Insight

As global economic pressures increase and budgets across both public and private sectors are cut, Anthony Young, CEO at Bridewell, a company that provides cybersecurity services to CNI organisations, is warning of a critical inflection point for 2026, where organisations are facing more cyber threats with fewer resources to defend against them. According to Young, the cumulative effect of years of belt-tightening across cybersecurity teams and agencies is beginning to surface in major breaches and...

In 2025 we’re not just fighting today’s headline-grabbing cyber threats, but we’re also preparing for tomorrow’s. Technology is evolving at a pace that is both fuelling progress for defenders and powering new tools for bad actors. The same advances that drive discovery and innovation also give cybercriminals new ways to attack faster, more broadly and with greater impact. One of the clearest examples of this dual advancement is quantum computing: a breakthrough that could change...

The team at KnowBe4 Threat Labs has uncovered an emerging advanced phishing campaign targeting Microsoft 365 users globally to steal their credentials. This powerful new phishing kit, which KnowBe4 have named 'Quantum Route Redirect', was initially discovered in early August. Quantum Route Redirect comes with a pre-configured set up and phishing domains that significantly simplifies a once technically complex campaign flow, further “democratising” phishing for less skilled cybercriminals. It is thought to primarily target Microsoft...

A new research report from Nagomi Security has revealed that, over the past six months, nearly three quarters (73%) of US CISOs have reported a significant cyber incident. The 2025 CISO Pressure Index emphasises how continuous widespread breaches and rising internal strain are reshaping the Chief Information Security Officer (CISO) role. Nagomi’s 2025 CISO Pressure Index is based on a quantitative survey of 100 US-based CISOs across major industries. Interestingly, the most consistent pressure isn’t coming...

APIs are now the action layer of AI that make up your API fabric. Every LLM workflow, agent, and MCP tool call rides on an API. This makes API governance the working heart of AI governance, especially with the arrival of landmark frameworks like the EU AI Act and ISO/IEC 42001. These new regulations turn compliance from a productivity limiter to a business accelerator with measurable efficiency and risk-reduction outcomes. In short, how much time...

The concept of having a single suite of interconnected products, which come without the headache of installations and with optimal performance from each facet, is sometimes the best option. The other consideration is to go for a ‘best of breed’ selection of products, which may not work together and leave you with vulnerable spots even whilst using the best technology. This is an issue that cybersecurity vendors are well aware of, and they add new...

When Fortra disclosed CVE-2025-10035 in GoAnywhere MFT last month, many security teams likely experienced a familiar sinking feeling. Another critical vulnerability. Another emergency patch cycle. Another race against ransomware operators. But this latest maximum-severity flaw reveals something more troubling than a single vendor's coding error. It exposes the fundamental fragility of how organisations handle their most sensitive data transfers. The numbers tell a sobering story. According to recent industry research, Managed File Transfer (MFT) platforms...

In 2025, the importance of a top-quality and well-functioning website cannot be overstated. Forgetting this is a costly mistake, but an even greater one is failing to ensure that a website is fully functional for everyone. That’s where website accessibility comes in, which is the practice of designing digital experiences to be usable by people with disabilities. Over the years, it has shifted from a niche, 'nice-to-have' feature to a core imperative. The question is...

New research by ISACA has found that over a third (39%) of European IT and cybersecurity professionals report that their organisation is experiencing more cybersecurity attacks than this time last year. Yet despite this rising wave of attacks, confidence in organisational readiness remains low, with only 38% of professionals stating they are completely confident in their organisation’s ability to detect and respond effectively. As attacks continue to increase in scale and scope, the pressure on...

Keeper Security has announced a new integration with Google Security Operations (GoogleSecOps). The integration streams privileged access activity from Keeper into the Google SecOps platform, which unifies Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR) and threat intelligence, to give security teams real-time visibility and faster incident response. As attackers increasingly leverage AI-driven techniques and sophisticated cyber campaigns, organisations must improve both visibility and speed of response. By combining Keeper’s Advanced...