Salt Security announced a major expansion of its platform’s connectivity fabric with two new strategic integrations: the Salt Databricks Connector and the Salt Netlify Collector. These additions reinforce Salt’s “Universal Visibility” strategy, ensuring that security teams can capture deep API context from every corner of the enterprise, whether it’s a legacy on-premise server, a modern edge deployment, or the rapidly evolving Agentic AI Action Layer.

Securing the Agentic AI Action Layer at the Source. As enterprises rush to build Agentic AI, platforms like Databricks have become the operating system for AI workloads. While generalist security tools (CNAPPs) can scan Databricks infrastructure for misconfigurations, they remain blind to the actual behavior of the AI agents running inside.

The new Salt Databricks Connector bridges this gap, providing a dedicated API security discovery engine for Databricks environments. It specifically targets the “Agentic Action Layer,” identifying the Model Context Protocol (MCP) servers and AI agents that connect proprietary data models to the outside world.

The platform is easy to use, connecting in minutes without requiring complex instrumentation or manual configuration, while also providing action-layer visibility by instantly mapping which APIs and data sources internal AI agents are accessing, insight that traditional infrastructure scanners typically miss. At the same time, it enables unified governance, allowing teams to apply the same rigorous security policies to their AI workloads that they already enforce for their traditional APIs.

“Databricks is where the enterprise brain lives, but until now, we have not been able to see what the hands, the AI agents, are actually touching,” said Eric Schwake, Cybersecurity Director at Salt Security. “Generalist tools can tell you if your S3 bucket is open, but only Salt can tell you if an AI agent inside Databricks is actively leaking PII through an unmonitored API. We are turning the lights on in the agentic action layer.”

Rapid Support for the Modern Edge. Alongside AI visibility, Salt is addressing the fragmentation of modern web architectures. The new Salt Netlify Collector brings feature-parity traffic collection to decoupled frontend applications and Jamstack architectures.

Built to support major enterprise deployments, this collector demonstrates Salt’s agility and ability to rapidly build and deploy collectors as the market evolves. As organisations decouple their frontends and push logic to the edge, standard gateways are often bypassed. Salt ensures security travels with the code.

• Universal Reach: Extends Salt’s best-in-class traffic analysis to Netlify’s edge network.
• Rapid Adaptation: Showcases Salt’s flexible architecture, allowing the platform to support modern Content Delivery Networks (CDNs) and edge runtimes as fast as developers adopt them.

The Salt Databricks Connector and Netlify Collector are available immediately as part of the Salt Illuminate platform.

The post Salt Security Expands “Universal Visibility” with Specialized API Security for Databricks and Rapid Edge Support for Netlify appeared first on IT Security Guru.

Keeper Security has announced instant account switching and passkey enhancements across its mobile applications and browser extension. This update is said to be available across all major web browsers including iOS, Android and the Keeper Browser Extension. 

The instant account switching enables users to securely toggle between multiple Keeper accounts on the same device or web browser without logging out, white still upholding strict enterprise security controls. Users managing workflows from personal, family and business accounts can do so seamlessly across platforms without risking security.

Craig Lurey, CTO and Co-founder of Keeper Security, said: “Security and usability must work together, especially as users operate across devices and environments. With seamless account switching now available across mobile apps and browser extensions, Keeper is simplifying day-to-day access while maintaining the policy enforcement and protections organisations rely on.”

Keeper’s new updates facilitate the switching of accounts directly from the login screen or account menu. Switching occurs immediately without forcing a re-authentication when a session is still active on the backend. If it is disabled or if organisational policies require verification, a prompt to authenticate will appear before accessing another account. All enterprise controls remain enforced, including role-based access controls, device verification, multi-factor authentication and audit logging. 

In this update, Keeper also announced performance and usability improvements, embedded autofill cloud sync and improved search surfaces. In addition, passwordless adoption is said to be continuously advanced with conditional passkey creation that enables supported logins to be upgraded to passkeys automatically in the background. Once completed, users will be notified. 

These new updates follow Keeper’s recent JetBrains Extension launch that offers JetBrains Integrated Development Environment (IDE) users a smooth and reliable way to manage secrets within their development workflows.

The post Keeper Introduces Instant Account Switching and Passkey Improvements appeared first on IT Security Guru.

Next month, the annual Most Inspiring Women in Cyber Awards will take place at The BT Tower, London, celebrating some of the industry’s most inspirational – and oftentimes unsung – women.

Sponsored by Fidelity International, BT, Plexal and Bridewell, and proudly supported by industry-leading diversity groups WiTCH, WiCyS UK&I and Seidea, the 2026 event is set to be bigger than ever. To make sure everyone has had the chance to nominate, we’ve extended the nomination deadline until the 16th January 2026, 5pm GMT. 

For now, it’s time to introduce our 2026 judges, who have the exceptionally hard task of picking this year’s top 20 and five ones to watch… 

• Yasemin Mustafa, Director of the Cyber Security Portfolio at BT 
• Adam Haylock, Head of Global Cyber and Information Security Department at Fidelity International 
• Rebecca Taylor, Co-Author of Co-Author of Securely Yours: An Agony Aunts’ Guide To Surviving Cyber, and Threat Intelligence Knowledge Manager and Researcher at Sophos
• Adaora Uche, GRC Lead at THG (representing Seidea) 
• Joanne Elieli, Cyber Lead and Litigation Partner at Stephenson Harwood LLP
• Diane Gilbert, Senior Lead for Programmes at Plexal 
• Yvonne Eskenzi, Co-Founder of Eskenzi PR and Founder of The Most Inspiring Women in Cyber Awards
• Jennifer Cox, Director of Solutions Engineering, EMEA and APAC, at Tines (representing WiCyS UK&I)
• Hannah Arnold, London Ambassador for WiTCH – Women in Tech & Cyber Hub

The Gurus spoke to some of our judges about the 2026 awards and what they’re looking for in a good application. 

Adaora Uche, GRC Lead at THG 

Why are initiatives like this so important?

Initiatives like this matter because visibility changes possibility. Cybersecurity is still an industry where many women don’t see themselves reflected in leadership, technical authority, or decision-making roles. By intentionally spotlighting women who are doing impactful work, we challenge outdated perceptions of who belongs in cyber and what success looks like.

Beyond recognition, these initiatives create role models, momentum, and community. They validate the work women are already doing – often quietly and behind the scenes, and help open doors for others who are earlier in their journeys. Representation is not just symbolic, it is a powerful driver for inclusion, retention, and long-term change in our industry.

Why should people nominate?

People should nominate because inspiration often goes unrecognised unless someone speaks up. So much impactful work in cybersecurity happens behind the scenes. Particularly in governance, risk, privacy, and security leadership, where success often looks like problems prevented, risks mitigated, or the right questions being asked early. This kind of impact does not always attract attention, but it is critical.

A nomination is more than an accolade; it is an act of recognition and encouragement. It tells someone that their work matters, that they are seen, and that their journey can inspire others. Nominating also helps broaden the narrative of cybersecurity by showcasing diverse paths, backgrounds, and contributions that might otherwise go unnoticed.

What makes an ‘inspiring woman’ in cyber in your eyes?

First and foremost, I believe every woman in cybersecurity is inspiring. Simply showing up each day to help make the digital world safer, often in complex, high-pressure environments, is truly heroic.

An inspiring woman in cyber creates impact while lifting others as she progresses. She may be a technical expert, a strategist, a leader, or an educator, but what sets her apart is purpose, resilience, and a commitment to making the space better than she found it. She does not just respond to challenges, she anticipates them, questions the status quo, and contributes to safer, more ethical, and more inclusive digital environments.

She does not need to dominate the room to lead. Her credibility comes from consistency, thoughtfulness, and sound judgement. It also stems from her unwavering commitment to building systems and teams that are secure, resilient, and future-ready. Importantly, she uses her voice, whether in boardrooms, classrooms, or communities to share knowledge, mentor others, and make cybersecurity more accessible and human.

Adam Haylock, Head of Global Cyber and Information Security Department at Fidelity International 

Why are initiatives like this so important?

I often find myself in meetings counting the number of male versus female attendees. Too often, there are only one or two women in the room, surrounded by many more men.

In cyber, many men take for granted that they don’t have to overcome that initial sense of standing out before even contributing to the discussion or holding their ground. While we are making some progress in addressing the gender imbalance, initiatives like this are vital in keeping the spotlight on an issue that still matters deeply. They help encourage more women to put themselves forward, particularly where they may previously have hesitated, and to feel recognised and valued for the outstanding work they do, inspiring others along the way. 

Why should people nominate?

Nominations reinforce the value that female talent brings to our field. Diversity of thought, approach and communication is critical in cyber, a discipline that is as much about culture and behaviour as it is about technology.

Recognising and celebrating female talent strengthens that value proposition, especially when nominations come from male colleagues who see first-hand, and rely on, the expertise and impact that women bring to our teams.

What makes an ‘inspiring woman’ in cyber in your eyes?

Being in the minority in any environment can create invisible barriers and perceptions that are difficult to overcome. For me, an inspiring woman in cyber – a male-dominated field – is someone willing to step outside her comfort zone, try new things, take risks, and learn from setbacks.

Standing out in a male-dominated environment requires real courage, and that courage is inspiring in itself. We need more visible role models like this to attract more women into cyber and to show that it is a field where they can thrive, feel valued, and build rewarding careers.

Rebecca Taylor, Co-Author of Securely Yours: An Agony Aunts’ Guide To Surviving Cyber, and Threat Intelligence Knowledge Manager and Researcher at Sophos

Why are initiatives like this so important?

Initiatives like the ‘Most Inspiring Women in Cyber Awards 2026’ are so important because they shine a light on women who are accomplishing amazing things in an industry that is still largely male-dominated. Recognising these achievements in an inclusive and safe way helps ensure women feel seen, valued, and celebrated for their expertise and impact.

