Artificial intelligence (AI) technology is advancing rapidly, and AI agents have become an important technology across various industries. Furthermore, AI agents are gradually becoming a primary means of automating individual work and factory manufacturing, and even a key tool for hackers to launch attacks. Therefore, Palo Alto Networks believes that in 2026, a year of widespread AI agent adoption, the focus for the public and businesses should be on how to use AI agents to defend against AI-driven cyberattacks; in other words, 2026 will be the "Year of AI Defense."

Yu Hui-sheng, General Manager of Palo Alto Networks Taiwan, stated that with the rapid development of AI and the continued integration of AI agents into enterprises, Palo Alto Networks' research report, "Six Predictions for the AI Economy: New Rules for Cybersecurity in 2026," points out that in 2026, autonomous AI agents will not only fundamentally reshape enterprise operating models but will also trigger significant changes in multiple fields, including identity verification, Security Operations Centers (SOCs), quantum computing, data security, and browsers. This means that 2026 will no longer be a year of AI innovation and disruption like 2025; instead, the focus must be on AI protection, especially cybersecurity related to AI agents.

Why has cybersecurity become so important for AI agents? Hsiao Sung-ying, CTO of Palo Alto Networks Taiwan, explains that in the current stage, the role of AI in the workplace has shifted from auxiliary to "native." In other words, in the past, AI agents communicated with people through Large Language Models (LLMs), where users had to set up automated workflows. Now, "AI-native" means that users only need to give instructions to the AI agent placed in the machine or device, without needing to tell the LLM or the AI agent "how" to execute; the AI agent will automatically generate automated processes. Such autonomous AI agents with reasoning, action, and memory capabilities will only increasingly penetrate people's work and lives, redefining this era and giving rise to the AI economy.

Autonomous AI agents sound fantastic, right? But hidden within them lie a host of new challenges and core issues. Hsiao Sung-ying stated that the report, "Six Predictions for the AI Economy: New Rules for Cybersecurity in 2026," proposes six predictions and solutions for AI and cybersecurity in 2026. First, according to CyberArk research, when the number of machines and AI agents far exceeds that of human employees, reaching an astonishing ratio of 82:1, corporate executives should consider how to regulate and protect this new type of workforce, who should be responsible in the event of disputes or "incidents," and how to prevent the chain reaction and crisis of automation if hackers gain access to the AI agent's identity.

Furthermore, the talent shortage will drive companies to widely adopt AI agents to achieve better workflow automation and end "alarm fatigue." However, this also introduces a new inherent risk—attackers will no longer primarily target "humans" but will instead target AI agents to launch attacks. Thirdly, there is the issue of data trust. Hsiao Sung-ying points out that AI learning relies on the accumulation of vast amounts of data; therefore, if hackers "contaminate" the data used to train the core AI model, the AI model may make significant errors.

Fourthly, only 6% of enterprises have developed advanced AI security strategies, leading to increased risks associated with AI agents. In the event of a problem, senior executives will be held responsible for the actions of out-of-control AI agents. Fifthly, quantum computing is imperative; sixthly, enterprises need to pay special attention to browser security in the future. Hsiao Sung-ying explained that whether it's LLM or enterprise tasks, everything is done through a browser. Therefore, browsers have begun to evolve into agent-like platforms capable of performing tasks and are gradually becoming the "new operating system" for enterprises. This undoubtedly opens a new door to AI with unique blind spots for attackers.

To defend against the security challenges arising from AI agents, "Six Predictions for the AI Economy: New Rules for Cybersecurity in 2026" proposes solutions. These include employing new and indispensable AI oversight tools as "AI firewalls" to instantly identify and block the misuse of implanted prompts and malicious code tools; and using a unified platform as the foundation for trustworthy AI, which not only provides agent-based AI with the motivation to surpass human capabilities and autonomously prevent threats, but also offers verifiable oversight procedures. Regarding browsers, Palo Alto Networks recommends that enterprises establish a unified cloud-native security model, implementing a zero-trust mechanism directly within the browser to protect sensitive data from leakage or block unauthorized file transfers.