As part of an online miniseries, James Griffin, CEO of CyberSentriq discusses his industry predictions for 2026.
My name is James Griffin, CEO of CyberSentriq, an integrated cybersecurity and data protection platform purpose-built for Managed Service Providers (MSPs).
CyberSentriq was formed by the merger of Redstor and TitanHQ, two vendors in the MSP space.
Partnering with over 3,000 MSPs and protecting over 150,000 SMBs globally, CyberSentriq provides an integrated cybersecurity and data protection platform, built from services including email security, web filtering and backup and recovery for cloud and on-prem workloads.
I joined Redstor in 2019 as Chief Product Officer and in March 2023 I had the privilege of stepping into the CEO role.
My career in tech spans more than 20 years, during which I’ve worked in senior leadership positions across cloud infrastructure, software and a range of other sectors.
Those experiences have shaped how I lead today and continue to influence the way I think about building products, teams and long-term value.
AI adoption is rising across industries, but its misuse by cyber-criminals to power and automate their attacks poses a significant threat to the security industry.
Alongside this, Phishing-as-a-Service (PhaaS) and Ransomware-as-a-Service (RaaS) continue to lower the barriers to entry for cyber-crime, enabling individuals with minimal expertise to launch sophisticated attacks.
This trend suggests that phishing and ransomware attacks will increase not only in volume but also in sophistication.
With generative AI tools now widely available to cyber-criminals, the use of AI to create increasingly convincing messages and deepfakes laced with malware is also on the rise.
Given these escalating threats, businesses and managed service providers need to deploy equally advanced tools to keep pace.
DNS filtering, for example, can block access to known malicious websites before they load and complement existing setups such as firewalls and antivirus software, forming part of a layered cybersecurity strategy.
The sheer number of attacks witnessed this year, including those against JLR, M&S and the Co-op, also highlights that the sector is under immense strain.
With this comes a likely rise in cyber insurance premiums, reinforcing the importance of securing operations against reputational and financial damage that come with a data breach.
This may prompt leaders to consolidate their security strategies and adopt solutions that provide enhanced defences across multiple attack vectors.
On the legislative front, the UK’s upcoming Cyber Security and Resilience Bill – expected to become law in 2026 – will place MSPs under unprecedented levels of scrutiny as the government strengthens efforts to protect critical national infrastructure.
MSPs and businesses that fail to comply could face audits and heavy fines, meaning compliance in the new year cannot be left to chance.
As we move into 2026, organisations and professionals must remember that no business is too small to be targeted by cyber-criminals.
The 204 nationally significant incidents handled by the NCSC this year, up from 89 previously, show that cybercriminals target systems indiscriminately and exploit vulnerabilities wherever they exist.
Beyond technical defences, enhanced security training like gamified phishing simulations can help build awareness, reduce risks like alert fatigue and burnout and empower staff to spot and report threats confidently.
Those that succeed in 2026 will be the teams that adopt layered defences and foster a security-aware culture, making cybersecurity a board-level priority embedded throughout the organisation.
Also, by investing in a layered approach that combines technical controls with people-focused initiatives, organisations can minimise cyber-risks while strengthening operational resilience in an increasingly unpredictable threat landscape.
