Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In security, we love to talk about tools. Detection engines, behavioral analytics, identity governance platforms, and data classification tags. We invest millions in building systems that can track, monitor, and block unauthorized activity. And when it comes to insider risk, many organizations respond by doubling down on controls implementing tighter access permissions, more restrictive policies and stricter monitoring.

Today Coralogix announced U.S. Department of Education Sponsorship for FedRAMP Authorization. Government agencies currently face a critical balancing act. On one side, there is an urgent mandate to modernize operations and adopt artificial intelligence to improve services. On the other, there are strict requirements for security, compliance, and data sovereignty that cannot be compromised.

Here’s a conversation that keeps happening: A compliance team passes their PCI audit in June. By September, they’ve had a card skimming incident traced to a third-party script nobody knew was running on their checkout page. Their tools didn’t catch it because none of them could actually see what was executing in the customer’s browser. That’s the gap PCI DSS 4.0.1 is forcing everyone to address.

Cybersecurity risk is no longer an abstract concern relegated to IT teams, it is a material business risk that boards and senior leaders must actively manage.UK government research indicates that around 43% of businesses experienced a cyber security breach or attack in the past year, underlining how common these incidents have become across sector, from small business to large enterprises.

Most teams learn the OWASP Top 10 as a list of application security failures. Injection flaws. Broken access control. Security misconfiguration. Items to scan for, remediate, and close before the next audit or penetration test. But data exposure rarely arrives neatly packaged as a single OWASP finding. When sensitive data leaks, it is almost never because one category failed in isolation.

As we look toward 2026, the digital frontier is no longer a landscape of distant threats but an immediate, dynamic environment where resilience is the ultimate currency. The frequency and sophistication of cyber threats are accelerating, fueled by geopolitical tensions, technological advancements, and interconnected global economies.

Recent research from Proofpoint highlights a growing trend in identity-based attacks. Rather than stealing passwords or exploiting software flaws, multiple threat actors are now abusing legitimate Microsoft authentication workflows to gain access to Microsoft 365 accounts at scale. This technique, known as device code phishing, is not new. What is new is how widespread the technique has become, particularly among both state-aligned and financially motivated adversaries.

I’m excited to announce CrowdStrike’s agreement to acquire SGNL, a leader in identity-first security. This acquisition will extend CrowdStrike Falcon Next-Gen Identity Security to deliver continuous, context-aware authorization for human, non-human, and AI agent identities across SaaS and hyperscaler cloud environments. As risk conditions and threats change, access to applications, data, and AI agents should change with them.

Founded in 1983 as a non-profit health care system, Covenant Health, Inc. sponsors skilled nursing homes, hospitals, assisted living residences, rehabilitation centers, and some health and elder services across New England.

In 2025, we saw attackers get bolder and smarter, using AI to amplify old tricks and invent new ones. The reality is, innovation cuts both ways. If you have tools, AI is going to make them even more dangerous. Last year proved that every leap forward in technology brings new risks right alongside the rewards. At CyberArk Labs, our mission is to uncover hidden vulnerabilities and provide actionable insights that help organizations fortify their defenses.