Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks often succeed not because they are sophisticated but because organizations lack reliable backups or struggle to restore data quickly. When recovery is slow, even minor disruptions can escalate, providing attackers with the time and leverage they need to deploy ransomware and halt operations. When systems go down, every minute of downtime results in operational disruption, a drop in revenue, and lost customer trust.

Over the past year, I have spent a lot of time with security leaders who are trying to navigate the same tension. They know their operations need to move faster. They know the volume, speed, and complexity of what lands in the SOC are not going to ease up. But they are also trying to make smart decisions in environments where trust matters, governance matters, and the cost of getting it wrong is real.

The recent leak related to Claude Mythos has offered a rare and revealing look inside the real capabilities of frontier AI models. The details of the leak underscore a reality that cybersecurity leaders need to understand clearly: Advances in model capability do not automatically translate into advances in cybersecurity, nor do they translate into better security outcomes without the right platform to apply them.

Compare the top data access governance tools for 2026. Learn what to look for, and which platforms fit mid-market security teams. TL;DR: Data access governance tools map effective permissions to sensitive data, surface overexposed entitlements, and operationalize access reviews across hybrid environments. Without them, organizations cannot answer who can reach regulated data, enforce least privilege, or complete certifications without manual effort.

When your CNAPP flags a suspicious dependency in an AI agent container, your WAF logs an unusual API spike, and your SIEM shows a burst of cloud storage calls—are those three separate incidents or one rogue agent attack? Most security teams treat them as three tickets in three queues, investigated by three people who may never connect the dots. By the time someone pieces together that a single compromised agent drove all three signals, the attacker has already moved laterally and exfiltrated data.

Your AI-BOM shows every model, tool, and data source you deployed. But when your SOC investigates an alert about unusual agent behavior, that inventory tells them nothing about what actually happened at runtime. Static AI-BOMs document what you intended to run. Attackers exploit what your AI workloads actually do in production: which APIs they call, what data they touch, and how they use approved tools in unapproved ways.

Exactly 8 years ago today, we launched the 1.1.1.1 public DNS resolver, with the intention to build the world’s fastest resolver — and the most private one. We knew that trust is everything for a service that handles the "phonebook of the Internet." That’s why, at launch, we made a unique commitment to publicly confirm that we are doing what we said we would do with personal data.

Fresh off two weeks of back-to-back meetings in Washington, DC, and on the floor/in the wings of the RSA Conference, one theme echoed through nearly every conversation I had with senior government officials and public policy leaders from global technology companies: agentic AI security is the defining emerging security challenge of this moment — and policy is not keeping pace.