SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Raymond schippers
#
Firewalls
#
Ransomware
#
Hybrid Cloud

Hybrid mesh security emerges to counter AI cyber risks

Tue, 27th Jan 2026
By Raymond Schippers, Lead Technologist – A&NZ, Check Point Software Technologies

The growing complexity of corporate IT infrastructures is causing increasing challenges when it comes to security. Techniques that may have worked when infrastructures were primarily on-premise have to be rethought when cloud resources are added to the mix.

According to the IBM Cost of Data Breach Report 2024, breaches involving data distributed across multiple environments occur more frequently (40%) than those limited to public cloud (25%), on-premises (20%), or private cloud (15%) settings. These results highlight a critical vulnerability in hybrid environments where workloads span multiple platforms.

The complexity of modern IT infrastructures also creates natural blind spots that attackers exploit. When applications run across multiple clouds while accessing on-premises databases, and remote workers connect through various entry points, traditional perimeter-based security models become ineffective. 

Cyber criminals have developed sophisticated, multi-stage attack chains designed to maximise damage. These attacks typically begin with initial access through phishing or vulnerability exploitation, followed by establishing persistence, privilege escalation, lateral movement, data exfiltration, and finally payload execution.

The Cybersecurity and Infrastructure Security Agency (CISA) has identified lateral movement as the most under-monitored phase, yet it represents the critical juncture where attackers gain access to an organisation's most valuable systems.

Avoiding a fractured approach 

Fragmented security approaches continue to fall short against these types of cyber attacks. Many organisations operate with siloed infrastructure which involves having different security solutions for on-premises networks, cloud workloads, remote workers, and SaaS applications. This fractured approach results in inconsistent policy enforcement, incomplete visibility, and sluggish response times.

Cloud misconfigurations remain a particularly vulnerable entry point. CISA has repeatedly warned about improperly configured IAM roles, overly permissive storage buckets, and unused open ports serving as footholds for ransomware in hybrid environments.

Meanwhile, legacy firewalls struggle to address this complexity, failing to inspect traffic between cloud workloads, remote users, and SaaS applications.

One approach gaining attention is Zero Trust security, especially as AI adoption accelerates. Organisations must implement strong identity and access controls, network segmentation, and least privilege principles to protect against compromised identities, AI-powered malware, and unauthorised data exfiltration.

The benefits of a hybrid mesh

Security experts recommend a hybrid mesh architecture to overcome these security gaps. This approach delivers distributed enforcement across hybrid environments while maintaining centralised policy management for consistent protection.

Unlike traditional models that focus on perimeters, hybrid mesh security provides flexibility to deploy protection where it's most needed, whether on-premises, in cloud environments, or on endpoint devices.

The architecture operates on three core principles: distributed enforcement points that can be deployed anywhere in the infrastructure, unified policy management that ensures consistent security standards, and adaptive security controls that adjust based on risk and context.

This combination creates a security fabric that moves with workloads and users, rather than relying on static boundaries. An example of a hybrid mesh architecture could include:

  • On-device mobile security for remote users connecting to the internet
  • On-prem security for branch offices
  • Cloud-based security for remote users without agents

Significant operational improvements

Organisations implementing hybrid mesh architectures report dramatic improvements in operational efficiency alongside enhanced security outcomes. Security teams experience significantly faster threat detection and response times compared to traditional fragmented approaches.

The unified management interface eliminates the constant context-switching between multiple security consoles, allowing analysts to investigate incidents more thoroughly and respond more rapidly.

The consolidation benefits transform daily operations. Organisations dramatically reduce their security tool sprawl, streamlining vendor relationships and procurement processes while simplifying staff training requirements.

At the same time, automated policy enforcement eliminates the majority of manual configuration tasks, reducing human error while ensuring consistent security posture across all environments. Teams can deploy new policies rapidly and maintain configuration consistency without the drift that plagues traditional multi-vendor environments.

Implementing hybrid mesh

Effective adoption of hybrid mesh model will demand methodical planning and a measured rollout. The first step for many organisations will be a clear-eyed assessment of their existing security landscape, mapping current architectures, pinpointing critical assets and data flows, and setting baseline policies to guide the shift.

The move toward a mesh model should begin with high-risk areas, ensuring that core protections remain intact throughout the transition.

Equally important is the human element. Change management and staff training will be essential as security teams adjust to new tools, workflows and governance structures while keeping day-to-day operations steady.

Businesses are also being urged to press their technology vendors to collaborate across platforms, reducing complexity and enabling smoother integration that delivers tangible, incremental value over time.

Taking a new approach

The stakes have rarely been higher. As cyberattacks surge and AI-driven threats grow more sophisticated, security leaders are being forced to rethink long-standing assumptions about how best to protect their organisations.

In a hyperconnected economy, traditional perimeter-based defences are no longer sufficient. The challenge now is to build integrated, prevention-focused security frameworks that can anticipate and neutralise attacks before they spread.

Many experts see hybrid mesh security combined with the intelligent use of AI-driven controls as the next major evolution. Together, these approaches promise to break the ransomware attack chain and create more resilient, adaptive defences suited to the speed and scale of modern digital risk.

Related stories
OPSWAT names Jan Miller CTO to lead new Technology Centre
eBPF report shows efficiency, security gains at scale
Securing the digital classroom: A layered cybersecurity approach for K-12 schools
LummaStealer returns post-takedown with ClickFix ruse
Okta unveils tools to detect & govern shadow AI risks

Top stories

Xiid & Cytex link AI governance with zero trust access
UK CIOs struggle to govern surge in business AI agents
AI romance scams surge on UK dating apps, says study
Cyber premiums fall as Lockton flags 2027 volatility risk
AI-driven ransomware attacks surge, most go unreported