive updates, and communicate with other systems. The recitals cite the emergence of digital technologies, such as AI, the Internet of Things (IoT), and robotics, as the reason why there were gaps in existing legislation that are now being closed.

Even more importantly for OT (operational technology), the text includes requirements that directly affect cyber resilience. For instance, there is a crucial health and safety component regarding “protection against corruption” (i.e., manipulation or undesirable influence via links or external connections), and it even references EU cybersecurity certification as a means of demonstrating compliance with certain requirements. It has been made clear that “cyber” is no longer just IT, but also part of product and machine safety.

GenAI phishing: the scammer gets a copywriting agency

Phishing is already a major issue, but by 2026, it will primarily involve large-scale, high-quality phishing attacks. Generative AI has drastically lowered the threshold for creating credible text. Poor grammar and odd phrasing used to be warning signs, but now, attackers can generate neat, businesslike emails in perfect English tailored to the industry, role, and tone in a matter of seconds.

ENISA (the EU’s cybersecurity agency) still cites phishing as the dominant entry point for cyberattacks. In their Threat Landscape report, they mention phishing as a very common starting point for cyberattacks and note the growing trend of AI accelerating and refining this type of social engineering.

Furthermore, ENISA reports that AI-assisted phishing now constitutes a significant portion of global social engineering activity. In other words, AI is no longer just a “gimmick”; it is quickly becoming the norm.

Minimum Viable Company: downtime becomes the real expense

The fourth trend is not about a new hack, but about the question: what happens to your company if something does go wrong? More and more organizations are shifting from the idea of “we must prevent everything” to “we must be able to continue working if it does happen.” This fits in with the concept of the Minimum Viable Company (MVC): the smallest functioning company that can still deliver, invoice, communicate, and meet basic requirements while the rest recovers.

Consulting firms and resilience frameworks use MVC to emphasize that, in a crisis, it is not necessary to immediately return to full capacity. Rather, the focus should be on maintaining a minimal, safe business operation. MVC can now be seen as an important boardroom topic because cyberattacks, outages, and supply chain problems are increasingly becoming “normal” business risks. MVC helps you focus on core processes, critical infrastructure, essential personnel, and key data so that, in the event of an incident, you know what “must stay alive” and don’t get lost in priorities.

For SMEs, this is perhaps the most practical lesson for 2026: not because you suddenly become immune, but because you prevent a single incident from turning into weeks of downtime.

Finally, 2026 will be the year of making mature choices

If you add up the four lines, you see the pattern: cyber is shifting from an “IT problem” to a “business reality.” Machines and OT are becoming more prominent due to the Machine Regulation. Phishing is becoming more convincing and widespread thanks to GenAI. AI tools are becoming more productive, but also more sensitive when it comes to data. The winners are organizations that already know in advance what their “minimum business” looks like.

In that respect, it makes sense that more and more organizations are looking for tools and partners that make AI use manageable and can protect data flows. Zscaler, for example, explicitly positions Zscaler AI around secure AI use and data protection. OpenSight is also an official Zscaler partner and guides organizations in these kinds of processes, precisely where technology, policy, and practice come together.

Would you like to know where your company will stand in 2026? Then it would be wise to conduct a risk assessment of your company.

See also our Cybersecurity Review 2025, in which we discuss the most notable cybersecurity issues in a white paper.

The year 2025 saw a rise in the level of professionalism of cyber threats. Attackers combined social manipulation, identity theft, cloud access and AI-driven automation to cause damage more quickly and in a more targeted way. Such developments necessitate greater visibility, stricter access control and clear frameworks for the use of technology.

Below is a brief overview of the most significant trends. You can read the full analysis in our white paper Cybersecurity review 2025.

Social phishing as the main route for attackers

Social engineering has shifted from email to a combination of telephone, chat, and remote support. Attackers now use convincing stories and legitimate tools to gain access without using malware. This makes behavioral and identity-based detection more important than ever.

Manufacturing companies increasingly targeted

Attacks on industrial organizations and their supply chains led to disruptions in production processes. The speed with which attackers move within networks necessitates a strict separation between IT and OT and clear chain agreements.

Why this matters to organizations

The 2025 cybersecurity landscape has been shaped by human behaviour, identity management, segmentation, and the controlled use of AI. OpenSight helps organizations put these principles into practice by identifying risks and translating the right measures into everyday routines.

Download the full white paper

Would you like to receive the complete analysis, including recommendations and practical examples?

The digital threats that businesses face today are greater and more varied than ever before. Hackers are constantly developing new methods, from sophisticated phishing campaigns and ransomware to deepfake attacks and social engineering. The question is no longer whether your organization will be attacked, but when.

Although technical measures such as firewalls and antivirus software are important, they are only part of the solution. Cybercriminals are increasingly targeting the human factor: employees who click on the wrong link or respond to a suspicious request.

That’s why cybersecurity awareness is essential!

What does cybersecurity awareness mean?

