5 years of shifting cybersecurity behavior 2026-03-03 at 08:20 By Anamarija Pogorelec Online security is built through routine decisions made across devices and accounts. People choose how to create passwords, how often to reuse them, and how much effort to invest in protecting personal data. The National Cybersecurity Alliance and CybSafe’s Oh, Behave! The Cybersecurity […]
5 years of shifting cybersecurity behavior Read More »
Healthcare organizations are accepting cyber risk to cut costs 2026-03-03 at 08:00 By Anamarija Pogorelec Healthcare organizations are cutting cybersecurity budgets under financial pressure even as the threats targeting their systems intensify. A PwC survey of 381 global healthcare executives, conducted between May and July 2025, puts numbers to the gap between the risks the
Healthcare organizations are accepting cyber risk to cut costs Read More »
AI risk moves into the security budget spotlight 2026-03-02 at 09:08 By Anamarija Pogorelec Enterprises are pushing AI deeper into workflows that touch sensitive data across cloud platforms and SaaS apps. The 2026 Thales Data Threat Report, based on a survey of 3,120 respondents in 20 countries, places that shift alongside growing pressure on data
AI risk moves into the security budget spotlight Read More »
Your dependencies are 278 days out of date and your pipelines aren’t protected 2026-03-02 at 09:00 By Mirko Zorz Applications continue to ship with known weaknesses even as development workflows speed up. A new Datadog State of DevSecOps 2026 report examines how dependency management and pipeline practices are influencing exposure across cloud native environments. Across
Your dependencies are 278 days out of date and your pipelines aren’t protected Read More »
Security debt is becoming a governance issue for CISOs 2026-03-02 at 08:30 By Mirko Zorz Application security backlogs keep expanding across large development portfolios. Veracode’s 2026 State of Software Security Report puts numbers behind a familiar operational pattern, fixes lag discovery, and older weaknesses stay open across release cycles. 2026 findings against the 2025 baseline
Security debt is becoming a governance issue for CISOs Read More »
Ransomware activity peaks outside business hours 2026-02-27 at 12:18 By Anamarija Pogorelec Intrusions continue to center on credential access and timed execution outside standard business hours. The Sophos Active Adversary Report 2026 analyzes 661 incident response and managed detection and response cases handled between November 1, 2024 and October 31, 2025, spanning organizations in 70
Ransomware activity peaks outside business hours Read More »
The CISO role keeps getting heavier 2026-02-27 at 08:00 By Anamarija Pogorelec Personal liability is becoming a routine part of the CISO job. In Splunk’s 2026 CISO Report, titled From Risk to Resilience in the AI Era, 78% of CISOs said they are concerned about their own liability for security incidents, up from 56% last
The CISO role keeps getting heavier Read More »
Industrial networks continue to leak onto the internet 2026-02-27 at 07:30 By Mirko Zorz Industrial operators continue to run remote access portals, building automation servers, and other operational technology services on public IP address ranges. Palo Alto Networks, Siemens, and Idaho National Laboratory describe the scope of that exposure in the Intelligence-Driven Active Defense Report
Industrial networks continue to leak onto the internet Read More »
The $19.5 million insider risk problem 2026-02-26 at 09:09 By Mirko Zorz Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks Global Report, conducted by the Ponemon Institute and based on data from 354 organizations that experienced one
The $19.5 million insider risk problem Read More »
Open-source security debt grows across commercial software 2026-02-26 at 08:36 By Mirko Zorz Open source code sits inside nearly every commercial application, and development teams continue to add new dependencies. Black Duck’s 2026 Open Source Security and Risk Analysis Report data shows that nearly all audited codebases contain open source components, with average component counts
Open-source security debt grows across commercial software Read More »
Cyber valuations climb as capital concentrates, AI security expands 2026-02-25 at 08:59 By Sinisa Markovic Venture funding in cybersecurity continued to concentrate in large private rounds at the end of 2025, driving valuations higher across stages. Data from DataTribe shows total capital invested approached $150 billion for the year, with a disproportionate share flowing into
Cyber valuations climb as capital concentrates, AI security expands Read More »
Edge systems take the brunt of internet-wide exploitation attempts 2026-02-25 at 07:18 By Anamarija Pogorelec Internet-facing VPNs, routers, and remote access services absorbed sustained exploitation attempts throughout the second half of 2025, with nearly 3 billion malicious sessions recorded over 162 days. The concentration on edge infrastructure aligns with how attackers pursue initial access across
Edge systems take the brunt of internet-wide exploitation attempts Read More »
AI agents behave like users, but don’t follow the same rules 2026-02-09 at 08:19 By Anamarija Pogorelec Security and governance approaches to autonomous AI agents rely on static credentials, inconsistent controls, and limited visibility. Securing these agents requires the same rigor and traceability applied to human users, according to Cloud Security Alliance’s Securing Autonomous AI
AI agents behave like users, but don’t follow the same rules Read More »
Measuring AI use becomes a business requirement 2026-02-05 at 09:11 By Anamarija Pogorelec Enterprise teams already run dozens of AI tools across daily work. Usage stretches from code generation and analytics to customer support drafting and internal research. Oversight remains uneven across roles, functions, and industries. A new Larridin survey of enterprise leaders places measurement
Measuring AI use becomes a business requirement Read More »
AI is driving a new kind of phishing at scale 2026-02-05 at 09:11 By Sinisa Markovic Email remains a primary entry point for attackers, and security teams continue to manage high volumes of malicious messages that change form across campaigns. Attackers generate large numbers of messages with small variations in wording, structure, and delivery paths.
AI is driving a new kind of phishing at scale Read More »
Auto finance fraud is costing dealers up to $20,000 per incident 2026-02-04 at 07:08 By Anamarija Pogorelec Auto retailers see fraud as a regular part of selling and financing vehicles, something that shows up often enough to plan around, according to Experian. Income and identity fraud lead the list Most fraud problems start with the
Auto finance fraud is costing dealers up to $20,000 per incident Read More »
Open-source attacks move through normal development workflows 2026-02-03 at 08:18 By Anamarija Pogorelec Software development relies on a steady flow of third-party code, automated updates, and fast release cycles. That environment has made the software supply chain a routine point of entry for attackers, with malicious activity blending into normal build and deployment processes. A
Open-source attacks move through normal development workflows Read More »
AI is flooding IAM systems with new identities 2026-02-02 at 07:20 By Anamarija Pogorelec Most organizations view AI identities through the same lens used for other non-human identities, such as service accounts, API keys, and chatbots, according to The State of Non-Human Identity and AI Security report by the Cloud Security Alliance. AI identities inherit
AI is flooding IAM systems with new identities Read More »
Security work keeps expanding, even with AI in the mix 2026-01-30 at 08:07 By Sinisa Markovic Board attention continues to rise, and security groups now operate closer to executive decision making than in prior years, a pattern reflected the Voice of Security 2026 report by Tines. Within that environment, large numbers of teams already rely
Security work keeps expanding, even with AI in the mix Read More »
Security teams are carrying more tools with less confidence 2026-01-30 at 07:31 By Anamarija Pogorelec Enterprise environments now span multiple clouds, on-premises systems, and a steady flow of new applications. Hybrid and multi-cloud setups are common across large organizations, and they bring a constant stream of logs, alerts, and operational data. That environment already exists
Security teams are carrying more tools with less confidence Read More »