Beyond individual recognition, these initiatives also create visible role models. Seeing women celebrated for their achievements inspires others to enter the field, stay in the industry, and aim higher. It helps challenge outdated stereotypes, builds confidence, and fosters a stronger sense of community and belonging.

Ultimately, celebrating women in cyber isn’t just about awards – It’s about changing culture. It encourages equity, boosts morale, and helps build a more diverse, inclusive, and resilient cybersecurity industry for everyone.

Why should people nominate? 

People should nominate because recognition matters! Nominating is a powerful way to celebrate women who are accomplishing amazing things and making a real impact. Remember that a nomination (let alone a win!) can boost confidence, open doors to new opportunities, and remind someone that their work truly matters. Get those entries in!

What makes an ‘inspiring woman’ in cyber in your eyes?

In my eyes, an ‘inspiring woman in cyber’ is someone who brings others with them into the conversation. They lift people up, share knowledge, and create space for others to learn, grow, and feel they belong. They want to leave a positive footprint, not just through their work, but through the way they support and encourage those around them.  They are a role model, someone who shows what’s possible and inspires others to follow their own path in cyber with confidence and purpose.

It isn’t about money, job titles, or seniority. It’s about impact. An inspiring woman is thriving in what they do, and you can see that they genuinely love their work. That passion is contagious and motivating to others.

Joanne Elieli, Cyber Lead and Litigation Partner at Stephenson Harwood LLP at Stephenson Harwood LLP

Why are initiatives like this so important? 

Initiatives like this are instrumental in recognising and celebrating the achievements of women in cybersecurity, helping to raise their visibility and inspire others. These initiatives encourage diversity, challenge stereotypes, and can empower the women being recognised to stay and advance in the field. By providing networking opportunities and driving positive industry change, initiatives like this can also help to create a more inclusive and innovative cyber sector.

Why should people nominate? 

Nominating women in the cyber industry is a meaningful way to recognise and celebrate their expertise, dedication, and achievements. Formal nominations help to bring the contributions of our exceptional women to light, ensuring they receive the appreciation they deserve. This visibility can inspire other women and girls to pursue careers in cybersecurity, which in turn fosters a more diverse and inclusive industry.

What makes an ‘inspiring woman’ in cyber in your eyes?

An inspiring woman in cyber, in my eyes, is someone who demonstrates exceptional skill and dedication to her work while also uplifting and supporting others in the industry. She is passionate about solving complex problems and is eager to learn and adapt in a rapidly changing industry. Beyond her technical abilities, she actively shares her knowledge, mentors others, and advocates for diversity and inclusion. Her resilience in overcoming challenges and her willingness to break new ground make her a role model for both current and future generations in cybersecurity.

Jennifer Cox, Director of Solutions Engineering, EMEA/APAC, at Tines

Why are initiatives like this so important?

Women’s representation in cybersecurity still has a lot of ground to cover, and initiatives like this shine a light on those who are making an impact both technically and culturally. Recognition not only celebrates achievement but also helps change perceptions;  it shows the next generation that there’s space for them here, no matter their background or neurotype. When we platform diverse voices, we accelerate innovation and make our industry stronger, more inclusive, and more human.

Why should people nominate?

Nominating someone is a simple but powerful act of allyship and pride. Many brilliant women in cyber are so focused on lifting others up or doing the hard, often invisible work that they rarely stop to celebrate themselves. A nomination says, “I see you, I value what you’re doing, and you’re shaping this industry.” You never know who might need that encouragement to keep going or step into an even bigger role, and for other women just starting their cybersecurity careers visibility of these trailblazers and their capabilities is key.

What makes an ‘inspiring woman’ in cyber in your eyes?

For me, an inspiring woman in cyber is someone who leads with both competence and compassion. She’s technically grounded, but she also uses her voice and position to make space for others; especially those whose stories aren’t often heard. She’s authentic, curious, resilient, and not afraid to challenge the norm. Above all, she shows that success in cybersecurity isn’t about fitting a mould; it’s about rewriting it so more people can belong.

 

—

You can nominate here. 

The post Most Inspiring Women in Cyber 2026: Meet The Judges appeared first on IT Security Guru.

This week, Keeper Security the launch of its JetBrains extension, offering JetBrains Integrated Development Environment (IDE) users a secure and seamless way to manage secrets within their development workflows. By integrating directly with the Keeper Vault, developers can replace hardcoded secrets with vault references and execute commands using injected credentials, ensuring sensitive data remains protected at every stage of development. 

Secure secrets management protects the credentials, API keys, tokens and certificates that applications rely on to function safely. When these secrets are mishandled, such as being stored in plaintext, hardcoded into source code or shared insecurely, they become easy targets for attackers. The Keeper JetBrains extension eliminates these risks by allowing developers to store, retrieve and generate secrets from the Keeper Vault without leaving their IDE.

Unlike standalone plug-ins or external vault tools that rely on third-party servers, the Keeper JetBrains extension operates within a zero-knowledge architecture, ensuring all encryption and decryption occur locally on the user’s device. Integrated natively with Keeper Secrets Manager and KeeperPAM®, it brings enterprise-grade privilege controls directly into the developer’s workflow to deliver strong security without slowing down development. 

“Modern software development demands security at every layer,” said Craig Lurey, CTO and Co-founder of Keeper Security. “Integrating Keeper into JetBrains ensures developers can apply secure-by-design principles from the start, eliminating hardcoded credentials and strengthening the integrity of the software supply chain.”

The Keeper JetBrains extension provides a range of powerful capabilities, including secrets management that allows users to save, retrieve, and generate secrets directly from the Keeper Vault. It also supports secure command execution by enabling applications to run with secrets safely injected from the vault. In addition, the extension offers logging and debugging tools, giving users access to logs and the ability to enable debug mode for full operational transparency, and it supports cross-platform use across Windows, macOS, and Linux environments.

The JetBrains extension builds on Keeper’s broader KeeperPAM® platform, an AI-enabled, cloud-native privileged access management solution that unifies password, secrets, connection and endpoint management under a zero-trust, zero-knowledge framework. 

 

The post Keeper Security Launches JetBrains Extension appeared first on IT Security Guru.

As Santa starts his travels, experts are warning that his arrival could bring with it a range of cyber risks, from scams to insecure gadgets.

Whilst Santa prefers to deliver via chimney, most cybercriminals are looking for backdoors. In some cases, hackers prefer to deliver malicious communications via email. Worryingly, in 2025, scams are not just more common, they’re often harder to spot. Earlier this month, researchers from the team at Check Point detected 33,502 Christmas-themed phishing emails in the first two weeks of December, along with more than 10,000 fake advertisements being created daily on social media channels. Many mimic festive promotions, while others push fake Walmart or Home Depot deals, fraudulent charity appeals, and urgent delivery notices.

Why is this time of year so popular for cybercriminals? Ian Porteous, Regional Director, Security Engineering, UK & Ireland at Check Point Software, notes that “Cybercriminals love Christmas just as much as shoppers do, but for all the wrong reasons. This time of year, people are more exposed due to the sheer volume of digital interactions – shopping online, sending e-cards, and grabbing festive deals. That makes it the perfect opportunity for scammers.”

Which other types of attacks should consumers look out for?

Javvad Malik, Lead CISO Advisor at KnowBe4, highlighted a range of common festive scams that consumers should be alert to during the Christmas period. He warned that these include “fake courier messages – like texts from Royal Mail, DPD, Evri etc”, often claiming “we tried and failed to deliver” or asking recipients to “pay a small fee to release it”. Malik also pointed to deals that are too good to be true, such as “ridiculous savings, 90% off named brands”, as well as gift card scams and urgent favour requests, typically appearing as “a WhatsApp or email from your boss or family member usually”. Other tactics include charity scams involving “fake charities trying to pull at heartstrings during the season of giving”, fraudulent shopping emails claiming “your payment failed” or that “your Black Friday order couldn’t be processed”, and holiday job or side hustle offers that require victims to “pay an upfront fee for training or admin”, which in some cases can result in individuals unknowingly becoming money mules.

“Digital security at Christmas starts with prevention,” adds Ian Porteous from Check Point. “Staying alert and cautious online can make all the difference – protecting your personal information and ensuring a stress-free festive season.”

Javvad Malik from KnowBe4, urges consumers to ask the following questions before taking action:

• Was I expecting this?
• Is this how we normally do it?
• Is this invoking an emotional response?
• Is it time-sensitive (rushing me)?
• Have I checked it somewhere else?

 

The post Cyber Experts Warn of Increased Consumer Scams This Festive Season appeared first on IT Security Guru.

Once again, it’s predictions season. We spoke to experts from across the cybersecurity industry about what the future of cyber may look like as we head into 2026. From AI ethics and API governance to the UK’s Cyber Security and Resilience Bill and exponentially increasing threats, there’s set to be a big shake up to the industry next year (again). What it means to be cyber resilient, against a tide of increased threats, is, once again, changing.

So, let’s hear what the experts thing:

Rising Ransomware

Rebecca Moody, Head of Data Research at Comparitech:

“Even with a couple of weeks to go, ransomware attacks have increased significantly from 2024 to 2025. According to our statistics, 2024 saw 5,621 attacks, while 2025 has already seen 7,042 – a 25 percent year-on-year increase.

I expect the level of ransomware attacks to remain high throughout 2026 as hackers continue to exploit vulnerabilities, target key infrastructure, public services, and manufacturers, and seek to steal large quantities of data in the process. 

