The $19.5 million insider risk problem
Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks …
Open-source security debt grows across commercial software
Open source code sits inside nearly every commercial application, and development teams continue to add new dependencies. Black Duck’s 2026 Open Source Security and Risk …
Cyber valuations climb as capital concentrates, AI security expands
Venture funding in cybersecurity continued to concentrate in large private rounds at the end of 2025, driving valuations higher across stages. Data from DataTribe shows total …
Security and complexity slow the next phase of enterprise AI agent adoption
Enterprise AI agents are embedded in routine business processes, particularly inside engineering and IT operations. Many organizations report active production deployments, …
Quantum security is turning into a supply chain problem
Supplier onboarding, invoice processing, and procurement platforms run on encrypted data flows that were built for long-term trust. In many organizations, that trust still …
OT teams are losing the time advantage against industrial threat actors
In many industrial environments, internet-facing gateways, remote access appliances, and boundary systems sit close enough to production networks that attackers can move from …
Cyber risk is becoming a hold-period problem for private equity firms
Private equity firms have spent years treating cybersecurity as an IT hygiene issue inside portfolio companies. That approach is getting harder to sustain as ransomware, data …
Cloud teams are hitting maturity walls in governance, security, and AI use
Enterprise cloud programs have reached a point where most foundational services are already in place, and the daily work now centers on governance, security enforcement, and …
Security teams are paying for sprawl in more ways than one
Most enterprises run security programs across sprawling environments that include mobile devices, SaaS applications, cloud infrastructure, and telecom networks. Spend control …
AI is driving a new kind of phishing at scale
Email remains a primary entry point for attackers, and security teams continue to manage high volumes of malicious messages that change form across campaigns. Attackers …
Security work keeps expanding, even with AI in the mix
Board attention continues to rise, and security groups now operate closer to executive decision making than in prior years, a pattern reflected the Voice of Security 2026 …
Security teams are carrying more tools with less confidence
Enterprise environments now span multiple clouds, on-premises systems, and a steady flow of new applications. Hybrid and multi-cloud setups are common across large …
Featured news
Resources
Don't miss
- Testing reveals Claude Mythos’s offensive capabilities and limits
- Booking.com data breach: Customer reservation data exposed
- AI adoption is outpacing the safeguards around it
- Agentic AI memory attacks spread across sessions and users, and most organizations aren’t ready
- Review: The Psychology of Information Security