What Baltic IT Leaders Are Focusing on in 2026

Insights from nearly 200 IT and cybersecurity professionals at CyberChess 2025

At this year’s CyberChess 2025 Conference, hosted by CERT.LV, Squalio had the opportunity to engage directly with the Baltic region’s IT and cybersecurity leaders to understand what will shape their priorities as they look toward 2026.

During the event, nearly 200 IT managers and cybersecurity professionals took part in Squalio’s on-the-spot survey, sharing where their organizations plan to invest over the coming years and what challenges may slow progress.

For more than a decade, CyberChess has been a cornerstone of the Baltic cybersecurity ecosystem, bringing together experts, policymakers, telecom and internet providers, industry leaders, and technology practitioners. The conference continues to play a critical role in addressing emerging threats, showcasing innovation, and strengthening collective cyber resilience across the region.

What IT Leaders Are Prioritizing for 2026

When asked about their key focus areas for IT and cybersecurity improvements in 2025–2026, respondents consistently highlighted governance, compliance, and human capability. Rather than chasing quick wins, organizations are investing in the foundations required for long-term resilience and regulatory readiness.

Top focus areas

• Cybersecurity audits and regulatory compliance (NIS2, DORA, GDPR): ~56%
• Employee IT and cybersecurity training and development: ~51%
• Penetration testing and vulnerability management: ~42%
• Cyber incident response planning: ~37%
• IT security management policies and procedures: ~31%
• Business continuity and disaster recovery planning: ~27%
• SOC implementation: ~22%
• AI integration in workflows: ~20%
• SIEM and security automation deployments: ~19%
• Workplace modernization and migration to cloud: ~15% each
• Establishment of a dedicated CISO role: ~9%

These results point to a maturing cybersecurity mindset. Baltic organizations are prioritizing structure, compliance, and people, not just technology. The strong emphasis on training and audits reflects a growing understanding that cybersecurity starts with awareness, governance, and repeatable processes.

What’s Slowing Progress

While strategic intent is clear, respondents also identified several barriers that may hinder execution in the run-up to 2026:

• Budget limitations: ~59%
• Lack of qualified cybersecurity staff: ~39%
• Unclear priorities or strategy: ~20%
• Dependence on external providers: ~17%
• Limited internal expertise or knowledge: ~15%
• Organizational resistance to change: ~10%
• No significant barriers or high confidence in execution: ~22%

Budget constraints and talent shortages remain the dominant challenges. Even as cybersecurity becomes a board-level priority, many organizations struggle to align funding and skills with growing regulatory and threat-driven demands. At the same time, it is encouraging that more than one-fifth of respondents feel confident in their ability to execute, signaling increasing maturity in parts of the Baltic market.

Key Takeaways for 2026

Three clear themes emerge from the survey results:

1. People are the new perimeter.
The focus on training, combined with ongoing skills shortages, shows that cybersecurity success increasingly depends on human capability alongside technology.

2. Cyber maturity before AI acceleration.
AI is firmly on the agenda, but most organizations are prioritizing strong governance, compliance, and core security controls before scaling automation or AI-driven solutions.

3. Budget pressure will shape delivery models.
Financial constraints are likely to drive greater adoption of managed security services, shared platforms, and automation as organizations look to do more with limited resources.

Looking Ahead

The insights from CyberChess 2025 paint a picture of a realistic, maturing Baltic IT landscape preparing for 2026 with a focus on sustainable cybersecurity growth. IT leaders clearly recognize that compliance, governance, and skilled people form the foundation of long-term cyber resilience.

At Squalio, we are proud to contribute to this dialogue and to support organizations across the Baltics and beyond in turning strategy into action. From audit and compliance alignment to managed security services, training, SOC operations, and cloud modernization, our teams help customers build secure, compliant, and cost-effective IT environments.

If your organization is preparing for upcoming regulatory requirements or looking to strengthen its cybersecurity posture ahead of 2026, get in touch with the Squalio team. Together, we can transform today’s challenges into tomorrow’s security advantage.

From Insight to Contribution

The survey also served a broader purpose. For every completed response, Squalio committed €5 to the “Dod Pieci!” charity initiative and ultimately increased the contribution in recognition of the strong engagement from the community. In total, Squalio is donating €2,500 to support the initiative. This approach reflects the belief that strengthening digital resilience can go hand in hand with supporting meaningful social causes. Those who wish to contribute further can do so at https://www.ziedot.lv/dod-pieci-2025-5641.