By 2026, the paradigm of network defence is set to undergo its most profound shift. For CISOs and Heads of Networking, the escalating velocity of AI-powered threats is rendering human-scale response obsolete.
According to Cybersecurity Ventures, these attacks are projected to cost the world $60 billion annually by 2025, creating pervasive and costly risk.
In this landscape, a self-defending network is no longer a futuristic concept but a strategic imperative. It represents the evolution from human-led, reactive security to an AI-native architecture capable of autonomous threat detection, isolation, and remediation, ensuring business resilience.
By 2026, the paradigm of network defence is set to undergo its most profound shift. For CISOs and Heads of Networking, the escalating velocity of AI-powered threats is rendering human-scale response obsolete.
According to Cybersecurity Ventures, these attacks are projected to cost the world $60 billion annually by 2025, creating pervasive and costly risk. In this landscape, a self-defending network is no longer a futuristic concept but a strategic imperative. It represents the evolution from human-led, reactive security to an AI-native architecture capable of autonomous threat detection, isolation, and remediation, ensuring business resilience.
Defining the self-defending, AI-driven network
The foundation of this shift lies in reimagining what a network can do. As Nick Harders, APJ Systems engineering director at HPE Networking, explains, "The self-driving network is here now. It's about transforming traditional network and security environments into an AI-native network that is autonomous and self-healing.
"Instead of being reactive, it's proactive. It extends the network operator's ability to focus on higher-level tasks by removing mundane activity." Nick Harders
Measuring value beyond uptime: Risk reduction and OPEX savings
For enterprise leadership, particularly CFOs, Harders suggests that the business case must be clear. He identifies two core metrics: "Risk reduction and OPEX savings are two of the key metrics."
On the operational expenditure side, measurable gains include "reduced time spent deploying networks," "the speed of deploying across many distributed sites," "reduced time managing and troubleshooting," and "increased user productivity due to improved reliability and user experience."
Harders adds that HPE uses a "Large Experience Model, which measures the actual user experience rather than just uptime."
For risk reduction, the focus is on "faster identification, containment, and mitigation of threats… through AIOps in Aruba Central and Juniper Mist, extending from the edge into the data centre."
Governing Agentic AI: Oversight, transparency, and compliance
The rise of "agentic AI" in 2025—where autonomous agents coordinate and act—demands new governance.
Harders outlines three non-negotiables: "One. Policy guardrails with human oversight – Humans must remain in the loop. For example, even if AI identifies a required change, humans may schedule that change at a safer time.
"Two. Auditability and transparency by default – Chain-of-thought visibility is essential. It lets humans see how AI arrived at its conclusion, building credibility and trust.
"Three. Regulatory and compliance alignment – AI won't automatically align with regional regulations or business policies. Humans must ensure compliance—essential across APAC's varied regulatory landscape."
Navigating APAC Data Sovereignty in Autonomous Networks
Asia-Pacific's fragmented data laws pose unique challenges. Harders notes, "APAC has many different regulatory requirements, so we offer multiple deployment models: On-prem, Air-gapped (common in federal and financial sectors), Public cloud, Private VPC, Cloud instances deployed in specific countries to meet residency requirements."
Critically, "We anonymise and secure data before training models, removing personal information. Once trained, the AI model itself can be deployed on-prem, allowing organisations to use AI without sending data out of the country." Nick Harders
Balancing speed and precision in AI-powered threat response
AI threats now include social engineering and polymorphic code, demanding adaptive defences without operational disruption. Harders explains HPE's approach: "We rely on behaviour-based threat detection—monitoring user behaviour and traffic patterns 24/7 and comparing this against learned baselines."
To curb false positives, "We incorporate human feedback, ensuring alignment with each customer's risk profile. We also automate responses with safety nets so critical actions can be escalated rather than auto-executed when needed."
Building trust in predictive network AI
CISOs must validate AI-driven recommendations before acting. Trust, says Harders, "builds as results build." HPE supports validation through "User experience simulation (Aruba UXI, Marvis Minis), Digital twins to simulate remediation effects before applying them, [and] Personalised insights aligned to customer environments. This builds confidence that AI recommendations are sound and reliable."
