The article discusses the persistent debate around the CISO's reporting line, arguing that this issue reflects a deeper organizational struggle with defining the CISO's role and authority. It emphasizes that the reporting line is less important than the CISO's organizational standing to influence decisions across various departments and that the ongoing debate highlights a tendency to view cybersecurity as a technical rather than a leadership issue.
Sophos CISO Ross McKerchar discusses leadership challenges in scaling security operations, the importance of talent retention, and the evolving threat landscape, particularly concerning AI-enabled attacks. He also highlights a growing trust deficit within the cybersecurity industry.
Research indicates that the definition of cyber resilience is inconsistently applied across regulatory frameworks and organizations, creating systemic risk for leadership. Without a standardized definition, boards struggle to oversee, measure, and evaluate their organization's resilience to cyber threats.
Bruce Schneier has announced his upcoming speaking engagements for early 2026. These include appearances at DemocracyXChange 2026, the SANS AI Cybersecurity Summit 2026, Nemertes [Next] Virtual Conference Spring 2026, and RightsCon 2026.
Microsoft has introduced a expedited process for developers to restore access to their Windows hardware developer accounts. This follows numerous complaints from developers who found their accounts suspended without prior notice, hindering their ability to develop and test Windows hardware. The fast-track option aims to address these disruptions and streamline the reinstatement process.
Recorded Future has launched new pricing and packaging for its threat intelligence platform. These new offerings group capabilities into four solutions and three tiered plans, all of which include unlimited users and integrations.
Recorded Future has introduced new pricing and packaging for its threat intelligence platform. These new offerings bundle capabilities into four distinct solutions and three tiered plans, all featuring unlimited users and integrations.
Minimus, a company specializing in hardened and secure container images, has appointed Yael Nardi as its Chief Business Officer. In this role, Nardi will lead the company's growth strategy, focusing on scaling marketing and strategic alliances to address the evolving market landscape and the impact of AI on customer acquisition.
Full Sail University is launching an on-campus cyber defense range, leveraging IBM's Cyber Range platform and powered by AWS and Cloud Range. This initiative aims to provide students with hands-on training in cybersecurity defense strategies.
Pluralsight has launched a new platform called SecureReady, designed to assist organizations in building skilled cybersecurity teams. This initiative aims to address the growing demand for cybersecurity professionals by providing training and development resources to equip individuals with the necessary job-ready skills.
The article provides advice for Chief Information Security Officers (CISOs) looking to switch industries. It addresses the common perception that CISO experience is sector-specific and explains how to demonstrate transferable skills to overcome this challenge.
Kelly Jackson Higgins of Dark Reading provides a retrospective and forward-looking analysis of the cybersecurity landscape based on observations from the RSAC 2026 Conference. The article highlights how rapidly Artificial Intelligence is transforming the field.
A panel of C-suite executives debated the effectiveness of current cybersecurity metrics in demonstrating actual security improvements. They highlighted the challenges in translating these metrics into tangible business outcomes and improving overall security posture.
The RSAC 2026 Conference heavily featured discussions around AI's role in cybersecurity. Despite the technological advancements, the consensus emphasized that human expertise and decision-making remain paramount in the field.
Sophos has been recognized by Gartner Peer Insights for its Managed Detection and Response (MDR) service. Customers have provided positive feedback, highlighting the effectiveness of Sophos MDR in detecting and responding to cyber threats.
The article discusses observations from the 2026 RSA conference, highlighting the pervasive presence of AI in cybersecurity discussions. It identifies three archetypes of CISOs based on their preparedness for AI integration: proactive, curious and confused, and blissfully ignorant.
This article features an interview with Kyle Kohler, a Senior Product Manager at Recorded Future, discussing his role and experiences. The interview delves into his daily responsibilities and insights gained from working at a cybersecurity intelligence company.
Sophos has been recognized as a Gartner Peer Insights Customers' Choice for Managed Detection and Response (MDR) for the third consecutive year. This award is based on customer reviews and feedback, highlighting Sophos's performance and customer satisfaction in the MDR market.
CISOs are expressing strong enthusiasm for Artificial Intelligence (AI) and are planning extensive adoption of AI-powered security tools. This trend is supported by insights from Reddit CISO Frederick Lee and analyst Dave Gruber, who discuss the current practical applications and future potential of AI in cybersecurity.
This article discusses the prevailing theme of Artificial Intelligence at RSA Conference 2026, highlighting expert discussions on automation, human oversight, and the evolving role of human intelligence in cybersecurity. The US government's absence from the conference was also noted.
The cybersecurity M&A landscape saw 38 deals announced in March 2026, involving prominent companies such as Airbus, Cellebrite, Databricks, Quantum eMotion, Rapid7, and OpenAI. These acquisitions and mergers indicate a dynamic and consolidating market within the cybersecurity sector.
Linx Security has successfully raised $50 million in funding to enhance its identity security and governance solutions. The company plans to utilize these funds for accelerated product development, scaling sales and marketing initiatives, and expanding its international presence. This investment highlights the growing importance and market demand for robust identity management in cybersecurity.
This article is the weekly 'Seriously Risky Business' news summary, covering cybersecurity topics. It is sponsored by Knocknoc and available as a podcast.
A new study highlights that Latin America possesses a significant pool of self-taught cybersecurity talent that is often overlooked by organizations. The research suggests that companies should broaden their talent search to include these individuals, who are capable of filling critical roles in the cybersecurity landscape.
