Insights

Organisations invest heavily in strengthening their internal networks. Yet despite this, breaches continue to rise. Why? The answer is that attackers are no longer targeting the front door. They are walking in through trusted third parties.

Anthropic’s Claude Mythos Preview has triggered a wave of bold claims about the future AI and its role in cybersecurity. Reports of thousands of vulnerabilities discovered, including issues that have supposedly existed undetected for decades, position the model as a transformative force in both attack and defence. Alongside this, initiatives like Project Glasswing signal an industry effort to get ahead of the risks before they fully materialise.

In today’s digital landscape, organisations are operating across an increasingly complex mix of IT, cloud, SaaS, IoT, and OT environments. Each new asset, user, or connection expands the attack surface, often in ways that are difficult to track and even harder to secure. This growing complexity introduces significant cybersecurity risk, particularly when unknown or unmanaged assets become entry points for attackers. Managed Attack Surface Management (ASM) addresses this challenge directly by providing continuous visibility, prioritised risk reduction, and proactive remediation.

Managed Detection and Response (MDR) is undergoing a fundamental transformation. As threat actors evolve their techniques and leverage artificial intelligence at scale, MDR must shift from a reactive service into a proactive, intelligence-led capability. The traditional model of alert triage and incident response is no longer sufficient on its own. Instead, MDR in 2026 is defined by convergence, automation, and a deeper focus on exposures and attack paths.

For organisations aligning with ISO 27001 or PCI DSS, understanding where penetration testing is mandatory versus expected best practice is critical for both compliance and effective risk management.

When geopolitical tensions escalate, most attention is placed on physical conflict, economic disruption and political fallout. What is often less visible, but already unfolding in parallel, is a surge in cyber activity.

Cyber crime is often misunderstood as the work of lone hackers operating in isolation. In reality,  cybercriminal activity more closely resembles a structured business ecosystem, with clearly defined roles, supply chains, and even performance expectations. Many cybercriminal gangs operate with the same level of organisation as legitimate enterprises, distributing responsibilities across specialised functions to maximise efficiency, reduce risk, and scale operations.

First emerging in online forums in the early 2010s, the Dead Internet Theory suggested that genuine human interaction on the internet had peaked, with bots, algorithms, and automated systems beginning to dominate online activity.

Endpoint Detection and Response (EDR) remains a foundational element of modern cybersecurity. It provides deep visibility into activity occurring on endpoints such as laptops, servers, and workstations, allowing security teams to detect suspicious behaviour, investigate incidents, and respond to threats more effectively than with traditional antivirus tools.

International Digital Cleanup Day on 21 March is often framed as a reminder to clear out old photos or tidy up personal inboxes. For business leaders, however, it should prompt a far more serious conversation. The unmanaged accumulation of corporate data has quietly become a source of risk rather than value.

Modern cyber attacks are rarely isolated incidents. More often, they form part of sustained campaigns conducted by persistent threat actors. Once attackers successfully compromise an environment, they frequently return, either because they still have access or because the weaknesses that enabled the breach remain exploitable. Like any criminals, they tend to favour the path of least resistance. If an organisation’s defences appear weak or poorly monitored, it becomes a more attractive target than one with stronger security controls and visible detection capabilities.

Studies show that around 80% of SMEs have experienced a cyber incident, yet many still lack dedicated security expertise or in-house capability. At the same time, regulators, insurers and customers are placing increasing pressure on small and medium-sized businesses to demonstrate basic security controls and preparedness.