Blogs & Articles

The cybersecurity industry has come a long way since threat hunting was considered a new and much more advanced form of threat detection and response. Like any evolution, there have been distinct stages of development - as well as instances where generational “leaps” have potentially been made. The emerging use of agentic AI in automating hunting tasks has the potential to considerably change the game - for defenders as well as attackers.

Two Richmond Advisory syndicated studies - the 2025 AI Security Perception Study and the 2026 Agentic AI Study - provide an understanding of enterprise AI in its "professionalization phase."

I have always thought of IBM as a technology innovator. That has never really been the question for me. IBM has invented, reinvented, contributed to, or commercialized more enterprise technology than most companies ever will. It has deep engineering roots, real research credibility, and a long history of showing up in infrastructure markets before they are obvious to everyone else. What I did not fully appreciate before spending a day with IBM Consulting on Monday, May 4, was

With Mythos, the "hair on fire" of cybersecurity has become a bonfire.

Carol Anderson, President of Imagent Inc., interviewed Rock Lambros. Agentic AI requires new thinking about governance Richmond Advisory Group recently interviewed Rock Lambros , Director of AI Standards and Governance at Zenity and Founder of RockCyber. The conversation explored the inevitability and necessity of using AI to govern AI, with insights into humans in the loop, non-human identities, and OpenClaw. Why this matters Traditional governance thinking and processes

As attackers use AI to create threats at scale and at machine speed, agents are already being used by many MDR and DXR vendors and service providers to supply autonomous features that assist human operators and augment existing security tools.

They Are Design Signals Over the past year, a series of so-called “leaks” involving large language models (LLMs) and emerging agentic systems have captured industry attention. The most cited example is the exposure of system prompts and behavioral scaffolding behind models like Claude from Anthropic, alongside similar disclosures affecting models from OpenAI. These events have often been framed as isolated incidents or, alternatively, dismissed as overblown artifacts of jailb

As artificial intelligence systems become more capable and more embedded in business operations, a central question continues to surface: How do you ensure these systems behave in ways that are useful, safe, and aligned with human intent? One of the more influential answers to emerge in recent years is Constitutional AI , an approach pioneered by Anthropic . How AI moves from training to the reinforcement phase in "Constitutional AI" (AI generated image) At its core, Constitu

Managed detection and response did not emerge as a fully formed category. It grew out of a very specific problem. Organizations bought better tools, but too many still lacked the people, process, and operational maturity to run them well around the clock. What began in the mid-2010s as a service layer around endpoint detection and response (EDR) has since evolved into something much broader: a security operations model that spans endpoint, identity, cloud, email, SaaS, and no

Every MDR market conversation starts with the obvious names. But dark horses are not simply smaller vendors or long shots - they are the companies that could meaningfully reshape shortlists because they are changing the rules, not just competing inside the old ones. That is the more interesting question for 2026.

With contributions from Christina Richmond. The current escalation involving Iran, Israel, and the United States marks a clear transition in the doctrine of modern conflict. Military operations, economic disruption, and cyber activity unfold simultaneously and influence one another in real time. The conflict illustrates a broader transformation in geopolitical competition that has been unfolding in isolated silos; this war brings those dynamics together at once. Cyber campaig

Management of non-human identities has evolved in response to the rapid adoption of semi-autonomous AI agents. The complex nature of their interactions with both human operators and other agents means that security teams need a more sophisticated approach that uses behavioural context to determine an agent’s permissions. Firms are leveraging an identity management approach mirroring the complexities of human operator requirements, but at a vastly bigger scale.

Between 2025 and 2026, Zscaler embarked on a consequential shift start securing systems making decisions inside them, not just the access.

Global security vendor Sophos has announced its intention to purchase cyber assurance specialist Arco Cyber in a move it says will help companies strengthen their cybersecurity strategy and overall governance. Sophos has positioned the acquisition as a key part of its “Sophos CISO Advantage” proposition, a set of capabilities it says will equip customers with security operations management using agentic AI, integrated platforms, and trusted human expertise delivered via its

Autonomous AI agents can bring significant operational efficiencies, but magnify the risk of vulnerabilities if they are given access permissions that are closer to a human identity

In 2026, the most dangerous “insider” may not be a person at all. It may be a well-intentioned agent with too much authority, too little supervision, and unfettered access to the orchestration layer that binds the enterprise together.