Depthfirst, a cybersecurity startup, has secured $80 million in Series B funding. The company plans to use these funds to expand its AI research team, develop more security models, and increase enterprise adoption of its solutions.
This article focuses on the role of IT leadership, particularly in the context of cybersecurity. It discusses the evolving responsibilities and strategic importance of IT leaders in navigating complex technological landscapes. The piece highlights the need for proactive and adaptive leadership to address modern security challenges.
Black Hat USA is a prominent cybersecurity conference that brings together security researchers, practitioners, and industry professionals. The event features technical talks, training sessions, and a vendor expo, covering a wide range of cybersecurity topics and emerging threats. It serves as a key platform for knowledge sharing and networking within the security community.
A Sophos report indicates that a mere 5% of organizations fully trust their cybersecurity providers, highlighting a significant trust deficit in the industry. The article emphasizes the need for greater transparency and trust between cybersecurity companies and their clients. It advocates for a commitment to radical transparency as a means to improve this relationship.
A recent Sophos survey found that only 5% of IT leaders express full trust in their cybersecurity vendors. This indicates a significant gap in confidence between organizations and the companies providing their security solutions.
Manufacturing and healthcare sectors face significant password security challenges, often stemming from internal resistance to stringent access controls and the exploitation of these weaknesses by external attackers. Both industries grapple with the perception of security measures as hindrances rather than necessary protections.
This article addresses common bottlenecks in Tier 1 Security Operations Center (SOC) operations, arguing that fragmented workflows, manual triage, and limited visibility are often bigger impediments than the threats themselves. It proposes three process fixes to improve Tier 1 productivity, reduce escalations, and enhance overall SOC response times.
This article summarizes vendor announcements made on the third and fourth days of the RSAC 2026 Conference. It provides a roundup of new products, updates, and insights shared during the event.
This article outlines eight steps CISOs can take to empower their cybersecurity teams. The core principle of empowerment is the absence of micromanagement, fostering autonomy, responsibility, and growth within the team. Key actions include building trust, providing clear goals, offering continuous feedback, and encouraging innovation.
Sophos is committing to radical transparency to build trust with its customers. This involves openly sharing information about product development, security incident responses, and the company's overall strategy. The goal is to empower customers with knowledge and foster stronger relationships.
European Union officials are taking a leading role in discussions about cybersecurity challenges at the RSA Conference, while US government representatives are notably absent. This shift highlights the EU's increasing prominence in shaping global cybersecurity dialogues.
Former CISA Director Jen Easterly expressed optimism about the future of cybersecurity at RSAC, emphasizing the importance of the event despite current anxieties. She also stated there is no immediate cause for panic regarding AI and its security implications.
Onit Security, a startup focused on exposure management, has successfully raised $11 million in funding. The company plans to allocate these funds towards enhancing its product development and expanding its go-to-market strategies.
This article provides a summary of vendor announcements made on the second day of the RSAC 2026 Conference. It highlights key industry developments and trends showcased at the event.
Telemetry data from Omnissa suggests that enterprise users are increasingly favoring Apple Macs and Google devices over Windows PCs. This trend is attributed to issues with Windows PCs being unreliable, unpatched, and less preferred by users.
This article summarizes vendor announcements made on the first day of the RSAC 2026 Conference. It provides a brief overview of the key news and updates shared by various security companies during the event.
The article highlights a significant and growing leadership gap within the Chief Information Security Officer (CISO) role globally. This gap is attributed to the increasing complexity of the cybersecurity landscape and the evolving demands placed on CISOs, leading to burnout and high turnover rates.
The increasing specialization in cybersecurity roles and advanced tooling, while seemingly beneficial, is leading to a decline in foundational skills within security teams. This paradox results in organizations struggling with persistent basic issues like risk prioritization, tooling alignment, and business communication.
Security leaders are debating the necessity of human oversight in AI-driven security systems. The panel discussed whether AI can fully automate security operations or if human intervention remains crucial for effectiveness and trust.
This article provides a pre-event summary of announcements made by vendors in anticipation of the RSAC 2026 conference. It highlights key takeaways and trends that will likely be discussed at the upcoming security event.
RSAC 2026 is underway in San Francisco, with agentic AI expected to be a dominant topic of discussion among cybersecurity professionals. Notably, there is a conspicuous absence of representatives from the US federal government at the event.
The RSAC Innovation Sandbox competition has seen Artificial Intelligence dominate its list of finalists for this year. The 10 companies competing will present their innovative security solutions, vying for recognition as the most promising young security company.
Eclypsium, a company focused on device supply chain security, has secured $25 million in funding. The company plans to utilize this investment to enhance its platform's features and expand its network of channel partners.
The global cybersecurity landscape is facing a significant leadership gap, with a shortage of qualified CISOs. The article suggests that Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) are crucial in addressing this deficit by providing scalable security leadership.
1stProtect, a cybersecurity company, has announced it has raised $20 million in funding. The company's platform focuses on endpoint security, utilizing behavioral monitoring and user intent verification to detect and halt cyberattacks in real-time.
This article features a conversation with Ben Harris, who transitioned from being an "unintentional young hacker" to an adult CEO. Harris describes himself as having a rebellious spirit and a willingness to break rules, but emphasizes that he does not cause harm or damage.