Securing the AI infrastructure itself
As AI becomes central, its infrastructure becomes a prime target. HPE's response is "Zero Trust AI Operations, which include: Securing the full AI supply chain, ensuring data integrity and controlled access, Code signing for algorithms, Isolating and hardening AI platforms, Private, custom LLMs, Air-gapped training environments, [and] Continuous verification of all AI interactions."
Converging network and security for genuine zero trust
Traditional silos between networking and security teams hinder effective Zero Trust. Harders observes, "Zero trust is now a shared model between network and security teams. NetSec convergence provides: A single source of truth, Unified visibility across users, devices, and traffic, [and] Centralised policy with distributed enforcement."
Cultivating the next-gen NetSec engineer
Bridging cultural and technical gaps is essential. The future NetSec engineer, according to Harders, requires "Automation, scripting, and analytics skills," "Cross-training: Network engineers understanding security; Security engineers understanding networking," "Cloud-centric architecture skills," and "The ability to translate business requirements into technical solutions."
Human-AI collaboration in incident response
During crises, roles must be clearly defined. "AI handles speed and scale—monitoring and correlating telemetry 24/7. Humans handle complex, high-impact decisions," Harders states unequivocally.
"Final kill-chain authority must sit with humans. Ideally, AI automates within the kill chain, and humans orchestrate across the kill chain." Nick Harders
Strategic skills for the AI-native security era
As AI assumes tactical duties, human value shifts. Harders identifies three strategic skillsets: "One. Strategy – Architecture design, Maximising AI ROI; Two. Oversight – Ensuring AI decisions remain ethical and compliant; Three. Collaboration – Translating between business and technical teams, Strong interpersonal skills."
Conclusion: A call to action for Asia's technology leaders
Looking into 2026, Harders offers CISOs and CIOs three imperatives: "One. Embrace NetSec convergence – unified teams deliver stronger outcomes. Two. Adopt the self-driving network now – it already exists; ROI grows with trust. Three. Develop an enterprise-wide AI strategy – what to build in-house vs. what to adopt via embedded AI."
He concludes with a forward-looking perspective: "AI can generate new revenue streams, operational efficiencies, and competitive advantages. Every enterprise needs a clear AI plan."
Click on the PodChats player to hear Harders elaborate on why 2026 demands a self-defending network.
- Define a self-defending network.
- How can we effectively measure the ROI of self-healing, AI-driven networks beyond traditional uptime metrics, such as risk reduction or operational expenditure savings?
- As we deploy agentic AI for autonomous network operations, what new governance and audit frameworks are required to ensure its decisions remain aligned with business objectives and compliance mandates?
- In a region with diverse data sovereignty laws, how can we design our autonomous network architecture to ensure that data for AIOps and security analytics is processed and stored in compliance across different Asian jurisdictions?
- With AI-powered threats capable of social engineering and polymorphic code, how do we ensure our AI-native defences can adapt quickly enough without generating excessive false positives that disrupt business?
- To what extent can we trust predictive insights from our network AI, and what processes are needed for human teams to validate and act upon these proactive recommendations?
- Given the increased reliance on AI, how do we protect AI's own infrastructure—the data pipelines, models, and control loops—from becoming a primary target for sophisticated threat actors?
- With the attack surface expanding to include every connected user and device, how does a converged NetSec strategy fundamentally change our approach to implementing and enforcing a zero-trust architecture?
- As networking and security teams converge, how do we bridge the cultural and skills gap to create unified "NetSec" engineers, and what does their new career path look like?
- What is the realistic division of responsibility between human teams and AI agents in a security incident response loop, and where should the final 'kill chain' authority lie?
- What strategic, human-centric skills should we be prioritising in the recruitment and training of our next-generation NetSec professionals?
- 2026 predictions and advice for CISOs, CIOs, and network heads?