If 2025 has taught us anything, it’s that hackers see third-party service providers as the perfect target because they not only give them potential access to hundreds of companies through one source but also enable large-scale data breaches. Key examples include the recent attack on Marquis Software Solutions which has seen one of the largest data breaches of 2025 (1.35 million and counting) and has affected hundreds of banks and credit unions, and Clop’s Oracle zero-day vulnerability exploit which has seen over 100 companies affected to date. 

While companies are going to want to make sure they’re on top of all the key basics (carrying out regular backups, patching vulnerabilities as soon as they’re flagged, providing employees with regular training, and making sure systems are up to date), 2026 will hopefully bring increased awareness of the vulnerability companies face through the third party services they use. Although utilising third parties for various services is essential for a lot of organisations, it’s crucial these organisations are vetting and testing the software they’re using (where possible). Even with the most robust systems in place, this is irrelevant if the third parties they’re using aren’t adhering to the same standards.”

Compliance, Industry Guidance and Regulations

Jamie Akhtar, CEO and Co-Founder of CyberSmart: 

“The cyber market and its regulatory landscape are shifting quickly and organisations are starting to feel the pressure of a more demanding regime. This will continue throughout 2026. As the Cyber Resilience Bill comes into force, it brings with it mandatory adoption of the Cyber Assessment Framework across critical sectors. The scope of regulation expands as the definition of Relevant Managed Service Providers is broadened, placing managed service providers (MSPs) directly in the regulatory spotlight. This change introduces new duties around incident reporting, baseline security controls and formal assurance, meaning that both service providers and their customers must operate with far greater transparency and discipline. The CyberSmart 2025 MSP survey saw that this was already starting to happen. 77% of MSPs reported that their businesses’ security capabilities were already coming under greater scrutiny by prospects and customers. This suggests that MSP customers are more aware than ever of the importance of good cyber credentials in a potential partner – and this will only continue.”

Bill Dunnion, CISO at Mitel, said: 

“The future of cybersecurity lies in thinking like the adversary. Traditional defensive postures, firewalls, monitoring, and compliance checklists, are no longer sufficient against threats that move faster and learn continuously. Offensive security practices such as red teaming, threat hunting, and penetration testing will evolve from optional exercises to essential functions of risk management.

The guiding principle is simple: what you don’t know can hurt you. Proactively testing systems exposes blind spots before attackers do. The next generation of programs will combine structured frameworks, such as NIST and ISO, with continuous offensive assessments to create dynamic, adaptive defence ecosystems.

Mature organisations will recognise that compliance does not equal security. Instead, they will integrate continuous testing into their operations, utilising real-world attack simulations to enhance defences and quantify risk in business terms. The result is smarter, faster decision-making that results in better protection.”

Quantum Computing

Daniel dos Santos, Senior, Director, Head of Research at Forescout:

“[I predict that there will be] escalating attacks on unmanaged devices. Edge devices such as routers and firewalls, as well as IoT in the internal network such as IP cameras and NAS are all becoming prime targets for initial access and lateral movement, with a growing number of zero-days and custom malware. These devices are usually unmanaged and unagentable, so organisations need to invest in other forms of visibility, threat detection and incident response based mainly on network signals. This will ensure they can proactively mitigate the growing risk from these devices, detect when attacks leverage them and respond to those quickly to prevent them from becoming major incidents.

Growing number of hacktivist attacks. Most organisations have a threat model based on defending against cybercriminals and state-sponsored actors. Hacktivists until recently were treated as a “nuisance” because of their focus on DDoS and simple defacements. Now these groups have been growing in number and sophistication – targeting critical infrastructure at alarming rates. This will extend into 2026 and organisations need to ensure their threat models include these groups too.

Starting the migration to post-quantum cryptography (PQC). 2025 was the year when commonly used technologies, from web browsers to SSH servers, started implementing post-quantum cryptography. 2026 will be the year when organisations will need to inventory their network assets and understand what is already supporting the technology, what isn’t and what are the timelines to migrate. Especially in government, financial services and critical infrastructure, the migration to PQC will soon move from “something we should think about” to “we need to act now”. Organisations will need tools that can automatically and continuously inventory their network assets, since it’s not realistic to expect hundreds of thousands of devices to be manually checked.”

Simon Pamplin, CTO – Certes:

“If we’re talking about cyber challenges for 2026, I think the thing businesses really need to get their heads around is the widening gap between the pace of quantum-age cryptography and the speed at which most organisations update their production systems. Attackers don’t need a working, large-scale quantum computer right now to cause trouble. Many of them are already quietly collecting encrypted data, sticking it in storage, and waiting for the day they can crack it. That turns anything with a long shelf life, financial records, personal data, IP, into a liability on a timer. 

The problem is that too many organisations still behave as though the encryption they use today will protect them forever. It won’t. Shifting to post-quantum cryptography is  potentially challenging and slow to deploy, and most businesses massively underestimate how many of their legacy systems, third-party integrations and data flows rely on algorithms that simply won’t stand up to what’s coming. 

So, preparation has to begin before the threat is fully realised. Quantum computing isn’t some distant sci-fi concept anymore; it’s getting close enough that organisations can’t ignore it. Start by working out where your sensitive data actually goes, sort out the long-life data first, and separate out your truly critical data streams so one weak spot doesn’t bring the whole lot down. PQC isn’t something you bolt on, it’s a phased transition, and the ones who start early won’t be the ones panicking later.”

Darren Guccione, CEO and Co-Founder of Keeper Security:

“The quantum era will usher in extraordinary innovation and unprecedented risk. In 2026, business leaders will be faced with the reality that preparing for the post-quantum future can no longer wait.

“Harvest now, decrypt later” attacks are already underway as cybercriminals intercept and archive encrypted traffic for future decryption. Large-scale quantum computers running Shor’s algorithm will shatter existing encryption standards, unlocking a time capsule of sensitive data. From financial transactions and government operations to information stored in cloud platforms and healthcare systems, any data with long-term value is at risk.

While the timeline for practical use of quantum computers capable of breaking public-key cryptography remains uncertain, business leaders must take action now. Regulators worldwide are urging enterprises and public-sector organisations to inventory cryptographic systems, prepare for migration and adopt crypto-agile, quantum-resistant strategies.

In 2026, expect the conversation around quantum risk to shift from theoretical to tactical. Organisations will begin treating encryption not as a background control, but as a measurable component of operational resilience. Discussions once limited to cryptographers will move into boardrooms and procurement teams, as leaders demand visibility into how long their data can remain secure under existing models. The focus will broaden from purely technical readiness to governance, understanding where every key, certificate and encryption method is deployed across the enterprise and how quickly each can be replaced.

Forward-looking organisations will also start piloting hybrid cryptography that blends classical and post-quantum algorithms, testing performance, integration and cost. These early implementations will surface new challenges around key management, compatibility and standardisation, driving broader collaboration between governments, technology providers and enterprises.”

Experts at KnowBe4 said:

“Q-Day, the day when quantum computers become sufficiently capable of cracking most of today’s traditional asymmetric encryption, will likely happen in 2026. The security of these systems has never been more important. Organisations must strengthen human authentication through passkeys and device-bound credentials while applying the same governance rigor to non-human identities like service accounts, API keys and AI agent credentials.”

Agentic AI and Deepfakes

Ruth Azar-Knupffer, Founder at VerifyLabs.AI:

“By 2026, deepfakes will continue to be an accepted part of everyday life, like it is today. Not all of them will be harmful. Satire, memes and creative uses of AI will continue to entertain and even inform, but the real risk lies in how easily the same technology can be misused. We will see a sharp rise in deeply personal scams, impersonation and online abuse that feels more convincing than anything we have experienced before, because it looks and sounds real.

The impact will go far beyond financial loss. Deepfakes will increasingly damage relationships, reputations and mental well-being, eroding trust between people and in the information we consume. In an age where seeing is no longer believing, society will be forced to rethink what trust looks like online.

This shift will redefine digital literacy. It will no longer be enough to know how to use technology; people will need the confidence to question it. Verification, context and authenticity will become everyday considerations, not specialist concerns. Those who adapt will navigate AI with resilience, while those who don’t risk becoming overwhelmed by doubt and deception. Trust won’t disappear, but it will have to be rebuilt on new foundations, built on ones that recognise both the power and the limits of artificial intelligence.”

Eric Schwake, Director of Cybersecurity Strategy at Salt Security:

“Agentic AI will create a fundamental shift in how internal systems behave. As autonomous agents begin acting on behalf of users and applications, they will trigger a surge in internal API calls that far exceeds traditional human-driven traffic patterns. The impact will not be felt at the perimeter first. It will surface deep inside the stack, where shadow interfaces, legacy services, MCP servers and automation endpoints sit without the instrumentation needed to distinguish noise from legitimate business activity. Security teams will discover that their monitoring models, built for predictable and comparatively low-volume interactions, cannot interpret agent-generated activity. This will accelerate the move toward context-aware runtime protection and real-time behavioural baselining rather than static rules or credential checks.

As this shift unfolds, discovery will become the single most important capability in the API security budget. AI agents do not wait for formal onboarding processes before invoking new endpoints. They identify and call whatever interfaces appear relevant, whether sanctioned or not. In response, CISOs will transition from periodic inventory exercises to continuous, automated discovery across the entire API fabric. Visibility will need to extend into MCP infrastructures, internal endpoints and interfaces generated dynamically by agentic workflows. The guiding principle is straightforward: security cannot exist where visibility does not.”

James Moore, Founder & CEO of CultureAI:

As we move into 2026, the biggest risk isn’t AI itself, rather it’s the blind spots organisations still have around how their people and their tools are actually using it. Almost everybody is now using AI platforms, often without knowing what data those tools retain or how it’s used. With an abundance of AI comes an abundance of data loss. I predict three major threat shifts that will define 2026:

1. The rise of invisible AI usage, especially in everyday SaaS.

What people think of as ‘AI tools’ is too narrow. An AI app is any SaaS application that takes data and passes it into a model. Most organisations haven’t even scratched the surface of understanding that. I believe that embedded AI features within SaaS apps, beyond common AI tools like ChatGPT or Copilot, could contribute to enterprise data-loss incidents next year.