Cyber awareness goes far beyond simply knowing that ‘hackers exist’. It is about developing a security-conscious workplace culture, in which employees:

• Recognize and understand risks (phishing, malware, social engineering).
• Know how to act safely in everyday situations.
• Staying alert even when the workload is high or the attack is subtly packaged.

Awareness is therefore not a one-off training course or checklist, but an ongoing process of learning and application.

The dangers of not paying attention to cybersecurity

Many organizations still underestimate the impact of untrained employees. Some facts:

• Human error accounts for 74% of all data breaches (according to recent security reports).
• Phishing remains the most popular method of attack: a single click can grant access to entire corporate networks.
• The financial damage caused by a single incident can quickly amount to tens of thousands of euros, not to mention the potential reputational damage and fines under the GDPR.

As you can see, even the strongest IT environment can be undermined by a single inattentive employee.

Why one cyber security awareness training is not enough

Many companies invest in an annual e-learning or one-off workshop. The problem?

• Information fades quickly without repetition.
• Cyber threats are constantly evolving, so what was relevant last year is now obsolete.
• Employees become less alert when there are no regular triggers.

Awareness only works if it is part of the company’s DNA: short, relevant and repeated training, supplemented with practical simulations such as phishing tests.

The role of OpenSight and KnowBe4

At OpenSight, we believe that an organization can only be truly secure if people are part of the defence. That is why we work together with KnowBe4, the global market leader in security awareness.

What makes this approach unique?

• Access to a library full of training content, available in multiple languages and styles.
• Gamification and campaigns that really appeal to employees (like this year’s 80s arcade theme).
• Reports and metrics that show where risks lie and how they are reduced through training.

With this combination, we make security awareness fun, understandable and effective.

Cybersecurity Awareness Month

October is Cybersecurity Awareness Month worldwide. We are seizing this opportunity to raise awareness among organizations concerning the role their employees play. In collaboration with KnowBe4, OpenSight is organizing a free webinar in which we will take a closer look at:

• How to create support among management and employees.
• The latest cyber threats and how criminals operate.
• Practical ways to improve awareness structurally.

Cybersecurity is never “done”

As cybercrime never stops, neither can cybersecurity awareness. A one-off training course can create a false sense of security. In contrast, continuous programs build a human firewall that keeps pace with the times.

Would you like to know how you can achieve this in your organisation?
Register for our webinar during Cybersecurity Awareness Month and discover how you can structurally embed awareness in your corporate culture.

Why small businesses need to work on their cyber security now (and how to get started)

Cybercriminals have already stopped putting all their work into the big guys. Small businesses are now the ideal target. why is this? Because they are often just a little less well prepared. No extensive IT department. No 24/7 security monitoring. And often in possession of just enough technology to be vulnerable, but not enough to shield that vulnerability.

Sound familiar? Then this checklist is definitely for you too.

We provide 10 practical tips to help you boost your cyber resilience today. They are practical, proven and specially tailored to the challenges faced by smaller organizations. Good cyber security is not a luxury — it’s a necessity. It’s a prerequisite for doing business safely.

1. First, take a critical look at your current security

A good defence starts with an overview. Do you know where your sensitive data is stored? Who has access to it? What would happen if a laptop went missing or someone walked into the office without ID?

These kinds of fundamental questions form the basis for a secure digital infrastructure.

2. Passwords should not be a weak link

Poor passwords are digital open doors. Make sure your employees use strong, unique passwords. Set up multi-factor authentication (MFA) and update passwords regularly. You may also wish to consider additional security measures such as biometrics, badges, or tokens. The more layers of security, the better.

3. Follow your data like a shadow

Data is the beating heart of your business. From customer information to quotations. Map out where your data lives (locally, in the cloud, on mobile devices) and protect it with modern endpoint security. Smart tools recognize threats in real time and intervene automatically.

4. Encrypt everything of value

Ensure that all your data (including data in transit and stored data) is encrypted. This will keep it unreadable, even if it falls into the wrong hands.

5. Don’t assume that the cloud will take care of everything

Although the cloud is convenient, it is not inherently secure. You are still responsible for what happens in your cloud environment. So make sure you secure your accounts, APIs and containers. In short: secure everything.

6. Working from home? Set up a VPN

Working remotely is the new normal. But you don’t want your data travelling with you over unsecured networks in cafés or trains. A VPN encrypts traffic and makes remote access a lot more secure.

10. Train your people and repeat this regularly.

Technology helps, but people make the difference. Make sure your team knows what phishing looks like, why they should lock their screen and what ‘zero trust‘ means in practice. Repeat. Repeat. Repeat.

Can’t quite figure it out?

We are here to help. Cybersecurity doesn’t have to be complicated — as long as you know where to start. If you want to go beyond this checklist, OpenSight can help. We offer everything from risk scans and training sessions to advanced cloud security and real-time monitoring, helping you to grow without worry.

Schedule a no-obligation consultation with our specialists for more information.

