Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Remember when security was simple? Users had roles. Roles had permissions. Done. Those were the days when your biggest worry was whether someone from marketing accidentally got admin access to the finance system. Welcome to 2026, where that simplicity is dead.

The urgency for advanced security capabilities has never been greater, and this is where managed detection and response services are emerging as the essential foundation for business resilience.

In 2026, incident response (IR) will continue its shift away from traditional malware-centric investigations toward identity-driven intrusions, abuse of trusted cloud services, and low-signal, high-impact activity that blends seamlessly into normal business operations. Rather than relying on technical exploits, threat actors are prioritizing legitimate access, persistence, and operational efficiency, enabling them to evade users, security controls, and automated detection.

Jesse Emerson, Chief Product Officer at LevelBlue, the world’s largest pure-play Managed Security Service Provider (MSSP), recently sat down to answer a few questions about what makes an MSSP a valuable client resource and how he sees the MSSP’s role changing in the coming year.

Remember that annoying ‘paperclip’ in Microsoft Word 97? The one that was always trying to help you…Fast forward nearly 30 years and we now have AI. In the race to adopt artificial intelligence, businesses are embedding AI systems into their daily operations, streamlining workflows, enhancing productivity, and centralizing knowledge. But what happens when that very system becomes an attacker’s most valuable asset?

This article was authored by Daniel Ilan, Rahul Mukhi, Prudence Buckland, and Melissa Faragasso from Cleary Gottlieb, and Brian Lichter and Elijah Seymour from Stroz Friedberg, a LevelBlue company. Recent disclosures by Anthropic and OpenAI highlight a pivotal shift in the cyber threat landscape: AI is no longer merely a tool that aids attackers, in some cases, it has become the attacker itself.

New York has started a movement to reshape the AI compliance landscape for companies doing business in the state. Other states are following suit making Governance and AI Compliance an increasingly critical endeavor.

Ransomware attacks increased by 17.2% percent year-over-year in 2025, with the group Qlin dominating the threat landscape, according to data generated by the LevelBlue SpiderLabs team. These attacks focused primarily on the manufacturing and technology sectors, with the US by far being the most targeted nation. 2025 continued the trend of yearly increases; however, over the last few years, the rate of attacks has somewhat slowed.

Executive Summary NIST CSF 2.0 defines what must be achieved; Organizational Change Management (OCM) determines whether it becomes real. Security programs stall not because the framework is unclear, but because leadership behavior, ownership, and workforce adoption weren’t designed and measured from the start.

For years, security vendors have treated SIEM and XDR as two distinct pillars of their security stack - one built for broad log visibility and compliance, the other designed for high-fidelity detection and rapid response. However, as hybrid environments expanded and attackers began exploiting identity, endpoint, cloud, and network surfaces simultaneously, those boundaries blurred.