Research released today reveals that cloud infrastructure has become the second-largest expense for tech companies, following headcount; averaging 10 percent of revenue and increasing rapidly. What’s more nearly 90 percent of companies report that it's directly affecting profitability.

The study from Cloud Capital surveyed 100 CFOs and senior financial decision makers within SaaS and technology businesses of up to 1,000 employees across the US and UK.

Data that was once scattered across sprawling systems and silos -- providing natural obstacles to attackers -- is now concentrated and highly portable within AI models. This fundamental shift redefines the challenge of digital security.

We spoke to Dr. Luigi Caramico, CTO and co-founder of DataKrypto, to discuss how organizations can repond to this challenge.

A new report reveals an increasing disconnect between cybersecurity and compliance priorities and organizational capacity to address them.

The study from Secureframe, based on a survey of 255 security, compliance, and IT professionals, finds security teams are carrying unprecedented responsibility with insufficient resources, manual compliance work is consuming critical time, and the absence of verifiable security credentials is directly impacting revenue.

A new identity fraud report from AU10TIX looks at how fraud is shifting from isolated attempts to adaptive, self-optimizing systems, and the need for early-warning intelligence to reshape the future of fraud prevention amid rapid advances in artificial intelligence and quantum computing.

“Fraud is no longer a static event; it’s a living signal moving through networks and devices,” says Yair Tal, CEO of AU10TIX. “At AU10TIX, we see the daily challenges our customers face as fraud evolves faster than ever. Our mission is to protect them, not just by responding to attacks, but by anticipating them. Our early-warning system helps ensure their businesses stay one step ahead, detecting risk before truth starts to drift.”

New analysis from enterprise-class domain registrar CSC reveals that for the past three years, seasonal IP infringements have risen sharply in Q4 and remained elevated through January, when post-holiday sales draw heavy consumer traffic.

The combination of high demand, gift-driven impulse buying, and deep discounting creates a perfect environment for cybercriminals to ply their trade. Over the holidays, fraudsters set up fake websites and lookalike domains impersonating legitimate brands.

In order to thrive in 2026 developers will need to align human creativity with AI, delivering software that is not only faster and smarter, but also more transparent, more intuitive, and more human-centered than ever before.

This is the conclusion of the latest software development trends report from Infragistics. It looks at how AI-driven intelligence, predictive UX, adaptive design systems, and ethical data governance will define the next era of digital innovation and what technology leaders can do to prepare.

A new report from Komprise shows that 85 percent of IT and data storage leaders are projecting an increase in data storage spend in 2026, while 74 percent are storing more than 5PB of unstructured data, a 57 percent increase over 2024.

To cope with these rising data volumes and outsized spending, enterprise IT infrastructure teams are looking to implement unstructured data classification. Survey respondents rank this as the top strategy to discreetly understand data for storage optimization, data governance, ransomware defense, security and AI curation needs. In parallel, classifying and tagging unstructured data is the top challenge in preparing unstructured data for AI.

The use of AI across modern enterprises in recent years has accelerated, with innovation at the forefront and APIs serving as the crucial enabler behind the scenes.

Now, agentic AI, capable of autonomous actions and decision-making, but this shift exposes several gaps in API documentation, drift in specifications and insufficient safety guardrails, all of which can lead to serious implications for organizations.

The latest Cyber Threat Intelligence Report from Hoxhunt looks at the quantity and quality of threats that bypass firewalls and email filters.

It finds attackers are improving their techniques to create more credible threats which are more likely to slip past defenses. Phishing techniques are improving with cleaner language, more convincing formatting and more believable workflow mimicry.

Security analysts want to capture more events in order to spot threats earlier which requires more detection rules. But doing so risks driving up alert volumes leading to issues with alert fatigue.

The solution is automation which can be used to increase the throughput of alerts and the threat intelligence around these, creating a ‘paranoid’ form of posture management. We talked to Martin Jakobsen, CEO of Cybanetix, to learn more about how this works.
 
BN: What is ‘paranoid posture management’? What does this mean in practice, and how does automation help enable it?
 
MJ: A massive problem for security monitoring is that Security Operation Centres (SOCs) can become overwhelmed by the sheer volume of alerts, as a consequence of which a lot of SOCs end up either ignoring or tuning out low severity alerts. The ideal scenario is to have a big red alert when you have a breach, but the reality is that attackers will make initial forays, and that those telltale signs will be missed. If you’re only looking for the obvious indicators of a breach, incident response is already caught on the back foot.

A new study reveals the extent to which medical professionals’ personal information is publicly available online, leaving them vulnerable to stalking and other forms of threats.

The report from data privacy and personal data removal service Incogni looks at 768 medical department heads from major US hospitals to see what personal information is publicly accessible and shows some concerning results.

Modern social engineering attacks no longer begin and end in the email inbox. They move across identity platforms, SaaS tools, and collaboration apps, exploiting gaps between disconnected security products, and employing increasingly sophisticated techniques to evade traditional defenses and reach end users.

To address these threats AI cybersecurity specialist Darktrace is launching a series of enhancements to Darktrace / EMAIL designed to detect and stop attacks spanning communications channels, strengthen outbound email protections and streamline SOC integrations.

Spreadsheets are essential to modern businesses, used to plan budgets, manage inventory, supervise members, and organize proprietary data. But organizations are becoming increasingly concerned that these tools can leave their internal data exposed to surveillance, tracking, and AI training.

This why Proton is launching Proton Sheets, an easy-to-use private spreadsheet that lets teams collaborate while keeping control of their data.

Previously, a single dominant group tended to define the cybercrime landscape. Now, several actors sustain large-scale operations, with the number of distinct actors nearly tripling from 33 to 89 since 2020.

The latest Security Navigator report from Orange Cyber Defense shows that in Europe, victims of Qilin and Akira have risen by 324 percent and 168 percent respectively.

Most organizations lack the monitoring capabilities and governance policies needed to mitigate risks posed by shadow AI according to a new report.

The survey, of 600 IT leaders across North America, EMEA, and APJ, from Cato Networks finds that while 61 percent of respondents found unauthorized AI tools in their environments, only 26 percent have solutions in place to monitor AI usage. Nearly half (49 percent) of the respondents either don’t track AI usage at all or address AI on a reactive basis.