2. Legacy controls will continue to fail, not because they’re bad, but because they weren’t built for this problem.

 To solve AI data-loss, you have to understand the contents of every request going to an AI app. DLPs and CASBs simply weren’t built for that. You can’t just turn those apps off and block them all and hope for the best.

3. Agentic AI will create a new class of blind spots.

I expect that we will see the emergence of AI agents that act, browse, and make API calls independently. When AI starts taking actions on your behalf, you move from securing human behaviour to securing autonomous behaviour. Most organisations aren’t remotely ready for that.

However, I also believe that 2026 will be the year that enterprises unlock AI at scale. This can only be done if they treat usage as a governance and enablement problem, not a blocking problem. Our job isn’t to scare people away from AI. It’s to give them the visibility and control to use it safely, at speed. The organisations that win in 2026 will be the ones that move to the top-right quadrant: high adoption and high security, not one or the other.”

Simon Gooch, Field CIO & SVP Expert Services at Saviynt:

“AI is forcing organisations to rethink what identities are critical to manage and if they have the right tools and approaches to ensure they are able to support their organisation’s AI and technology transformation priorities. Identity has always been central to protecting systems and data, but AI is altering how we think about this construct. There is a growing realisation that identity is the single most critical currency of all technology transactions and having an integrated technology, security and identity strategy that is designed to this reality is key. In the new reality of our evolving tech ecosystem we’re no longer solely dealing with employees, partners, providers, privileged users and non-human constructs; we’re entering a world where automated processes, bots and AI agents hold access, make decisions and interact across networks, systems, supply chains and organisations. The adoption of AI-powered capabilities is happeing at a pace that the reality and implications of which is still not well understood. Often, organisations are still in a phase of discovering and testing what they can deliver, yet each deployment introduces a new point of possible risk. The result is an expanding and increasingly complex set of identity security challenges.

This shift has pushed identity out of the back office and into the heart of business operations, risk management and long-term planning. The difficulty, of course, is that most organisations are still managing legacy systems, hybrid environments and thousands of human identities while preparing for an AI-driven future, not to mention the non-human identities they already rely on. Identity security must now not only protect AI agents, but also harness AI itself if it’s to keep pace.

Amid all this change, we’re watching identity security evolve from a compliance exercise to a core security discipline, and now into an essential enabler for business transformation and AI adoption. Security and business leaders alike are working at pace to manage and govern human, non-human and AI agent identities in a way that is both resilient and scalable.”

Dipto Chakravarty, Chief Technology Officer at Black Duck:

“The traditional approach to vulnerability management and security testing will certainly be disrupted, primarily driven by the increasing adoption of AI in cybersecurity. The old software world is gone, giving way to a new set of truths defined by AI. AI will significantly alter how organisations identify and mitigate vulnerabilities, becoming both a tool for attackers and defenders. Threat actors will leverage AI to automate and scale attacks, while defenders will use AI to enhance detection and response capabilities. Organisations will need to invest in AI-driven vulnerability scanning and predictive analytics to stay ahead of emerging threats. AI-powered security tools will enable security teams to analyse vast amounts of data, identify patterns, and predict potential threats before they materialise. The role of AI in AppSec will be transformative, and organisations that fail to adapt risk being left behind. As AI continues to evolve, it’s essential for security leaders to prioritise AI-driven security measures and invest in the necessary skills and technologies to stay ahead of the threats.”

Next Generation Hackers

Anthony Young, CEO at Bridewell, said:

“Unfortunately, it’s unlikely that 2025’s headline breaches are not the peak, they’re the warning signs. As we move into 2026, the legacy of these cuts will continue to degrade organisations’ defensive posture. We’ll likely see fewer, but far more impactful, attacks focused on shared platforms, third-party suppliers and critical infrastructure.

Cybersecurity is now facing the same kind of social and economic pressures that drive crime in the physical world. When times get tough and oversight weakens, the barrier to entry for malicious activity falls. If we continue underinvesting in resilience and accountability, we risk normalising cyber aggression as a form of expression or protest.

Many organisations have been forced to delay modernisation, freeze hiring and reduce investment in defensive capabilities. The result is fewer defenders, slower detection, and weakened resilience, just as adversaries become more aggressive and technologically advanced.

This new wave of attackers doesn’t always fit the traditional profile. We’re seeing a generation that grew up online, with access to open-source data, leaked credentials and automated tools that make disruption easy. What’s changed is the lack of deterrence. In online communities, the reputational rewards of causing chaos often outweigh the perceived risk by these individuals of getting caught.”

The post We Asked the Experts: 2026 Predictions appeared first on IT Security Guru.

Keeper Security has announced the appointment of two new additions to its federal team, with Shannon Vaughn as Senior Vice President of Federal and Benjamin Parrish, Vice President of Federal Operations. Vaughn will lead Keeper’s federal business strategy and expansion, while Parrish will oversee the delivery and operational readiness of Keeper’s federal initiatives, supporting civilian, defence and intelligence agencies as they modernise identity security to defend against pervasive cyber threats.

Vaughn brings more than two decades of private sector, government and military service, with a career focused on securing sensitive data, modernising federal technology environments and supporting mission-critical cybersecurity operations. Prior to joining Keeper, Vaughn served as General Manager of Virtru Federal, where he led business development, operations and delivery for the company’s federal engagements. During his career, he has held multiple senior leadership roles at high-growth technology companies, including Vice President of Technology, Chief Product Owner and Chief Innovation Officer, and has worked closely with U.S. government customers to deploy secure, scalable solutions.

“Federal agencies are operating in an elevated environment with unprecedented cyber risk. Next-generation privileged access management to enforce zero-trust security is essential,” said Darren Guccione, CEO and Co-founder of Keeper Security. “Shannon and Ben bring a unique combination of operational military experience, federal technology leadership and a deep understanding of zero-trust security. They know how agencies operate, how threats evolve and how to translate modern security architecture into real mission outcomes. These exceptional additions to our team will be instrumental as we expand Keeper’s role in securing the federal government’s most critical systems, personnel and warfighters.”

Vaughn is a career member of the U.S. Army with more than 20 years of service and currently holds the rank of Lieutenant Colonel in the Army Reserves. In addition to his operational leadership, Vaughn is a Non-Resident Fellow with the Asia Program at the Foreign Policy Research Institute, where he contributes research and analysis on the intersection of future technology threats and near-peer adversaries. He has a graduate degree from Georgetown University and undergraduate degrees from the University of North Georgia and the Department of Defence Language Institute.

To support execution across federal programs, Parrish oversees the delivery and operational readiness of Keeper’s federal initiatives. Parrish brings extensive experience leading federal operations, software engineering and secure deployments across highly regulated government environments. Prior to joining Keeper, he held senior leadership roles supporting federal customers, where he oversaw cross-functional teams responsible for platform reliability, customer success and large-scale deployments.

Parrish is a retired U.S. Army officer with more than 20 years of service across Field Artillery, Aviation and Cyber operations. His experience includes a combat deployment to Iraq and operational support to national cyber mission forces through the Joint Mission Operations Center. He has supported Department of Defence and Intelligence Community missions, including work with the White House Communications Agency, Joint Special Operations Command, Defence Intelligence Agency and National Reconnaissance Office. Parrish holds a graduate degree in Computer Science from Arizona State University and an undergraduate degree in Computer Science from James Madison University.

In his role at Keeper, Parrish aligns product, engineering, security and customer success teams and works closely with government stakeholders to ensure secure, reliable deployments that meet stringent federal mission, compliance and operational requirements.

“Federal agencies are being asked to modernise faster while defending against increasingly sophisticated, identity-driven attacks,” said Shannon Vaughn, Senior Vice President of Federal at Keeper Security. “I joined Keeper because we are focused on what actually produces tangible cyber benefits: controlling who has access to what, with full auditing and reporting – whether for credentials, endpoint or access management. We are going to win by being obsessive about access control that is easy to deploy and hard to break.”

These appointments come as federal agencies accelerate adoption of zero-trust architectures and modern privileged access controls in response to escalating credential-based attacks. The FedRAMP Authorised, FIPS 140-3 validated Keeper Security Government Cloud platform secures privileged access across hybrid and cloud environments for federal, state and local government agencies seeking to manage access to critical systems such as servers, web applications and databases.

The post Keeper Security Bolsters Federal Leadership to Advance Government Cybersecurity Initiatives appeared first on IT Security Guru.

Salt Security has unveiled its “12 Months of Innovation” recap, a holiday-inspired look at the company’s product, partnership, and research momentum across 2025. As organisations raced to adopt AI agents, MCP servers and cloud-native architectures, Salt delivered an unmatched innovation “gift” to the industry almost every month, helping security teams keep pace with an expanding API attack surface.

From discovering zombie APIs and blind spots across the API fabric to securing AI agents and protecting MCP actions at runtime, Salt’s 2025 roadmap focused on one goal: giving security teams the visibility and control they need at the API action layer where applications, data, and AI intersect.

“In 2025, APIs didn’t just power applications, they powered AI agents, automation, and entire digital business models,” said Roey Eliyahu, co-founder and CEO at Salt Security. “That shift created massive new risk across the API fabric. Our team responded with a steady drumbeat of innovation across the year, so customers weren’t left defending yesterday’s problems while attackers moved on to tomorrow’s opportunities.”

The 12 Months of Innovation: A Year of Gifts for Security Teams

January – The Year Kicks Off with APIs at the Center
Salt Labs and early-year research showed how quickly API traffic and risk were growing, from zombie and unmanaged APIs to software supply chain vulnerabilities, setting the stage for why 2025 demanded a new approach to securing the API fabric. Security teams saw clearly that legacy tools weren’t built for dynamic, AI-driven environments.

