Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The first time I helped support a control server recovery at a packaging facility, someone asked "How long will this take?" We did not have a good answer. The backup existed. The process to restore it safely in a live production environment did not. We had carried IT assumptions into an OT problem, and it cost the plant an entire shift. IT/OT convergence created a gap that most backup vendors were not built to close. Production systems need continuous uptime.

OT Data Protection & Resilience is the practice of securing industrial control system data, such as PLC logic, HMI configurations, and historian archives, against loss or cyberattack, while ensuring fast recovery to maintain safety and production continuity. In modern industrial environments, the traditional concept of"security as a barrier" is no longer sufficient.

Organizations have traditionally treated phishing emails as a technology problem to be solved with spam filters and secure email gateways. But with phishing attacks on the rise, these tactics are no longer enough. KnowBe4’s 2025 Phishing By Industry Benchmarking Report found a 47% increase in phishing attacks that bypass Microsoft’s native defenses and secure email gateways. Why do they succeed? Because they exploit reliable human behavior.

Cisco polled its major enterprise customers before RSA 2026 and found something astounding. 85% of large enterprises are experimenting with AI agents. Only 5% have moved them into production. That's not a technology gap. The models work. The tools exist. The 80-point spread between experimentation and production is a governance gap. It's also a context gap.

Organisations deploying agents face a challenge: the predominant AI frameworks most organisations rely on do not explicitly address agentic AI. This is true for the big three: ISO 42001, NIST's AI Risk Management Framework (RMF), and the EU AI Act.

Attackers inside OT environments don’t run, they walk slowly, blend in, and map everything before they act. Here’s why cyber deception technology is built for exactly that threat.

AI application security protects AI-powered apps, including those powered by large language models ( LLMs), from unique threats like prompt injection, data poisoning, and model theft. It achieves this by securing the entire lifecycle, including code, data, algorithms, and APIs, using specialized tools and processes that go beyond traditional security measures. It involves securing the AI model’s behavior, training data, and outputs.

COMMENTARY: When the United States and Israel launched coordinated strikes against Iran on February 28, the security community mobilized around the visible response. I’ve watched that response for two weeks: teams tracking hacktivist DDoS campaigns, incident counts climbing, news coverage following close behind.

Most mobile security workflows end in a familiar way. A scan runs, a report is generated, and the output looks reassuring. There are no critical issues, maybe a few medium findings, nothing that blocks a release. The process completes, the team moves forward, and the app ships. At that moment, the assumption is clear. The app has been tested. The risk is understood. But there is a question that rarely gets asked, and it changes the entire conversation.