Businesses are locked in an AI arms race.
Cybercriminals are using generative AI, synthetic identities, and deepfake technology to accelerate attacks. At the same time, security teams are racing to automate detection, streamline response, and embed AI into their defensive posture.
In a recent interview with BizTech Magazine, IDC’s Dr. Grace Trinidad explored what this new reality means for enterprises and why AI-driven cybersecurity is no longer optional.
The bigger story? IDC’s FutureScape 2026 predictions anticipated this structural shift.
What are Synthetic Identity Cyberattacks, and Why are They Scaling?
Synthetic identity phishing uses AI-generated content combined with real personal data to fabricate highly convincing digital identities.
IDC predicts:
By 2027, 80% of organizations will experience phishing attacks from criminals using synthetic identities, mixing real info and AI-generated data to create fabricated identities that appear legitimate.
(IDC FutureScape 2026, Prediction 5, Security and Trust)
This is not a fringe scenario. It represents a structural change in the threat landscape.
Grace highlights a high-profile example in which AI-generated executive replicas convinced an employee to authorize a $25 million transfer. As she notes to BizTech about the firm’s approach:
“Everyone needs a safe word now so that we can verify transactions and make sure that they’re not actually initiated by a fraudulent actor posing as one of our executive staff.”
AI has lowered the barrier to impersonation. Trust frameworks must evolve just as quickly.
Why is High-Quality Telemetry Critical for AI-Driven Cybersecurity?
AI-powered security systems are only as strong as the data that feeds them.
Grace explains to BizTech:
“When you have very high-quality telemetry, that naturally cascades into good AI output.”
This aligns directly with IDC’s broader guidance:
By 2027, companies that do not prioritize high-quality, AI-ready data will struggle scaling GenAI and agentic solutions, resulting in a 15% productivity loss.
(IDC FutureScape 2026, Prediction 6, Worldwide AI and Automation)
In cybersecurity, poor data quality does not just reduce productivity. It increases exposure, slows detection, and amplifies risk.
Telemetry is now the foundation of scalable AI defense.
How Will Breach Response Shift from Static Playbooks to Agentic Orchestration?
Traditional breach response playbooks are static, manually updated, and often disconnected from real-time system conditions.
That model will not survive in an agentic era.
In the article, Grace describes the shift ahead:
“In the next three years, we’re going to see personalized playbooks based on telemetry from that organization’s existing environment captured on the fly, in real time.”
IDC forecasts:
By 2030, 45% of organizations will centrally manage the orchestration of AI Agents to boost employee collaboration, seamlessly scale operations and ensure ethical governance of AI deployments.
(IDC FutureScape 2026, Prediction 9, Worldwide AI-Fueled Business Strategies)
Security will be one of the first domains where orchestration becomes mission critical. Dynamic response. Real-time adaptation. AI agents collaborating with human analysts.
Why is AI Governance the Line Between Innovation and Liability?
AI integration across the enterprise remains uneven. Many organizations are experimenting. Few are fully aligned.
Grace observes in the article:
“We’re not quite there yet… I don’t know any organization that I would say they’re a standout example of AI integrated throughout the enterprise.”
Without governance, AI becomes a new attack surface.
IDC predicts:
By 2028, 100% of Global 100 and 50% of Global 1000 will spend at least $2 million a year on unified AI governance software that includes security, ethics, and privacy as a requirement for innovation.
(IDC FutureScape 2026, Prediction 5, Worldwide AI and Automation)
Governance is not a brake on AI innovation. It is the enabler of safe scale.
What Should CISOs and CIOs Do Now?
To navigate AI-powered cyber risk, leaders should:
- Audit AI-ready data foundations and telemetry quality.
- Evaluate controls for synthetic identity detection and identity verification.
- Modernize breach playbooks toward real-time, adaptive orchestration.
- Invest in unified AI governance frameworks that integrate security, ethics, and compliance.
- Establish performance metrics that measure human-AI collaboration, not just automation efficiency.
The AI Arms Race is Structural
Who benefits more from AI, defenders or attackers?
Grace tells BizTech that it a zero-sum game:
“As the ways that we protect ourselves become more dynamic and more responsive and more agile, threat actors are also going to up their game.”
The difference will not be who adopts AI first. It will be who integrates it strategically across data, workforce, governance, and orchestration. Organizations face powerful crosscurrents: geopolitical uncertainty, regulatory shifts, workforce disruption, and now AI-accelerated cyber risk. You cannot control the crosscurrents, but with deliberate strategy, AI-ready data, and agentic orchestration, you can turn turbulence into advantage.
Explore More
To understand how agentic AI will reshape cybersecurity, governance, and enterprise operations in the next 1–5 years, explore IDC FutureScape 2026 predictions and insights.
Read Grace Trinidad’s full interview in BizTech Magazine to hear how these shifts are unfolding now.
