Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In the last couple of years, accelerated AI adoption has created some terrific opportunities for enterprises, allowing them to reshape everything from business models to customer engagement and decision-making. Yet, this also brings up various critical governance challenges. While 52% of organizations have (fully/partially) deployed GenAI, nearly 8 in 10 haven’t reached full AI maturity in cybersecurity, according to a recent Ponemon Institute study in partnership with OpenText.

Effective crypto asset management is now a critical priority. As adoption grows, so too does the scale and sophistication of threats that individuals and organizations now face. Digital asset security requires a layered approach, including cold storage, robust key protection, regular security testing and proactive regulatory compliance. This article examines the most prevalent threats to digital assets, outlines practical measures to mitigate risk and explores the evolution of global regulation.

Office 365 slow performance issues can be a headache for employees in your organization and for customers. If Microsoft Office 365 slows down users’ computers, productivity suffers and workflows are disrupted. Customers may be dissatisfied accessing a slow SharePoint site, which would negatively impact your organization’s reputation. In this case, you should find the reasons for Office 365 performance issues and fix them as quickly as possible.

We are launching the Detectify MCP Server to deliver real-time vulnerability data and attack surface insights directly into your AI-powered workflows. Built for developers and AppSec teams using Claude Code, Cursor, ChatGPT, and Claude Desktop, it delivers security data straight to your AI assistants via a remote-hosted server, giving you hacker-proof guardrails without adding anything new to deploy or maintain.

Running your own certificate authority sounds like the responsible choice for internal infrastructure. Distribute your root cert to every machine and issue certs internally. In practice, you spend the next six months chasing down every device, contractor laptop, and vendor console that didn’t get root installed. The warnings come back. And when they do, people click through them, because they always have. There’s a simpler path, and most teams don’t know it exists.

For organizations within the Defense Industrial Base (DIB), the Cybersecurity Maturity Model Certification (CMMC) 2.0 represents more than a regulatory hurdle. It is becoming a core requirement for doing business with the Department of Defense and for protecting sensitive information across the defense supply chain.

A highly critical SQL injection vulnerability in Drupal core has raised concerns across organizations running PostgreSQL-backed Drupal environments. Tracked as CVE-2026-9082, the vulnerability affects Drupal’s database abstraction layer and can be exploited remotely without authentication. The vulnerability was disclosed through Drupal security advisory SA-CORE-2026-004 on May 20, 2026. CVE-2026-9082 is now under active exploitation.

Brand impersonation protection is often evaluated by how quickly fake domains, cloned pages, scam ads, and impersonation assets can be removed. That metric matters, but it does not answer the more important security question: who was exposed while the asset was live, and what risk did that exposure create? Domain takedown reduces the life of an impersonation asset.

This article was originally published in Professional Security Magazine. Why are organizations still losing to phishing in 2026? Phishing has been the dominant attack vector for years. Despite this, organizations continue to be caught out by it. The UK government’s Cyber Security Breaches Survey 2026 confirms it remains the most prevalent and disruptive type of attack that businesses are facing. For those on the front line of incident response investigations globally, that finding is no surprise.

The era of "typing into a box" is over. For years, we viewed artificial intelligence as a digital assistant—a sophisticated autocomplete tool that waited for human input. But according to Martin Kraemer, KnowBe4’s CISO Advisor for Europe and the Middle East, that dynamic has shifted. We have moved from asking AI questions to giving AI jobs. In a recent deep-dive webinar, Martin explored the transition from AI tools to AI agents.