February – A Spotlight on API Reality
Salt published its State of API Security Report and celebrated key industry recognition such as inclusion in top security lists, providing hard data on how fast API risk is growing. For CISOs and boards, the message was simple: API security is no longer a niche problem – it’s a core business issue.

March – Gold Medals & Rising Shadows
Salt’s innovation earned industry awards, including a Gold Globee, even as new blogs and research detailed how compliance pressure, data privacy obligations, and AI-driven attacks were expanding the API attack surface. Excellence and urgency moved in lockstep.

April – A Season of Partnerships & Paradigm Shifts
Salt deepened integrations with leading security platforms, including CrowdStrike, and strengthened protections for MCP server–driven architectures. These partnerships gave customers richer context and made it easier to bring Salt’s API intelligence into existing security workflows, connecting more of the enterprise API fabric into a cohesive defence.

May – The Cloud Era Gets Real
With cloud-native adoption surging, Salt expanded coverage for leading cloud environments and partners, powering posture governance, risk-aware recommendations, and alignment with emerging insurance and regulatory expectations. API security moved squarely into the boardroom.

June – Illuminate Everything
Salt launched Salt Illuminate along with expanded Cloud Connect capabilities, giving customers instant visibility into APIs across complex multi-cloud and hybrid environments. What was previously blind – shadow, zombie, and unmanaged APIs – suddenly came into view across the API fabric.

July – CISOs Sound the Alarm
Research and blogs from Salt Labs highlighted high-profile AI incidents, including conversational AI mishaps like the McDonald’s chatbot breach, and introduced Salt Surface to help organisations directly tackle their exposed API footprint. Visibility turned into prioritised, actionable defence.

August – Autonomous Everything
As organisations embraced autonomous workflows, Salt advanced protections for autonomous threat hunting and AI-driven security use cases, underscoring the inseparability of APIs and AI. The message: you can’t secure intelligent autonomy without securing the APIs – and API fabric – that power it.

September – Securing the AI Agent Revolution
Salt introduced the industry’s first solution to secure AI agent actions across APIs and MCP servers, protecting sensitive operations from prompt injection, abuse, and unintended access. This launch moved AI agent security from theory to practical, enforceable controls at the API action layer.

October – The Blind Spots Strike Back
New Salt data revealed the hidden risks in AI agent deployments and complex API ecosystems. Through detailed vulnerability breakdowns and guidance, Salt gave security and development teams the education and clarity they needed to modernise their security posture and better understand blind spots across their API fabric.

November – Security Starts in Code
Salt launched GitHub Connect and MCP Finder, enabling customers to discover shadow APIs, spec mismatches, and risky MCP configurations directly in code repositories and CI/CD pipelines – before deployment. Shift-left security met shift-right runtime intelligence across the API lifecycle, connecting design, code, and runtime behaviour.

December – Hello, Pepper
Salt closed the year by introducing Ask Pepper AI, a conversational assistant powered by the Salt platform, alongside MCP protection for AWS WAF. Security teams can now ask questions, investigate threats, and operationalise Salt insights in natural language while enforcing protection at the edge for MCP-aware and AI-driven applications.

“Instead of a partridge in a pear tree, security teams got 12 months of very real innovation – spanning discovery, governance, runtime protection, MCP and AI agent security, and now conversational investigation with Ask Pepper AI,” said Michael Callahan, CMO at Salt Security. “This year, customers told us they needed both visibility and speed. Our roadmap delivered both, and the market response has been tremendous. We delivered more API and AI security innovation in 2025 than any other player in our space.”

Looking Ahead to 2026

As organisations move deeper into AI-driven operations, agentic workflows, and API-centric architectures, Salt will continue to invest in securing the API action layer and API fabric – the place where AI, applications, and data intersect.

“In 2026, we expect APIs to become even more tightly woven into autonomous systems and mission-critical workflows,” added Eliyahu. “We’re already building the next wave of innovations so our customers can safely move faster than their adversaries.”

The post Salt Security Unveils its “12 Months of Innovation” appeared first on IT Security Guru.

In today’s world, it can be hard for awareness training to keep up with the modern threats that are constantly emerging. Today, KnowBe4 has announced a new custom deepfake training experience to counteract the risk of ‘deepfake’ attacks as they continue to rise. The experience, which is now available, aims to help employees defend against the advanced cybersecurity threats from deepfakes such as fraudulent video conferences and AI-generated phishing attacks. 

Deepfakes can be weaponised and utilised for fraud, disinformation campaigns and cause reputational damage across sectors. These types of deepfake attacks are now linked to one in five biometric fraud attempts, with injection attacks increasing 40% year-over-year, according to Entrust’s 2026 Identity Fraud Report. Security incidents related to deepfakes have increased, with 32% of cybersecurity leaders reporting a spike, according to the KnowBe4 The State of Human Risk 2025 report.

Perry Carpenter, chief human risk management strategist at KnowBe4, said: “Deepfakes represent a seismic shift in the threat landscape, weaponising AI to impersonate authority, exploit trust, and short-circuit the human decision-making process”

Carpenter continues: “Our new deepfake training strengthens the workforce’s instincts by providing a safe, tightly controlled environment for learning. All simulations are created and approved by administrators, ensuring ethical use while helping employees recognise narrative red flags, subtle performance inconsistencies, and other cues that manipulated media can reveal. Awareness and preparedness remain our strongest defences, and we are committed to equipping organisations with practical, measurable skills to stay ahead of these emerging threats.”

Deepfake video content is becoming more realistic and harder to discern from reality. Cybersecurity leaders must prepare their organisations for new and emerging threats, taking a proactive approach to their overall protection efforts. Through this new experience, cybersecurity and IT professionals now have the ability to generate a custom deepfake training experience featuring a leader from their organisation to demonstrate how convincing AI-powered social engineering has become and to deliver clear, actionable guidance on how to detect these attacks.

The post Next Gen Awareness Training: KnowBe4 Unveils Custom Deepfake Training appeared first on IT Security Guru.

Keeper Security has announced a new integration with ServiceNow® IT Service Management (ITSM) and the Security Incident Response (SIR) module. The integration allows organisations to securely ingest security alerts from across the Keeper platform directly into ServiceNow, enabling faster and more consistent investigation of incidents tied to credentials, secrets and privileged access.

Stolen credentials remain one of the most common entry points for cyber attackers. According to the 2025 Verizon Data Breach Investigations Report, 60% of cybersecurity breaches involve the human element, including compromised passwords and misuse of access. Keeper’s global research reinforces the urgency of protecting the identity layer, with 69% of organisations adopting Privileged Access Management (PAM) to defend against credential theft. Many of these threats originate from privileged and administrative activity, which organisations secure through solutions like KeeperPAM®, Keeper’s cloud-native PAM platform. The new ServiceNow integration helps teams operationalise these defences by routing high-priority identity and access alerts into the workflows they already rely on for incident management.

Craig Lurey, CTO and Co-founder of Keeper Security, said: “Identity-based attacks are growing more sophisticated, but the fundamentals remain the same. Defenders need reliable signals and immediate context, and this integration delivers both. By sending Keeper’s privileged access telemetry to ServiceNow in real time, security teams can focus on analysis and action instead of stitching data together. It’s a streamlined, practical way to strengthen visibility where it matters most.”

The Keeper Security ITSM application provides a guided setup experience and a secure, OAuth 2.0-protected webhook to receive alerts from the Keeper platform. Security teams can operationalise activities such as BreachWatch® detections of compromised passwords, changes in privileged user behaviour and high-risk actions involving credentials, secrets or privileged sessions. The integration automatically converts incoming alerts into SIR tickets with full contextual detail, allowing analysts to triage and investigate with greater accuracy and fewer manual steps.

The integration offers secure webhook ingestion protected by OAuth 2.0, automatically converting incoming alerts into SIR records to remove manual ticket creation and speed up response times. Administrators can map alert types to custom severity levels, configure the connection, and manage authentication tokens without any bespoke development. Each alert includes detailed metadata to support investigations, and the platform’s zero-knowledge architecture ensures Keeper cannot access or decrypt customer data, maintaining strong privacy and security throughout.

“Attackers don’t wait, so organisations shouldn’t wait either for the critical signals that can stop an attack before damage is inflicted,” said Darren Guccione, CEO and Co-founder of Keeper Security. “By bringing Keeper’s privileged access intelligence straight into ServiceNow, in real time, we’re giving organisations a faster path to detection and response at the identity layer, where most attacks begin.”

As organisations contend with increasingly distributed infrastructure and a rise in credential-driven attacks, consistent visibility across identity and privileged access tools is essential. Keeper’s integration with ServiceNow closes a persistent monitoring gap and strengthens an organisation’s ability to detect, investigate and resolve identity-related incidents quickly.

The post Keeper Security Launches ServiceNow Integration to Improve Visibility and Response to Cyber Attacks appeared first on IT Security Guru.

This week, Outpost24 announced the acquisition of Infinipoint, a specialist in device identity, posture validation, and secure workforce access. The acquisition marks Outpost24’s entry into the Zero Trust Workforce Access market and enhances its identity security division, Specops, by laying the foundation for a unified approach that evaluates both the user and the device before access is granted.

As organisations advance their Zero Trust strategies, authentication alone is no longer enough. MFA and SSO confirm who the user is, but they do not validate the security of the device being used. In hybrid environments where employees, contractors, and partners rely on a mix of corporate and unmanaged devices, this gap has become a significant source of risk. Ensuring that only secure, compliant devices can access critical systems is now essential to reducing credential misuse, preventing lateral movement, and maintaining regulatory assurance.

