Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Your backups survived a ransomware attack. Your team restored everything within hours. And three days later, the same malware is back, encrypting the same files, because nobody checked whether those backups were clean before putting them into production.

Operational Technology (OT) security safeguards the industrial systems, networks, and physical processes that power modern society. Unlike Information Technology (IT), which prioritizes data confidentiality, OT security focuses on the availability, reliability, and safety of physical operations, protecting the technology behind turbines, robotic arms, pumps, and pipeline valves.

Active Directory (AD) remains the foundational identity and access management system for the vast majority of enterprises globally, making it a prime target for cybercriminals. AD is constantly under attack, and threat actors rarely have to resort to complex, zero-day exploits to breach it. Instead, they rely on a pervasive and persistent vulnerability: everyday misconfigurations.

Two significant software supply chain cybersecurity attacks, seven days apart, with one hundred and eighty million weekly downloads between them. The chaos from development teams to the boardroom is real. And the pace is only going to get faster. Much, much faster…

Proving compliance is a necessity, but in a world of tightening regulations, the path to compliance is currently paved with spreadsheets, screenshots, and manual attestations. We call this the “Audit Tax”, the millions of dollars and thousands of people hours spent not just integrating security, but on proving you are handling security.

Sophos named a 2026 Gartner Peer Insights Customers' Choice for Managed Detection and Response Third consecutive time being named a Customers’ Choice for MDR Sophos has been named a 2026 Gartner Peer Insights Customers' Choice in the 2026 Gartner Peer Insights Voice of the Customer for Managed Detection and Response (MDR).

By: Beth Dannemilller, Senior Director, Product Marketing For years, security operations have been measured by effort. More alerts processed. More data ingested. More tools deployed. It looks like progress. It isn’t. CIOs know the reality. Teams are overwhelmed. Costs keep rising. And when the board asks a simple question, “Are we reducing risk?”, the answer is often unclear. This is the breaking point for the SOC.

Conversations at RSA 2026 circled back to the same topic: identity is the foundation of AI agent security. While it’s understandable, it’s the wrong way to look at things. Identity tells you who showed up. It says nothing about whether what they did made sense.

One man’s perspective on RSA 2026 and what the AI agent security market actually looks like up close. Every year at RSA, there's a theme, not the official one printed on the lanyards, but the real one. The one that shows up in every booth conversation, every hallway argument, every dinner where people finally say what they wouldn't say on a panel. A few years back, it was cloud. Then zero trust took over and held the room for a while. XDR came through and confused everyone. Identity had its moment.