Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Why Traditional Incident Response Retainers Leave CISOs Exposed (and Money on the Table)

I have lost count of the post-incident reviews where the most painful conversation was not about the breach itself. It was about the retainer. A CISO realizes the prepaid hours expired six weeks before the intrusion began. A General Counsel discovers the retained firm is not on the cyber insurance panel and the claim is now in dispute. A board member asks why an organization that paid for "preparedness" spent the first eighteen hours of an incident negotiating scope.

Connecting Custom Agents to Microsoft Agent 365 with the SDK [Part 2]

In Part 1, we covered onboarding Microsoft-native agents and SaaS AI platforms — the paths that need configuration, not code. Now we look at connecting agents that have no native integration — self-built frameworks and agents you build and run yourself. If an agent is missing from the M365 admin center inventory and the import-agents feature doesn’t support it, then the Microsoft Agent 365 SDK may be needed.

Monitoring Agents and SaaS AI Platforms with Microsoft Agent 365 [Part 1]

Agent usage is exploding and in Microsoft 365, agents aren’t monitored by default. Even though it’s early days for tools that can monitor agents, Microsoft’s newly released Agent 365 evolves this new category with some powerful capabilities. Here are some tips for using Microsoft Agent 365 and related tools to monitor agents. Solutions discussed in this post: This is part 1 of a two-part series.

AI Is Reshaping Cyber Risk Faster Than Most Boards Realize

Artificial Intelligence is no longer a future cybersecurity concern. It is actively reshaping how attacks are conducted, how organizations respond, and how business leaders must think about enterprise risk. While much of the conversation around AI has focused on productivity and innovation, threat actors are already leveraging AI to make cyber-attacks faster, more scalable, more convincing, and increasingly difficult to detect.

More Security Tools Rarely Mean Faster Detection

Organizations continue investing heavily in cybersecurity tools, yet many security operations centers (SOCs) still struggle with alert fatigue, investigative delays, and inconsistent response outcomes. The issue is not necessarily a lack of technology. In many environments, it is the opposite. As security stacks expand, operational complexity often expands with them.

CISO's Corner - 6 Observations from Gartner SRM 2026

Artificial Intelligence continued to dominate the conversation, and content, but the key theme throughout the Gartner Security & Risk Management experience was a little bit more subtle. This year, CISOs from all across the globe came to connect, learn, and explore with peers, vendors, and Gartner, navigating individual and business resilience challenges.

What OMB M-26-14 Means for Your Agency and Where to Focus Now

OMB M-26-14 introduces a significant change in how federal agencies approach logging, monitoring, and incident response. Rather than emphasizing volume and retention of log data, the memo centers on how effectively agencies can use telemetry to support detection, investigation, and response across the full threat lifecycle. For cybersecurity leaders, the implication is clear: logging is now closely tied to operational performance.

Day in the Life of a Red Teamer: Thinking Like the Adversary

There’s a persistent myth about red team operators: that the job is all zero-days, glowing terminals, and cinematic “I’m in” moments. The reality is more interesting and far more human. A day in the life of a red teamer is less about chasing flashy exploits and more about understanding how real people, real systems, and real environments fail under pressure.

Why "Private" Hosting Isn't the Same as Secure Hosting

For many organizations, the move to virtual private server (VPS) hosting feels like a natural security upgrade. After all, the word private suggests isolation, control, and protection; especially compared to shared hosting environments. But in practice, private hosting does not automatically mean secure hosting. In fact, without the right security maturity, VPS environments can introduce new risks rather than eliminate old ones.