The future of digital infrastructure of the world turns a corner in the year 2026. The intersection of cloud computing, the Internet of things (IoT) and cyber security has become the theoretical goal of the architectural design than an existent demand. With organisations moving into the post-2025 environment, the perfect storm of technology evolution faces organisations: the maturation of generative artificial intelligence as a defensive tool and as an offensive weapon; the completion of post-quantum cryptographic standards with the coming of the so-called Q-Day; and a regulatory flood led by the United States Cyber Trust Mark and the European Union Cyber Resilience Act (CRA). The organization has unquestionably broken down the traditional perimeter, and in its place is a permeable, identity-based boundary built upon the principles of Zero Trust. The following report serves as a comprehensive review of these overlapping areas and how such solutions as Cloud-Native Application Protection Platforms (CNAPPs) and Secure Access Service Edge (SASE) moved away from individual tools to unified ones, and how new requirements such as software bills of materials (SBOMs) and secure by design affect operations. Additionally, the report examines the essential transition to cryptographic agility by the standardisation of Ascon to lightweight IoT encryption and the ML-KEM/ML-DSA set of post-quantum defence.
Gautam et al. (Fri,) studied this question.