Organisations will benefit from the combined strengths of Specops’ unrivalled authentication and Infinipoint’s device identity and posture expertise, gaining a unified, context-aware approach to workforce access. This will allow organisations to evaluate both user and device trust at the moment of access, strengthening Zero Trust adoption while improving compliance and operational efficiencies by leveraging Infinipoint’s unique self-service and auto-remediation capabilities – across any device and any identity provider.

“With the strategic addition of Infinipoint’s unique capabilities to the Specops platform, we are setting a new benchmark for Zero Trust Workforce Access with a holistic security layer that ensures every access attempt is validated across both the person and their device,” stated Ido Erlichman, Chief Executive Officer of Outpost24. “This acquisition strengthens our identity security portfolio and supports our strategy to help customers reduce risk across every stage of the access journey.”

Shirona Partem, Managing Director of Specops, added: “For many organisations, securing access requires supporting both password and passwordless authentication. Infinipoint’s device identity and posture verification complement both models, giving customers stronger assurance that access originates from a trusted user on a trusted device. This addition enhances the Specops portfolio and broadens how we support organisations in protecting their workforce.”

Commenting on the acquisition, Ran Lampert, Chief Executive Officer and Co-Founder of Infinipoint, said: “We are excited to join the Outpost24 family, and bring device identity and posture enforcement to a wider global audience. Together, we are setting the new standard for Zero Trust access, combining user and device validation into a seamless security fabric that eliminates historic access vulnerabilities. This powerful integration delivers the true promise of Zero Trust, giving our customers the confidence to scale their businesses globally with secure, friction-free access for every employee, every time.”

The acquisition underscores the Outpost24’s commitment to advancing its exposure management and identity security capabilities and strengthens its role in delivering end-to-end visibility and control across identities, devices, and the external attack surface.

The post Outpost24 Acquires Infinipoint appeared first on IT Security Guru.

A new industry report by KnowBe4 suggests that organisations are facing a sharply escalating human-centred risk landscape as artificial intelligence becomes embedded in everyday work. The State of Human Risk 2025: The New Paradigm of Securing People in the AI Era, based on survey responses from 700 cybersecurity leaders and 3,500 employees who experienced an employee-involved incident in the past year, highlights a 90% surge in incidents linked to the human element.

The findings point to a widening attack surface driven by social engineering, unsafe employee behaviour and simple mistakes. According to the report, 93% of surveyed leaders experienced incidents in which cybercriminals exploited employees directly. Email continues to dominate as the primary battleground, with a 57% rise in email-related incidents and 64% of organisations reporting external attacks delivered through email. Human error remains a major weak point, with 90% of organisations facing incidents caused by employee mistakes, while malicious insiders accounted for issues at 36% of organisations.

Budget pressures are mounting too, as nearly all (97%) of the cybersecurity leaders asked said they need increased investment to strengthen the human-security layer.

AI’s rapid infiltration into workplace tools is introducing a new tier of risk. AI-related security incidents climbed 43% in the past 12 months—the second-largest increase across all channels surveyed. Despite 98% of organisations taking steps to address AI-related threats, security leaders ranked AI-powered attacks as their top concern, with 45% citing the constant evolution of AI-driven threats as their biggest challenge in managing behavioural risk. Deepfake-related incidents are also rising, affecting 32% of organisations.

Tensions around workplace AI use appear to be contributing to emerging “shadow AI” behaviours. While most organisations have implemented AI-risk measures, 56% of employees expressed dissatisfaction with their employer’s approach to AI tools, potentially driving them towards unsanctioned platforms.

The report suggests email will remain the highest-risk channel for several years, but warns that attackers are increasingly shifting to multi-channel campaigns, including messaging apps and voice phishing. The growing use of AI by threat actors to craft convincing, scalable attacks is expected to accelerate this trend.

 Javvad Malik, lead CISO advisor at KnowBe4, said: “The productivity gains from AI are too great to ignore, so the future of work requires seamless collaboration between humans and AI. Employees and AI agents will need to work in harmony, supported by a security programme that proactively manages the risk of both. Human risk management must evolve to cover the AI layer before critical business activity migrates onto unmonitored, high-risk platforms.”

The post Human-Centric Cyber Risks Surge as AI Enters the Workforce, Report Finds appeared first on IT Security Guru.

Saviynt has today announced a $700M Series B Growth Equity Financing at a valuation of approximately $3 billion. Funds managed by KKR, a leading global investment firm, led the round with participation from Sixth Street Growth and TenEleven, as well as new funding from existing Series A investor Carrick Capital Partners.

The investment reflects what many in the cybersecurity sector see as an accelerating shift: as organizations deploy generative AI, autonomous agents, and machine-driven workflows, identity security is becoming core infrastructure rather than a back-office compliance function.

AI Spurs a New Identity Crisis

Saviynt’s platform is designed to manage the full spectrum of digital identities now proliferating across enterprises, from employees and contractors to machine workloads, service accounts, certificates, keys, and increasingly AI agents that operate autonomously.

Unlike earlier identity and access management tools built for predictable human usage, modern platforms must govern identities that make real-time decisions and interact continuously across cloud environments and AI ecosystems.

“This is a defining moment for Saviynt and the industry,” said Founder and CEO Sachin Nayyar. “The demand for secure, governed identity has never been greater. Identity has become central to enterprise AI strategies, and this investment gives us the resources to meet that demand globally.”

Saviynt’s unified architecture merges identity governance (IGA), privileged access management (PAM), application access governance (AAG), identity security posture management (ISPM), and access gateways into a single AI-enabled platform designed for cloud-native environments.

KKR Expands Its Cybersecurity Footprint

For KKR, the investment extends a two-decade track record of backing high-growth cybersecurity firms. The firm has previously supported companies such as Darktrace, ReliaQuest, KnowBe4, Ping Identity, ForgeRock, and Semperis.

“Saviynt has built one of the most advanced and comprehensive identity security platforms in the market, purpose-built for the AI era,” said Ben Pederson, Managing Director at KKR. “We look forward to partnering with the team to scale their platform globally and advance their next-generation AI capabilities.”

KKR is investing through its Next Generation Technology Growth Fund III.

Rapid Customer and Platform Growth

Saviynt’s momentum reflects the growing urgency of securing both human and non-human identities. The company now serves more than 600 enterprise customers, including over 20% of Fortune 100 companies.

The company has recently:

• Launched new tools for AI Agent Identity Management and Non-Human Identity Management
• Expanded its PAM and ISPM capabilities
• Added AI-enabled intelligence to automate onboarding, access reviews, and provisioning
• Delivered integrations with AWS, CrowdStrike, Zscaler, Wiz, and Cyera

Funding to Accelerate R&D and Ecosystem Expansion

Saviynt plans to use the capital to accelerate product development, expand AI-based utilities designed to help customers migrate from legacy systems, and deepen integrations with hyperscalers, software vendors, and channel partners.

The company said it also aims to strengthen its global go-to-market efforts as enterprises confront the security challenges introduced by AI-driven operations.

Advisors

Piper Sandler served as Saviynt’s exclusive financial advisor. Cooley LLP advised Saviynt, while Latham & Watkins LLP represented Carrick Capital Partners. Gibson, Dunn & Crutcher LLP advised KKR, and Moelis & Co along with Kirkland & Ellis LLP advised Sixth Street Growth.

The post Saviynt Raises $700M at Approximately $3B Valuation appeared first on IT Security Guru.

Salt Security used the stage at AWS re:Invent this week to unveil two major enhancements to its API Protection Platform, introducing a generative AI interface powered by Amazon Bedrock and extending its behavioural threat protection to safeguard Model Context Protocol (MCP) servers via AWS WAF. The announcements highlight the company’s growing focus on visibility, risk reduction and real-time defence in increasingly complex cloud and AI environments.

On 1 December, Salt launched “Ask Pepper AI”, a natural language interface designed to help security teams instantly query their entire API estate. Built on Amazon Bedrock, the tool allows users to ask plain-English questions (such as “Which of my APIs expose PII?” or “What APIs have the highest Risk Score?”) and receive immediate, actionable insights drawn from Salt’s API Discovery, Posture Governance and Threat Protection capabilities.

With organisations struggling for clarity in sprawling cloud environments, Salt’s H2 2025 State of API Security Report found that only 19% feel “very confident” in the accuracy of their API inventory, while 15% admit they do not know which APIs expose personal data. Salt says “Ask Pepper AI” helps close these gaps by democratising access to critical security information and accelerating both incident response and risk prioritisation.

“API security is complex, but understanding your risk shouldn’t be,” said Michael Nicosia, Co-Founder and COO at Salt Security. “‘Ask Pepper AI’ makes it simple. By using Amazon Bedrock, we’re putting powerful, intuitive security insights into the hands of everyone from SOC analysts to CISOs. When most organisations aren’t even sure what their API inventory looks like, the ability to just ask and get an immediate answer is a game-changer.”

Two days later, Salt announced a second major capability: the extension of its patented API behavioural threat protection to detect and block malicious intent targeting MCP servers. MCP servers allow LLMs and autonomous agents to execute tasks by calling APIs and tools, but their growing usage has outpaced security controls. Often deployed without central oversight and exposed to the internet, they are becoming a new target for attackers seeking access to sensitive data and system functionality.

Building on Salt’s recently released MCP Finder technology, the company now enables organisations to identify misuse or abuse of MCP servers and automatically block threats using AWS WAF, leveraging real-time behavioural intelligence from the Salt platform.

“Most organisations don’t even know how many MCP servers they have, let alone which ones are exposed or being abused,” said Nick Rago, VP of Product Strategy at Salt Security. “This capability lets them take action quickly, using existing controls to prevent real threats without needing to deploy new infrastructure.”

