If we look back at the security predictions from five years ago, few could have anticipated the sheer speed at which AI would permeate our defenses, says Alvar Orellana McBride, Executive Director, Griffin Risk.
As we settle into 2026, the allure of the “technological silver bullet” is stronger than ever. Experts have offered predictions on analytics, autonomous surveillance and self-healing networks.
Yet, as I look toward the horizon of the security landscape worldwide, I am convinced that our most critical asset – and often our most significant vulnerability – remains unchanged: the human being.
For too long, the industry has relied on the cliché that humans are the “weakest link” in the chain. In 2026, we must reject this defeatist narrative.
If we view our people merely as liabilities to be restricted, we fail.
Instead, following the Positive Psychology, championed by figures like Marcus Buckingham, the most successful strategies this year will be those that transform the workforce from a vulnerability into our strongest firewall by strengthening their capabilities and skills.
The threat landscape in the Americas is increasingly complex, ranging from sophisticated social engineering campaigns targeting remote workers to physical risks driven by socioeconomic volatility.
Technology can detect an intrusion, but it cannot replicate the intuition of a well-trained employee who notices something “just isn’t right.”
To harness this, we must move beyond “tick-box” compliance training.
The era of the annual, passive video is over. In its place, we need a dynamic security culture in which security is woven into the company’s operational DNA.
This means fostering psychological safety where employees feel empowered to report near-misses or potential phishing attempts without fear of blame; achieving this is paramount for success in a resilient organization.
When a team member flags a suspicious email, do they receive silence, or are they championed as a defender of the organization?
The answer to that question defines your resilience.
As hybrid work models solidify across the continent, the “perimeter” has effectively dissolved.
Security is no longer defined by the walls of a headquarters but by the behaviors of an employee working from a coffee shop in São Paulo, a home office in Toronto or connected from a public network on a field trip.
In this dispersed environment, culture is the only perimeter that travels with the user.
My advice to security leaders for the coming year is simple: invest in your technology, but double down on your people.
Use 2026 to build a “Security First” mindset where every employee, from the C-suite to the front line, understands their role in the protection ecosystem.
We cannot automate intuition, nor can we code loyalty.
As we navigate the uncertainties of the year ahead, remember that while algorithms may predict threats, it is our culture that will ultimately prevent them.
Alvar is the Executive Director of Griffin Risk and currently serves as the Secretary and Treasurer for the Latin America and Caribbean Regional Board at ASIS International.
With a distinguished background that includes tenure with the Google Data Centers Security Team, Alvar is a leading voice in Enterprise Security Risk Management (ESRM).
He advocates for the “Security 360” methodology, challenging professionals to move beyond operational silos and align security objectives directly with business strategy.
This article was originally published in the February edition of Security Journal Americas. To read your FREE digital edition, click here.