Evolving Zero Trust and Embedded AI – Federal Government Cybersecurity Predictions for 2026

By: Venkat Sundaram, Netskope

Although concepts like artificial intelligence (AI) and zero trust have existed in some form for years or even decades, we’re witnessing a continued evolution of both when applied to cybersecurity. This presents opportunities for the Department of War/Defense but also creates new challenges which will come to a head in 2026.

With that in mind, there are a few developments we can expect to see in the coming year.

Prediction: The Pentagon will integrate behavioral analytics into zero trust efforts.

2026 will present the most critical period in the department’s zero trust implementation journey, marking the last full year before the mandated deadline to achieve targeted zero trust goals. While the department made notable progress focusing on zero trust for access, it will turn its attention to the context of data usage and automation/orchestration aspects of zero trust in 2026.

Consequently, the Pentagon will also shift its technical priorities from foundational zero trust capabilities to investment in advanced behavioral analytics tools, leveraging machine learning to ultimately detect anomalous user activity and assign dynamic risk scores to flag activities that indicate suspicious behavior. We expect the department to specifically target the deficiencies in automated data tagging, risk-based application access and automation. The goal should be to trigger adaptive policy controls when risk increases, moving the department beyond static perimeter-based allow/deny controls.

The zero trust framework will require analysis of events, activities and behaviors to derive context and apply AI and machine learning (ML). This effort focuses on achieving a highly personalized model that improves detection and reaction times for making real-time access decisions. Specifically, this involves implementing User and Entity Behavior Analytics (UEBA) to baseline activity and identify anomalies.

Prediction: The expansion of zero trust principles into operational technology (OT), weapons systems and tactical environments will hit technical speed bumps. 

The Pentagon has explicitly included OT and weapons systems in its zero trust implementation requirements. However, because legacy OT infrastructure frequently operates on models of implicit trust and security implementations must strictly avoid overriding or interrupting essential safety functions, the department requires a modern, data-centric approach to address trust based on dynamic policy and continuous verification rather than static network perimeters.

Addressing this complexity will consume significant 2026 DOW/DOD resources, especially as the department begins piloting new zero trust standards for OT, such as the Navy’s planned Block 2 advanced zero trust implementation. These implementations will force the integration of AI-driven monitoring and automated response to create a comprehensive, resilient, and proactive cybersecurity framework. The operationalization of the zero trust pillars related to visibility, analytics, automation and orchestration mandates the deployment of AI/ML to analyze behavioral telemetry and execute Security Orchestration, Automation, and Response (SOAR) workflows. This integration will transform the department’s posture from reactive defense to anticipatory risk management, establishing the information enterprise envisioned in the zero trust strategy.

Prediction: The Pentagon will accelerate the push to embed AI across its security landscape.

The Pentagon’s rapid pace of AI adoption will gain even more speed in 2026. This acceleration will be spurred by the need to streamline the Risk Management Framework and facilitate faster deployment of software through the Continuous Authorization to Operate (cATO) process.

The department will leverage AI and machine learning to drive automation and orchestration decisions across the zero trust pillars. These efforts will automate and standardize the governance processes necessary to secure the software supply chain and rapidly integrate innovative commercial technology.

These efforts will also provide the AI-derived policy automation necessary to maintain dynamic security monitoring and receive real-time alerts automatically. This remains a challenge due to siloed domains and manual interventions in conventional architectures.

The evolution of zero trust and AI advancement will present both opportunities and challenges to the Pentagon in the coming year. Going forward, the department should focus on unifying security functions and enforcing dynamic, context-aware authorization across hybrid environments and migrating away from legacy security stacks.

This means leveraging AI/ML embedded within the platform’s engine to enable adaptive access control, fundamentally shifting the DOW/DOD from static “allow/deny” decisions to real-time risk calculation. This capability will directly address the department’s need for continuous authentication while mitigating insider threats.