Cybersecurity must be built into digital platforms, says Konrad Rudy, Head of Technology at G2A.COM.
As organisations adopt AI at scale, cybersecurity is no longer a standalone function. It’s a core platform capability embedded into platform engineering, data governance, and everyday operations. Attackers are already using AI to scan codebases, map vulnerabilities, and automate phishing and attack path discovery at unprecedented speeds. This renders traditional perimeter-based security models obsolete, as a result.
Ultimately, security must evolve alongside modern platforms by embedding AI-driven security, Zero Trust, and Secure Access Service Edge (SASE) directly into their platforms and development workflows. Therefore, in 2026 and beyond, the organisations that succeed will be those that treat security as an architectural foundation rather than an afterthought.
Why Zero Trust and SASE are now baseline architectures
The collapse of the traditional perimeter has made Zero Trust and SASE foundational, not optional. And when users work from anywhere and workloads run across multiple clouds, on-premises data centres, and edge locations, trust can no longer be assumed based on network location.
Zero Trust is built on the simple principal – never trust and always verify. This ensures that every user, device, and application is continuously authenticated and authorised. SASE extends this model by moving security controls closer to users and workloads. This enforces consistent security policies at the edge, rather than rerouting traffic to a central data centre.
Together, these models reflect a new reality – that security must follow identity, not infrastructure. They also highlight the increased important of platform engineering. This is especially critical as platforms increasingly automate identity, access policies, network paths, and secrets management to ensure security is applied consistently across environments without slowing teams down.
AI-powered AIOps and chaos engineering becoming operational standards
AI is not only changing how systems are attacked, but transforming how they are defended as well. Practices such as AIOps and chaos engineering – which were once limited to advanced site reliability teams – are now moving into the operational mainstream. Modern AIOps platforms use machine learning to analyse logs, metrics, and traces, detects anomalies, and triggers automated responses. And when integrated into internal develop platforms, AI agents can support engineers with real-time insights and first-response actions.
Chaos engineering follows a similar path. By intentionally introducing controlled failures, organisations can test system resiliency before incidents can negatively impact users. And when combined with AI-driven observability, these experiments can help platforms learn how systems fail and how they should recover. Overtime, AI can assist with rolling back deployments, shifting traffic, or scaling services within predefined guardrails.
Crucially, this approach does not replace engineers as people remain a critical line of defence. Rather, it elevates their roles. Alongside procedural and technological safeguards, G2A.COM – a marketplace for digital entertainment – prioritises educating teams and all employees on cybersecurity, reinforcing that human awareness is as vital as any system. Therefore, people should continue to define intent, acceptable risk, and architectural trade-offs while AI handles repetitive analysis and rapid responses. In doing so, results in a system that is more resilient, adaptive, and capable of learning and improving overtime.
Why security must be built into developer platforms
One of the most persistent challenges in modern environments is treating security as something to add on later. But with dozens of Continuous Integration/ Continuous Delivery or Deployment (CI/CD) pipelines, multiple clouds, and thousands of micro-services, manual and fragmented controls can no longer scale.
Therefore, security must instead be automated directly into developer platforms. Meanwhile, identity provisioning, secrets management, policy enforcement, and network configuration should be delivered through the same self-service workflows developers already use. And when secure defaults and guardrails are embedded into platforms, teams can move faster without increasing risks.
This approach also reduces cognitive loads. Ultimately, developers should not need to understand every security nuance to do the right thing. Instead, platforms should make secure paths the easiest by design.
Data governance as a board-level priority
As AI-driven analytics and automation expand, data becomes the most valuable asset and greatest liability at the same time. AI-sensitive data – including customer behaviour, revenue models, and product performance insights – requires strong go to remain both secure and trustworthy.
This means encryption, role-based access control, data masking, and clear lineage alongside close collaboration between platform, data, and security teams. However, without trust in data, AI will only accelerate poor decisions.
Looking ahead, cybersecurity will increasingly become the differentiating factor between digital platforms. The goal is no longer simply to prevent breaches, but to build systems which are robust and resilient by design.
By 2026, true innovation will not come from choosing between cloud or on-premises environments. Instead, the innovation will stem from building intelligent platforms – where AI-driven automation, Zero Trust security, and strong governance – are intrinsically woven into each and every layer. By doing so, hybrid, multi-cloud, and edge environments will no longer be sources of risk or complexity, but enablers of scale, speed, and sustainable digital growth.
