Dave Silke from Centripetal explains why 2026 demands a new emotional intelligence when it comes to bolstering a business’s cyber defence.
For years, we’ve told ourselves that cyberattacks are inevitable; that breaches are simply the cost of doing business in a digital world.
But 2026 demands a different conversation. Because the greatest danger facing organisations today isn’t just malware, ransomware, or the newest strain of AI-powered attack – it’s the mindset; it’s the inertia.
“Cybersecurity has become reactive by design. We investigate the past instead of shaping the future. We analyse the breach instead of preventing the next one”
It’s the quiet acceptance that “this is just how things are now.”
And that mindset is costing organisations millions and in some cases billions. We saw it here in Ireland with HSE and multiple universities over recent years, and most recently with Marks & Spencer.
Communities are being disrupted, confidence is being shaken, and emotional turbulence is at a high, as people feel their work, and their company are no longer secure.
And yet, many boards still treat cyber risk as a line item on the budget. Something to “absorb.” Something that will happen “when, not if.”
That is mindset inertia at its most dangerous.
The real crisis: Cybersecurity’s inertia mindset
Cybersecurity has become reactive by design. We investigate the past instead of shaping the future. We analyse the breach instead of preventing the next one.
The obsession with forensic investigation arguably can be put down to a whole host of technological and even business reasons but does also sit firmly alongside current trends in society.
Human behaviour is to ‘need to know what happened’. The difficulty being that forensic investigation and deep dives through documentaries and true crime podcasts showcase patterns, and risks that’s others can avoid – it is not the case for cybercrime.
Cybercrime doesn’t lurk in the shadows, is often opportunistic and approaches and attacks vary. There aren’t many out there who will disagree that technology is evolving at a pace that can be hard to keep up with, so why are we still investing so much time money and effort into the “forensic investigation”?
Because people naturally cling to the familiar, even when the familiar no longer works, and especially so when an alternative feels out of reach.
Cognitive biases like status quo bias, loss aversion, and confirmation bias convince leaders that legacy tools and policies are “good enough.” They can seek comfort in that they and their peers are trying, but the cyber criminals are just ‘too good’. But that’s exactly what they want soon-to-be victims to think.
Intelligence is transforming cyber defence – if we let it
There is another path. One shaped not by fear of the next attack, but by the intelligence to prevent it.
Threat intelligence has been used by governments and militaries for decades. Now, AI-powered and machine-learning-driven platforms bring that same capability to everyday businesses. They deliver pre-emptive, proactive protection, not reactive remediation.
We know that more than 99% of exploited vulnerabilities involve threat intelligence. The issue isn’t the lack of intelligence, rather it’s that organisations are drowning in it. Billions of indicators flood in daily, far beyond the IT department’s human capacity.
But today, intelligence-powered solutions have changed that. We can apply billions of Indicators of Compromise at wire speed, blocking 99% of known threats before they reach the network. All in real time.
This is the shift leaders must recognise. Cybersecurity tools react. Intelligence prevents. And intelligence works everywhere. Across corporate networks, cloud infrastructure, mobile devices, on-prem workloads, and DNS.
Intelligence stops the threats that move faster than any human can think. Intelligence can stop threats before they hit your network.
Intelligence isn’t just for governments anymore
There’s a lingering belief that threat intelligence is too complex, too expensive, or too “military-grade” for most organisations. That’s a relic of another era.
Today, intelligence-driven cybersecurity is accessible and cost-effective for businesses of all sizes. Threat intelligence is now affordable, accessible, and can be applied in real time to make a real difference.
Boards worry about cost – yet the cost of traditional thinking and succumbing to mindset inertia is truly visible for all to see. Just ask the HSE and M&S. Both attacks that could potentially have been prevented with modern threat intelligence in place.
And culture plays a huge role.
In many organisations, risk avoidance is rewarded more than innovation. That’s how mindset inertia embeds itself. We know that nearly three quarters of transformation initiatives fail because leaders can’t overcome this very inertia. But we cannot afford for cybersecurity to become another casualty of outdated thinking.
2026: A line in the sand
The “if not, when” mindset belongs in 2025 – firmly and unapologetically left behind.
Threat intelligence can prevent 99.99% of breaches, stopping them long before they become news stories, budget lines, or career-defining crises.
No more budgeting for ransomware. No more sleepless nights wondering “what if.” No more accepting that attackers will win because they move faster.
2026 must be the year organisations choose intelligence, both human and technological, to drive a more secure, more proactive, more resilient future.
This isn’t just a cybersecurity shift. It’s a mindset transformation. And the companies that embrace it will shape the future.
-
Bank of Ireland is welcoming new customers every day – funding investments, working capital and expansions across multiple sectors. To learn more, click here
-
For support in challenging times, click here
-
Listen to the ThinkBusiness Podcast for business insights and inspiration. All episodes are here. You can also listen to the Podcast on:
-
Spotify
-
SoundCloud
-
Apple
