The term cybersecurity has already been mentioned several times in our previous technical articles,  such as in the context of digital transformation, networked systems or AI-supported processes. This article now takes a closer look at the risks, challenges and solution strategies for cybersecurity in 2026, specifically for PLM and AI systems, both now central components of modern production and value creation.

Why cybersecurity will be a strategic issue in 2026
Digital networking across the entire product lifecycle and the use of artificial intelligence (AI) are significantly increasing the complexity of modern IT landscapes and the attack surface for cyber threats. While AI itself is a driver of innovation, it also creates new risks — both for attacks and the systems designed to defend against them. By 2026, cybersecurity will no longer be considered solely an IT issue but instead an integral part of corporate strategy and product development.

Companies safeguard product data, IP, cloud infrastructures and AI models –  especially in networked environments like PLM systems, digital twins or collaborative engineering platforms.

Key risks for PLM and AI systems

  1. AI-assisted attacks and autonomy of threat systems:
    With the spread of AI, attackers are increasingly using automated, adaptive methods to discover and exploit vulnerabilities, personalize phishing campaigns, or independently develop and distribute malware. These so-called agentic attacks are changing the dynamics of traditional security models and need new defense strategies.
  2. Identity and access risks:
    Identity will be seen as one of the main gateways for cyberattacks in 2026. Compromised credentials, overprivileged accounts or insecure API integrations can give attackers access to sensitive PLM or AI systems. Standard-based zero trust approaches are becoming ever more important as traditional network perimeter models increasingly fail.
  3. Data leaks, compliance and governance challenges:
    The use of AI in product development and management creates additional risks relating to data protection, IP protection and regulatory requirements. Weak governance-oriented management can lead to data leaks, compliance violations or legal sanctions – for example, when AI models process or pass on sensitive information without sufficient controls.
  4. Confidentiality, integrity and availability in PLM systems:
    Product lifecycle data includes critical design information, supply chain models, and technical specifications, the integrity and confidentiality of which are crucial. Manipulation or unauthorized access to this data can have a direct impact on production, product quality, and market launch.
  5. Vulnerabilities throughout the system ecosystem:
    Modern PLM infrastructures integrate cloud platforms, IoT devices, AI models and traditional enterprise systems (ERP, CRM). This multi-layer architecture creates an expanded attack vector and requires an end-to-end security strategy that takes cloud, edge and local components into account.

Solutions & security strategies for 2026

  1. Governance and frameworks: zero trust and continuous risk management:
    A zero-trust approach, in which nothing (user, device or service) is automatically trusted, vastly improves cyber resilience. In addition, continuous threat exposure management (CTEM) helps to identify and reduce risks on an ongoing basis, rather than just checking them periodically through audits.
  2. AI-powered defence and SOC automation:
    Cybersecurity teams are increasingly using AI to detect anomalies in real time, analyze attack patterns and automate incident response processes (structured guidelines).  AI-supported central security functions such as SOC solutions enable security teams to respond to threats more quickly and efficiently.
  3. Strengthening identity security and multi-factor authentication:
    Identity-first security is a key element of modern cybersecurity strategies. This includes adaptive multi-factor authentication, strict authorization models and dynamic access policies to block unauthorized access.
  4. Compliance, standards and regulatory preparation:
    Regulatory initiatives such as the Cyber Resilience Act in the EU create binding standards for products and systems with digital components. Companies that adapt to these requirements at an early stage can minimize security risks and reduce legal risks.
  5. Governance for AI models and data security:
    Adequate control over AI models – including data provenance, explainability and monitoring – is essential to minimize unforeseen data risks. Strategies include secure training datasets, continuous reviews of model outputs and clear guidelines for AI use.

Practical examples of cybersecurity protection measures

  • Segmented network architectures: Reduce attack surfaces by clearly separating critical resources.
  • Red team/blue team exercises: Simulated attacks to strengthen defences and raise awareness among internal teams.
  • Regular security updates and patch management: Essential for reducing known vulnerabilities.
  • Security by design: Taking security into account during the development and integration phases of systems.

Conclusion
By 2026, cybersecurity in PLM and AI systems will no longer be just a technical challenge but a strategic necessity for companies that want to successfully shape their digital transformation. Risks arise not only from external attacks, but also from internal vulnerabilities, governance gaps and unsecured AI deployments. A robust security strategy — including zero trust, AI-assisted defense, identity security, continuous risk assessment and regulatory compliance — builds trust, minimizes risks and strengthens resilience in the face of a rapidly changing threat landscape.