By combining MCP discovery with AWS WAF enforcement, customers can block attacks before they impact applications, uncover shadow or unmanaged MCP instances, extend edge protection to the AI action layer, and continuously update defences as attacker tactics change.

The post Salt Security Unveils New AI-Powered Capabilities, Expanding API Visibility and Protecting Emerging MCP Infrastructure appeared first on IT Security Guru.

Keeper Security has announced the appointment of Tim Strickland as Chief Revenue Officer (CRO). Strickland will lead Keeper’s global revenue organisation, driving go-to-market strategy, customer growth and channel expansion as demand accelerates globally for modern Privileged Access Management (PAM) and identity security solutions.

Strickland brings more than two decades of executive leadership experience scaling high-performance revenue teams at category-defining SaaS companies. Most recently, he served as Chief Revenue Officer at ZoomInfo, where he guided the company through a successful IPO, built its customer growth and strategic sales functions and oversaw the go-to-market integration of eight acquisitions.

Prior to ZoomInfo, Strickland held senior revenue leadership roles at Marketo, where he played an integral role in the company’s growth, its take-private acquisition by Vista Equity Partners and subsequent sale to Adobe. His responsibilities spanned enterprise sales, account management, customer success and global channel development.

“Tim is joining Keeper at a pivotal moment as organisations around the world confront unprecedented identity-based threats,” said Darren Guccione, CEO and Co-founder of Keeper Security. “He brings the kind of leadership that elevates teams, sharpens focus and accelerates impact. Tim understands the responsibility we have to our customers, and he shares our commitment to building secure, elegant solutions that drive meaningful outcomes. I’m confident he will help propel Keeper into its next chapter of growth while keeping our vision and our customers at the centre of everything we do.”

In his new role, Strickland will oversee Keeper’s global sales, customer success, revenue operations and channel ecosystem, with a focus on expanding market penetration for Keeper’s unified privileged access management platform. KeeperPAM® combines enterprise password management, secrets management, privileged session management, zero-trust network access, endpoint privilege management and remote browser isolation into a single cloud-native solution—designed to meet surging global demand for credential and identity-based threat protection.

“Identity and access security has never been more critical, and Keeper has built a revolutionary cybersecurity platform for organisations,” said Strickland. “The market opportunity is tremendous, and the company’s momentum reflects a deep commitment to innovation and customer value. I’m excited to help scale our impact globally and support customers in strengthening their security posture.”

Strickland also serves as an Advisory Partner with Summit Partners, where he helps high-growth technology companies navigate go-to-market transformation and scale with discipline. As Keeper continues to meet rising global demand for modern privileged access and identity security, Strickland’s leadership will help advance the company’s mission to deliver zero-trust and zero-knowledge solutions that protect the world’s most sensitive data and systems.

The post Keeper Security Appoints New Chief Revenue Officer appeared first on IT Security Guru.

Nominations are now open for the 2026 Most Inspiring Women in Cyber Awards! The deadline for entry is the 9th January 2026. We’re proud to be media supporters once again. 

The 2026 event is hosted by Eskenzi PR and sponsored by Fidelity International, BT, Bridewell and Plexal – organisations that are leading the way in making the cybersecurity industry more inclusive. The 6th annual event, held at the iconic BT Tower on the 26th February 2026, aims to celebrate trailblazers at all stages of their careers from across the cybersecurity industry who are doing exceptional things. 

Additionally, Eskenzi PR has partnered with some of the most influential women in cyber groups to help shape the awards, ensuring they are more inclusive and intersectional than ever before. By partnering with WiCyS UK & Ireland Affiliate and Women in Tech and Cybersecurity Hub (WiTCH), it is hoped that the 2026 event will reach an even wider range of inspirational women from across all corners of the globe.

Aiding in this mission, cybersecurity consultancy Bridewell has committed to sponsoring a bursary that will allow the UK based winners of the Ones to Watch category to attend the awards with paid travel and accommodation. A new addition for the 2026 awards, sparked by industry feedback, this move is hoped to remove the financial barriers of attending industry events for people starting out in their careers.

Cybersecurity continues to face challenges with diversity and representation. According to research by ISC2, women now make up about 22% of the global cybersecurity workforce. Despite the industry’s growing demand for skilled professionals – driven by escalating talent shortages and increasingly sophisticated threats – representation remains limited. Building a more inclusive cybersecurity community requires visible role models, mentorship, and active encouragement. After all, we cannot become what we cannot see.

The Most Inspiring Women in Cyber Awards aims to bring together and empower incredible women (both established and those starting out their careers) and make long lasting connections.

Nominations can be submitted via this link and will remain open until 5pm on Friday 9th January 2026. An esteemed panel of judges (yet to be confirmed) will then review the submissions and narrow the list down to the Top 20, each of whom will be profiled on the IT Security Guru. There will also be five women crowned ‘ones to watch’.

On the 26th February 2026, a physical awards ceremony will be held in London at the iconic BT Tower. The event will include a welcome address and an informal panel discussion with a Q&A featuring industry leaders. Then, the finalists will be awarded their certificates and trophies. The event will conclude with networking over food and drinks at the top of the tower. Finalists, judges, and guests are welcome to attend in person and the public can tune in to the ceremony via a live stream. More information to be provided soon.

The award’s founder, Yvonne Eskenzi, said: “We’re delighted to once again host the Most Inspiring Women in Cyber Awards, supported by industry leaders including Fidelity International, Bridewell and Plexel. With BT’s continued partnership, it’s a pleasure and a privilege to return to the iconic BT Tower once again for this special occasion. At Eskenzi, we remain deeply committed to championing diversity in cybersecurity through meaningful action. Together with leading women’s networks and forward-thinking organisations, the Most Inspiring Women in Cyber Awards aims to celebrate, elevate and empower women across the sector while helping to forge lasting connections among all who attend.”

‘Women in Cyber’ group, at Fidelity International, said: “At Fidelity International, supporting the 2026 Most Inspiring Women in Cyber Awards reflects our belief that empowering women strengthens cybersecurity. As cyber threats intensify, diverse perspectives are key to safeguarding our digital future. By championing talent and creating opportunities, we aim to inspire the next generation of women leaders in cybersecurity.”

Laura Price, Cyber Skills Partnerships Manager at BT Business, said: “At BT Business, we’re committed to helping organisations stay connected, secure, and future ready. Supporting the Most Inspiring Women in Cyber Awards reflects our belief that diversity and innovation go hand in hand. By celebrating role models and amplifying voices, we aim to inspire the next generation of cyber leaders and strengthen the resilience of businesses in an increasingly digital world.”

Diane Gilbert, Senior Lead Programmes at Plexal, said: “Plexal supports women in cyber to build careers and grow their businesses. Wonderful moments like the Most Inspiring Women in Cyber Awards provide an opportunity to celebrate the increased inclusion and diversification of the industry to date. And reinforces the important role we all play in keeping the momentum going on female representation in the sector. Plexal is excited to be a returning sponsor of the 2026 awards.” 

For more information and to nominate visit: https://www.itsecurityguru.org/most-inspiring-women-cyber-2026/

The post Nominations Open For The Most Inspiring Women in Cyber Awards 2026 appeared first on IT Security Guru.

Amelia Hewitt, Co-Founder (Director of Cyber Consulting) at Principle Defence and Founder of CybAid, and Rebecca Taylor, Threat Intelligence Knowledge Manager and Researcher at Sophos, are proud to announce the launch of the second series of The Cyber Agony Aunt Podcast (formerly Securely Yours Podcast). The new season is now available to stream on all major platforms.

The Cyber Agony Aunt Podcast is an empowering series hosted by Hewitt and Taylor, two accomplished cybersecurity professionals, recorded at Matinee Studios in Reading, UK. Drawing on their extensive experience in the field and their roles as mentors, they use an “agony aunt” format to address the real-life questions and challenges faced by professionals.

Inspired by classic magazine advice columns, the podcast offers practical guidance for those building and thriving in cybersecurity and related careers. Through candid conversations and questions from mentees and peers, Hewitt and Taylor explore pressing topics such as active allyship, burnout, sexual harassment, threat intelligence, and overcoming adversity. Their confessional tone ensures that no issue is considered off-limits.

To further enrich the series, Season 2 features a selection of seasoned professionals who share their perspectives, lived experiences, and expert insights in specially curated episodes. Amelia Hewitt and Rebecca Taylor have had the privilege of speaking with:

• Callum Stott(Sales Director at Matinée Multilingual),
• Karl Lankford(Senior Director, Solutions Engineering at Rapid7),
• Phoebe Farrelly(Deals – Lead Advisory & Restructuring at PWC, and Branch Coordinator for CyberWomen Groups C.I.C),
• Nikki Webb(Global Channel Manager at Custodian360, Founder of The Cyber House Party, and Volunteer Marketing Coordinator at The Cyber Helpline),
• Will Lyne(Head of Economic & Cybercrime at the Metropolitan Police Service),
• Pauline Campbell (Principal Lawyer at London Borough of Waltham Forest & Social Justice Author),
• Jake Moore(Global Cybersecurity Advisor at ESET)
• Zak Layton-Elliott(Director of Partnerships at CybAid ,and Cyber Security Analyst at Principle Defence).

The Cyber Agony Aunt Podcast offers practical guidance for anyone seeking to advance their career in cybersecurity. Driven by the belief that everyone should thrive, not merely survive, the series aims to make professional growth attainable through accessible, actionable advice. Hewitt and Taylor approach even the most complex and uncomfortable topics with honesty and empathy, ensuring no conversation is left unspoken and no listener feels alone.

Co-host Amelia Hewitt said: ‘It’s been an incredible journey. We have been very fortunate to have lots of guests on the series, all happy and willing to share their opinions and thought leadership. This series is a real eye opener, myth buster and level setter for anyone wanting to understand the nitty gritty of a career in the cyber industry.’

