The European Union (EU) Network and Information Security Directive 2 (NIS2) introduces stricter cybersecurity requirements than its predecessor, the original NIS Directive. With the compliance deadline fast approaching, in-scope organizations must take proactive steps to ensure they have enacted NIS2 requirements, thereby strengthening their security posture.

Cybersecurity automation has followed a path familiar to many emerging technologies: a cycle of inflated expectations, hard realities, and eventual refinement. Gartner’s “hype cycle” provides a useful framework for understanding this journey—initial enthusiasm and lofty expectations give way to challenges and disillusionment before practical, high-value use cases emerge.

System downtime from faulty software updates can cost businesses huge money losses every second. This reality shows why up-to-the-minute data analysis has become a vital part of modern enterprises. Companies now deal with endless data streams from countless transactions. Knowing how to spot unusual patterns right away could make all the difference between grabbing opportunities and facing harsh setbacks.

In 2024, Cyjax observed the emergence of 72 extortion and ransomware group data-leak sites (DLSs). As of late February 2025, Cyjax has identified DLSs for six new groups in 2025, as noted in recent blogs on extortion groups Kraken, Morpheus, GD LockerSec, Babuk2, and Linkc. The latest DLS which Cyjax has identified is named Anubis. This Ransomware-as-a-Service (RaaS) group appears to be sophisticated and professional, providing services including affiliates, data ransoms, and access monetisation.

Artificial Intelligence (AI) is a double-edged sword in cybersecurity, empowering both defenders and attackers. AI-driven security systems are often used to detect threats in real-time, analysing large datasets for anomalies, and automating responses to cyberattacks. However, cybercriminals are also leveraging AI to create advanced malware, automate phishing attacks, and evade traditional defenses.

Plugins are shared libraries that conform to a documented API, hooking into the core functionalities of Falco to allow things such as adding new event sources that can be evaluated using filtering expressions/Falco rules. Since Falco is open source, users can build plugins for just about any arbitrary 3rd party event source. In recent blog posts, we discussed how Falco can be extended to event stream sources such as Gitlab, Salesforce and Box via the Falco Plugin architecture.

Last November, the Open Web Application Security Project (OWASP) released its Top Ten List for LLMs and Gen AI Applications 2025, making some significant updates from its 2023 iteration. These updates can tell us a great deal about how the LLM threat and vulnerability landscape is evolving - and what organizations need to do to protect themselves.

The original NIS Directive came into force in 2016 as the EU’s first comprehensive law governing cybersecurity in member states. As part of its key policy objective to make Europe “fit for the digital age,” the European Commission proposed in December 2020 that NIS be revised, and NIS2 entered into force in January of 2023. Member states were required to transpose it into law by October 17, 2024.