Managed detection and response (MDR) is a mature market. Buyers know what “good” looks like. Providers know what they must deliver. The industry has clearly entered a period of rapid consolidation and realignment. Against that backdrop, LevelBlue’s acquisition of Alert Logic’s MDR business from Fortra may look, at first glance, like another tuck-in in an increasingly crowded market, one where a larger company purchases a smaller company—often with similar products, services,

CrowdStrike announces its intent to buy Seraphic Security and SGNL, kicking-off the industry's 2026 M&A activity!

How AI, post-quantum risk, and geopolitics are reshaping data’s role Richmond Advisory Group recently spoke with Jonathan Nguyen-Duy , CTO of Arqit , about the accelerating convergence of data management, post-quantum cryptography (PQC), AI, and geopolitical pressure. The conversation explored how data is shifting from a passive byproduct of digital systems into a strategic, regulated asset—one that underpins predictive security models, digital sovereignty, and trust in AI-d

As the cybersecurity industry looks ahead to 2026, the challenge is not a lack of predictions, but an overabundance of them—many detached from operational reality or focused on singular technologies in isolation. This blog takes a more grounded view, examining how advances in artificial intelligence, defensive AI automation, and cryptographic resilience intersect with geopolitical instability and long-standing threat behaviors. Rather than treating 2026 as a sharp inflection

In the cybersecurity industry, 2025 was a notable year. At one end of the scale, startups emerged from stealth following multi-million-dollar equity injections by well-funded, private investment firms. At the other end, security product and services vendors continued to consolidate, following an uptick in acquisition activity, fueled by eye-watering levels of cash injections. Many purchasers were known serial acquirers – Google buying Wiz, Palo Alto Network’s purchasing of Cy

Every year from November onwards, we start to receive press releases, “thought leadership” reports, LinkedIn posts and DMs about predictions around how the technology and cybersecurity markets will develop during the following year. This year the volume has increased, but the noticeable uniformity of the content points to the wider use of GenAI tools, producing a mass of generic predictions. So many people commenting on their experiences made us ask: should we just avoid maki

(And It Says Something Important About Where Endpoint Security Is Headed) HP, Inc doesn’t usually get mentioned in the same breath as the “cool kids” of cybersecurity. That’s partly because they’ve never really tried to play that role, and partly because the market still tends to think of HP as a hardware company with security features bolted on. That framing isn’t wrong, exactly. But it’s incomplete. After attending HP’s analyst event earlier this month and digging into

Legacy telecommunications companies have a reputation problem. They are often perceived as slow-moving, debt-laden utilities, struggling to find relevance in an era dominated by cloud computing and artificial intelligence. Trapped by aging infrastructure and a commoditized business model, they seem more focused on managing decline than driving innovation. Legacy telco! Against this backdrop, Lumen Technologies is attempting a fundamental reboot. The company, burdened by the

Hot on the heels of Palo Alto Networks’ announcement that it plans to buy CyberArk, SentinelOne (aka S1) has flexed its own M&A muscles...

LevelBlue’s acquisition of Trustwave marks a significant step in the evolution of the managed security services market. The companies aim to form a global pure-play MSSP powerhouse, with over $1 billion in annual revenue, 2,000+ employees, and a customer base exceeding 30,000 organizations.

At the InfoSecurity Europe 2025 show in June, Richmond Advisory Group met with cybersecurity practitioners, vendors and service providers...

The future of API security lies not just in better detection and protection mechanisms, but in deeper integration with business processes and development workflows. As APIs continue to power digital transformation, their security will remain a critical enabler of business success.

LevelBlue, a global leader in cloud-based, AI-driven managed security services, has signed a definitive agreement to acquire Aon's Cybersecurity and Intellectual Property (IP) Litigation consulting groups, which include recognized cybersecurity firm Stroz Friedberg, and Elysium Digital.

Fresh off the RSA Conference 2025, Richmond Advisory Group shares quick profiles of each of the companies we met with as an "RSA Series”....