Co-host Rebecca Taylor added: ‘This podcast is about showing that no-one in cyber is alone. By bringing together voices from across the industry, we’re breaking down barriers, sharing real experiences, and proving that a career in cyber is possible for anyone – even with all its challenges. We’re not shying away from the tough conversations; we’re having them, so others don’t have to face them in silence.’

The Cyber Agony Aunt Podcast, hosted by Amelia Hewitt and Rebecca Taylor, is now available to stream on all major platforms. Their first book, Securely Yours, is also available for purchase on Amazon (you can read the IT Security Guru’s Q&A with the hosts here). The duo are currently working on their highly anticipated second book, ‘Resilient You: An Agony Aunts’ Guide to Keeping It Together’, scheduled for release in April 2026.

The post Podcast Empowers Professionals to Thrive in Their Cybersecurity Careers appeared first on IT Security Guru.

Today, APIContext, has launched its Model Context Protocol (MCP) Server Performance Monitoring tool, a new capability that ensures AI systems respond fast enough to meet customer expectations.

Given that 85% of enterprises and 78% of SMBs are now using autonomous agents, MCP has emerged as the key enabler by providing an open standard that allows AI agents access tools, like APIs, databases, and SaaS apps, through a unified interface. Yet, while MCP unlocks scale for agent developers, it also introduces new complexity and operational strain for the downstream applications these agents rely on. Even small slowdowns or bottlenecks can cascade across automated workflows, impacting performance and end-user experience.

APIContext’s MCP server performance monitoring tool provides organisations with first-class observability for AI-agent traffic running over the MCP. This capability enables enterprises to detect latency, troubleshoot issues, and ensure AI workflows are complete within the performance budgets needed to meet user-facing SLAs. For example, consider a voice AI customer support system speaking with a caller. If the AI sends a query to the MCP server and has to wait for a response, the caller quickly becomes irritated and frustrated, often choosing to escalate to a human operator. This kind of latency prevents the business from realising the full value of its AI operations and disrupts the customer experience.

Key Benefits of MCP Performance Monitoring Includes:

• Performance Budgeting for Agentic Workflows: Guarantees agent interactions are completed under required latency to maintain user-facing SLAs. 
• Root Cause Diagnosis: Identifies whether delays are caused by the agent, MCP server, authentication, or downstream APIs. 
• Reliability in Production: Detects drift and errors in agentic workflows before they affect customers.

“AI workflows now depend on a distributed compute chain that enterprises don’t control. Silent failures happen outside logs, outside traces, and outside traditional monitoring,” said Mayur Upadhyaya, CEO of APIContext. “. With MCP performance monitoring, we give organisations a live resilience signal that shows how machines actually experience their digital services so they can prevent failures before customers ever feel them.”

For more information on APIContexts’ MCP Performance Monitoring Tool, visit https://apicontext.com/features/mcp-monitoring/ 

The post APIContext Introduces MCP Server Performance Monitoring to Ensure Fast and Reliable AI Workflows appeared first on IT Security Guru.

API security organisation Salt Security has announced the latest expansion of its innovative Salt Cloud Connect capability. It extends the same agentless model customers trust for rapidly gathering API-specific info in cloud platforms, applying the same proven ease of use and ‘under 10-minute’ deployment to GitHub source code. While other security solutions focus on AI models and data, Salt is the first to secure the MCP servers and APIs where AI agents have a real-world impact, now finding them in code before they are ever deployed.

With GitHub Connect, Salt enables customers to securely connect their public and private GitHub repositories to the Salt Illuminate platform, extending visibility across the full API lifecycle. The new capability analyses code to proactively discover APIs, MCP servers, and configurations directly from source code. Critically, it identifies relevant tools and exposed APIs even when the MCP is hosted elsewhere. This discovery is immediately prioritized by Salt’s traffic-free risk-scoring capability, which accelerates time-to-insight by assigning quantifiable risk scores without requiring traffic collection.  As Gartner® notes, “Software engineering leaders must investigate the suitability of MCP servers obtained especially from public sources.”

This launch advances Salt Illuminate, the platform purpose-built to discover, govern, and secure the API fabric. As organizations embed AI agents, Salt Illuminate is the only platform that delivers complete MCP coverage, discovering them in code (GitHub Connect), monitoring their runtime traffic (Agentic AI), and finding their external exposure (MCP Surface Scan). This bridges code-level and runtime posture governance, enabling teams to reduce risk across the full API lifecycle.

Nick Rago, VP of Product Strategy, Salt Security, said: “AI agents and MCP servers have transformed how digital systems communicate and act. By extending discovery into GitHub, Salt Illuminate gives customers visibility into API and MCP risks long before deployment. This proactive intelligence is critical to safeguarding the API fabric that drives modern innovation.”

Modern code repositories have become the blueprint for the wider API ecosystem, shaping how applications and AI agents interact. GitHub Connect enables organisations to identify shadow APIs and MCP servers by analysing source code for configuration patterns and exposed tools, even when those services are hosted elsewhere. It also supports a “shift-left” approach to governance by highlighting high-risk MCPs in private repositories so that policy can be applied before deployment. By bringing code-level insights into Salt’s unified risk model, it ensures that APIs and MCPs discovered in source code receive the same risk scoring as those identified at runtime.

The post Salt Security Launches GitHub Connect to Proactively Discover Shadow APIs and MCP Risks in Code Repositories appeared first on IT Security Guru.

In 2025 we’re not just fighting today’s headline-grabbing cyber threats, but we’re also preparing for tomorrow’s. Technology is evolving at a pace that is both fuelling progress for defenders and powering new tools for bad actors. The same advances that drive discovery and innovation also give cybercriminals new ways to attack faster, more broadly and with greater impact. One of the clearest examples of this dual advancement is quantum computing: a breakthrough that could change the world for good, but also put the very foundations of online security at risk.

What is Quantum Computing?

Quantum computing is an emerging technology that processes information in ways traditional computers never could. Instead of working through one calculation at a time, quantum machines harness the principles of quantum mechanics to evaluate countless possibilities simultaneously.

That power has tremendous upside – potentially accelerating breakthroughs in medicine, science and engineering – but also creating a profound security challenge. Once fully realised, quantum computers will be able to break the public-key cryptography in use today, including RSA and Elliptic Curve Cryptography (ECC). These aren’t niche tools: they secure almost everything online. From the HTTPS connections that protect your browsing to digital signatures on software, as well as online banking, healthcare systems, government platforms and consumer accounts – encryption is the trust layer of the internet.

And most of it is not quantum-resistant. While the U.S. National Institute of Standards and Technology (NIST) has begun standardising quantum-safe encryption algorithms, including Kyber, they are not yet widely deployed. That means the logins and records you create today could be tomorrow’s open doors.

Large-scale quantum computers aren’t publicly available yet, but waiting for them to arrive is a mistake. Cybercriminals aren’t waiting – many have already started preparing.

The “Harvest Now, Decrypt Later” Threat

Hackers understand that quantum power is coming, and they’re planning ahead. Their strategy is simple: steal encrypted data now, knowing they’ll be able to decrypt it later. This “harvest now, decrypt later” approach means that stolen banking details, medical records or login credentials, which are protected currently with strong encryption, could be cracked years down the road – long after the original breach is forgotten.

Weak security practices make this problem worse. Keeper Security research shows that only 30% of people regularly update their passwords, leaving 70% exposed. Even more concerning, 41% reuse the same passwords across accounts, creating an easy opening for credential-stuffing attacks, where one stolen password is used to break into multiple accounts. These everyday habits give cybercriminals exactly the weaknesses they can exploit – whether now or in the quantum era.

Start Preparing Today for the Quantum Shift

The best way to defend against tomorrow’s quantum-enabled attacks is to act now. Leading organisations are already evaluating, developing and deploying quantum-resistant encryption, including NIST-approved algorithms like Kyber, to build in future-ready protections.

Individuals and businesses alike can prepare by taking proactive steps:

• Stay aligned with standards: Be sure to stay up-to-date on official guidelines and standards. Organisations should follow trusted guidance from NIST and the Cybersecurity and Infrastructure Security Agency (CISA).
• Update and patch regularly: You don’t need to track every technical update, but you should ensure the tools and providers you utilise are up to date with the latest security standards. Ensuring that products are regularly updated is critical, as patches often contain critical security fixes to keep your information secure.
• Vet your providers: Don’t just trust that a product is secure – verify it. Use products that meet and surpass compliance requirements, especially those that are looking to the future. When selecting a product for yourself or your organisation, vet it thoroughly against standards that are relevant to your needs.
• Reinforce best practices: As always, following existing best practices is the best way to protect yourself now and later. Use strong, unique passwords and change them regularly to defend against both current and future attack methods. The easiest way to manage them is with a trusted password manager, which generates strong passwords and stores them securely. Store sensitive information in secure, encrypted environments – not browsers, shared documents or sticky notes.
• Monitor for exposure: Every minute counts when your information is stolen. Organisations and individuals should use monitoring services that can alert them if their data appears on the dark web, so they can take immediate action.

And don’t abandon today’s encryption. Current standards remain highly effective and are essential to protecting your data today. The challenge is preparing for a post-quantum future while continuing to safeguard the world we live in right now.

Moving Into a Post-Quantum World

Quantum computing and its implications may sound daunting, but the path forward is clear. Strong, proactive measures taken today will help ensure a safer tomorrow.

This Cybersecurity Awareness Month, let’s recognise that preparing for the future is as important as defending against present threats. By reinforcing best practices, demanding future-proof tools and supporting the shift to quantum-resistant encryption, we can secure not only today’s digital world, but the post-quantum world we are heading toward.

The post The Quantum Future Is Coming – Hackers Are Already Preparing appeared first on IT Security Guru.