People, process and technology, in that order

Dutch IT Channel is a leading Dutch platform for IT professionals, decision-makers and suppliers. With their in-depth interviews, market analyses and up-to-date news coverage, they have been a reliable source for developments within the IT sector for many years. Their journalistic quality and independent perspective make Dutch IT Channel a respected authority within the Dutch IT landscape.

Marcel Krommenhoek, founder of OpenSight, said: “I believe that cybersecurity cannot be solved with technology alone. It is just as much a human activity. At OpenSight, we therefore focus on combining people, processes and technology. In that order.”

First, make sure that everyone is aware of cyber security risks. Then, you need to set up proper processes. This will give management control back in the long term. To support this, we provide the appropriate technology to enable you to respond quickly and recover faster after an attack. We also offer an additional automated technology layer that administers the entire framework. ‘

In the interview, we elaborate on our vision and the importance of good cyber security. Read the full interview on the Dutch IT Channel website: https://www.dutchitchannel.nl/interview/666787/opensight-mensen-processen-en-technologie-in-die-volgorde

Summer is just around the corner. For many people, this is a time to get away, recharge their batteries and enjoy some peace and quiet. But cybercriminals? They don’t take holidays. While employees log off, these guys remain active. And that makes the summer period a vulnerable time for many organizations.

Cyber threats don’t take time off

Although the image of a hacker in sunglasses on a beach chair might be amusing, the reality is less light-hearted. Companies operating with reduced staffing levels are particularly vulnerable to cyberattacks. Cybercriminals are quick to exploit these gaps with targeted attacks, summer phishing campaigns, and the misuse of unprotected devices.

Why the summer is particularly risky

• Reduced vigilance With employees on holiday and IT teams understaffed, monitoring is on the back burner. This can result in suspicious signals or reports being overlooked.
• More travel = more risks Working from a holiday location or on the road often means using public Wi-Fi, unfamiliar devices and less secure connections.
• Seasonal scams Cybercriminals capitalise on current events. Think phishing emails about holiday bookings, package deals or fake travel information.

At Opensight, we continue to build digital resilience. Not only for our clients, but also within our own team and offerings. The past few months have been all about growth, on multiple fronts.

Welcome Dominic Boernama

We are proud to welcome a new team member: Dominic Boernama. He strengthens Opensight on the technical side of our organization. With his experience and expertise in IT and security, he brings valuable knowledge that directly benefits our services.

Dominic fits our mission perfectly: to pro-actively help organizations with smart and scalable security solutions. We welcome his arrival and look forward to his contribution to our future projects.

Cyber threat grows. Are you prepared?

The digital world is changing at lightning speed and with it the landscape of cyber threats. From ransomware to sophisticated phishing and zero-day attacks, the risks to organisations are increasing by the day. Small and medium-sized enterprises (SMEs) in particular are an attractive target for cybercriminals, as there is often less investment in modern security.

IT managers and CISOs face an obvious challenge: how do you build a resilient IT environment that not only detects attacks, but also recovers from them quickly? The answer lies in smart integrations, like the one between Commvault and CrowdStrike. That is something OpenSight is happy to help you with.

What makes this cybersecurity integration unique?

The combination of Commvault Cloud and CrowdStrike Falcon® provides organizations with a powerful, integrated solution for cyber detection, incident response and data loss recovery. This collaboration is not just a technical link, but a strategic defense tool that directly contributes to your cyber resilience.

1. Early detection of threats

CrowdStrike’s real-time threat intelligence recognises even the most sophisticated attacks early. Think fileless malware or lateral movements of an attacker within your network. You often don’t see these with traditional antivirus or EDR tools.

2. Insight into contaminated and clean data

Commvault uses this threat intelligence to quickly identify which systems and data have been compromised, and which are still ‘clean’. This way, you know immediately what can be safely restored, without reactivating ransomware during a restore.

3. Fast, controlled recovery processes

Cleanroom Recovery lets you test cyber recovery plans safely in a simulated environment. This ensures that your organization is truly prepared for an attack.

Why choose OpenSight?

As a certified partner of both Commvault and CrowdStrike, OpenSight offers unique additional value:

• Expertise in implementation of both platforms and their integration.
• Customized guidance, from strategic advice to technical implementation.
• Proactive monitoring and optimization of your cyber resilience environment.
• Short lines and clear communication, we are your brainstorming partner.

We work with SMEs, healthcare institutions, educational organizations and companies in industry on a daily basis. We understand your challenges and deliver solutions that fit your budget and ambitions.

Cyber resilience starts with the right choices

Do you want to not only survive a cyber attack, but emerge stronger? Then integrating Commvault and CrowdStrike is the smart choice. And OpenSight is the right partner to make that choice a reality.

Don’t let your organization be caught by surprise. Take the step today towards a robust, future-proof cybersecurity strategy.

Schedule a free strategy session with our experts and find out how your organization will become truly resilient to cyber threats in 2025.

Would you like more and in-depth information on this Commvault and Crowdstrike integration? Then download the Solutions Letter at the bottom of this page.