Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On Monday, April 28, 2025, widespread power outages affected large parts of Spain and Portugal. The exact root cause is still under investigation. These disruptions impacted regional infrastructure supporting connectivity, cloud services, and on-site operations.

Black Friday is retail’s biggest moment—and retail IT’s biggest challenge. Spikes in traffic, strained systems, and the constant fear of outages turn what should be a commercial win into an operational war room. For many retailers, it’s a time of sleepless nights, emergency vendor calls, and systems pushed to their breaking point. But it doesn’t have to be this way.

When I read Eyal’s blog, Why FWaaS is the Only Way Out of Endless Appliance Patching, I imagined a time in the immediate now (oxymoron intended); a time where the word “patching” is as quaint as rotary phones. In my mind, I was Marty McFly, jumping out of the DeLorean, shocked to discover that in the year 2025, we’re still patching appliance boxes. But here’s the kicker: everything has changed. Except the way we think about patching.

The rapid adoption of generative AI (GenAI) in the enterprise is introducing a new category of unmanaged risk known as shadow AI. Organizations frequently lack insight into which employees are using GenAI tools and how they are being accessed, resulting in visibility limitations, policy enforcement challenges, and increased risk of data exposure. Security teams face potential data leaks and compliance violations, while IT teams struggle to integrate GenAI usage into existing governance models.

Swissport International AG is the world’s largest ground-handling company, ensuring seamless operations across 276 airports in 45 countries handling approximately 247 million airline passengers per year, as of the end of 2024. That kind of scale brings complexity. For Swissport’s new IT leadership, that complexity had grown into an unsustainable mix of legacy security controls, fragmented remote access solutions, and painfully slow troubleshooting. Then came the shift.

Generative AI (GenAI) is advancing rapidly, offering significant potential for business transformation. However, it also introduces new security risks. The Model Context Protocol (MCP), an open standard introduced by Anthropic in November 2024, enables seamless integration between GenAI applications and external data sources and tools. MCP is commonly referred to as a USB-C port for GenAI applications.

Today during SASEfy 2025, Cato Networks announced its latest AI innovation. Cato CASB (Cloud Access Security Broker), a native feature in the Cato SASE Cloud Platform, is now enhanced with new capabilities for generative (GenAI) applications including a shadow AI dashboard and policy engine. With the shadow AI dashboard, enterprises can detect, analyze, and gain insights into the use of GenAI. With the policy engine, enterprises can take control of user activities in GenAI applications.

On March 25, OpenAI introduced image generation for ChatGPT-4o and ChatGPT-4o mini. On March 31, it was announced that the tool was available for free to all users. Since then, users have quickly discovered that ChatGPT’s image generator can be manipulated to create fake receipts and forge other documents.

As organizations increasingly depend on SaaS applications, IT teams struggle with visibility and governance. Shadow IT, unmanaged devices, and limited monitoring capabilities create blind spots, exposing enterprises to compliance violations, data exfiltration, and insider threats. Risks don’t come only from unsanctioned applications: even widely used SaaS platforms can become a security liability when not properly controlled.

SASE emerged to address the challenges of digital transformation, providing the means to connect and secure enterprise resources – sites, remote users, and cloud resources — through a single, global network and security stack. The next phase of SASE will extend both its capabilities (what it delivers) and its delivery model (how it operates). AI will play a pivotal role in automating and optimizing SASE, while the scope of SASE will extend beyond the WAN to include LAN and cloud security.

For years, cybersecurity has focused on prevention: blocking threats before they execute. Next-generation anti-malware (NGAM) and signature-based Anti-Malware engines (AM) stop known threats and zero-day attacks. However, as threats grow more sophisticated, organizations also require deep forensic insights to fully understand attack patterns and identify proactive prevention strategies beyond blocking malware, enabling them to strengthen their defenses more effectively.

Gartner predicted that by early this year, over 60% of organizations would be using zero trust as their starting point for security. And no wonder. Cloud migration, hybrid work, and persistent threats have turned security into a minefield, exposing the cracks in old castle and moat, perimeter-based security architectures. Zero Trust aligns with how and where we work today, shifting the perimeter to individual users, devices, and applications—wherever they are.