A senior cybersecurity executive has issued a stark warning to corporations and governments, urging a fundamental reassessment of digital defense strategies as cyber threats undergo a dangerous evolution. Matt Castonguay, Chief Revenue Officer at Hitachi Cyber, addressed industry leaders at the Hitachi Cybersecurity Leadership Summit 2026 in Barbados, revealing that malicious actors have shifted their focus from traditional data theft to directly targeting operational infrastructure.
According to Castonguay, the cybersecurity landscape has transformed dramatically from the era of simple ransomware attacks where organizations could pay to retrieve encrypted data. Modern attackers now employ sophisticated tactics designed to cripple entire business operations, creating cascading financial and reputational consequences. ‘We’re seeing more deliberate attacks at operations, trying to shut down operations entirely,’ Castonguay explained. ‘They’ll shut down your systems, and now you have to pay to regain operational control.’
The expert identified identity-based attacks as the predominant vulnerability despite technological advancements. ‘After all this sophistication, so many breaches stem from someone clicking on the wrong link, compromised credentials, or password reuse across platforms,’ Castonguay noted, emphasizing that stolen credentials frequently surface on dark web markets before being weaponized against corporate networks.
Artificial intelligence has dramatically escalated the threat landscape, particularly in phishing campaigns. Castonguay detailed how AI enables attackers to create convincing chatbots and automated agents that initiate benign conversations before transitioning into sophisticated phishing attempts. ‘The English is no longer flawed – the sophistication has stepped up dramatically with AI,’ he observed.
Supply chain vulnerabilities represent another critical concern, with Castonguay warning that third-party vendor breaches often result in reputational damage to primary companies despite their robust security measures. ‘Companies have great cybersecurity policies, but then they use a third-party vendor that might have limited access to customer data but isn’t secure,’ he explained.
Illustrating the real-world consequences of security oversights, Castonguay cited the Colonial Pipeline breach where an inactive VPN account with administrative privileges enabled a devastating network compromise. ‘A simple cybersecurity assessment would have identified inactive accounts,’ he stated, noting the incident resulted in tens of millions in damages from ransomware and operational disruption alongside severe reputational harm.