Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Notis Iliopoulos from Obrela explains why it is time to move beyond checkbox compliance towards true operational resilience and provides advice on how to do it Managing cybersecurity risk exposure and ensuring compliance with evolving regulations has never been more complex or more critical. The rapid expansion of regulatory frameworks such as NIS2, DORA, and GDPR, to name a few, has forced organisations to rethink their approach to governance, risk and compliance (GRC).

This blog is the third part of our series on Microsoft Secure Score. Please read Part 1 and Part 2. As cyber risk escalates in complexity, the role of CIOs and CISOs has evolved far beyond IT governance. Today's security leaders are expected to deliver tangible risk reduction outcomes, maintain regulatory compliance, and support business continuity, often with constrained resources and growing accountability.

Understand what Active Directory is, how it works, its key features, and why it's critical for user management, access control, and IT security.

Omdia, a global analyst and advisory leader, recently released a report called “How Extended Access Management (XAM) closes the gaps in security.” The report defines the challenges of modern access management as: These unmanaged forms of access create an Access-Trust Gap: The security risks posed by unfederated identities, unmanaged devices, applications, and AI-powered tools accessing company data without proper governance controls.

At RSAC 2025, we announced Extended Device Compliance, a new capability within 1Password Device Trust that enforces device posture Checks before allowing access to web applications, including those not protected by single sign-on (SSO). Extended Device Compliance redefines industry expectations for device trust solutions, ensuring devices are secure and compliant even when users access apps outside traditional admin control.

Spectro Cloud Palette is an enterprise-grade Kubernetes management platform that simplifies the deployment and lifecycle management of clusters across data center, cloud, and edge environments. Designed around a declarative model, Spectro Cloud Palette enables users to define full-stack cluster profiles—including the operating system, Kubernetes version, and curated integrations—all governed by policy.

CIS compliance is the voluntary practice of aligning IT systems with the Center for Internet Security’s benchmarks and controls to proactively mitigate cybersecurity risks, meet regulatory requirements, and enhance organizational security posture.