Blogs & Articles

With contributions from Christina Richmond. The current escalation involving Iran, Israel, and the United States marks a clear transition in the doctrine of modern conflict. Military operations, economic disruption, and cyber activity unfold simultaneously and influence one another in real time. The conflict illustrates a broader transformation in geopolitical competition that has been unfolding in isolated silos; this war brings those dynamics together at once. Cyber campaig

Management of non-human identities has evolved in response to the rapid adoption of semi-autonomous AI agents. The complex nature of their interactions with both human operators and other agents means that security teams need a more sophisticated approach that uses behavioural context to determine an agent’s permissions. Firms are leveraging an identity management approach mirroring the complexities of human operator requirements, but at a vastly bigger scale.

Between 2025 and 2026, Zscaler embarked on a consequential shift start securing systems making decisions inside them, not just the access.

Global security vendor Sophos has announced its intention to purchase cyber assurance specialist Arco Cyber in a move it says will help companies strengthen their cybersecurity strategy and overall governance. Sophos has positioned the acquisition as a key part of its “Sophos CISO Advantage” proposition, a set of capabilities it says will equip customers with security operations management using agentic AI, integrated platforms, and trusted human expertise delivered via its

Autonomous AI agents can bring significant operational efficiencies, but magnify the risk of vulnerabilities if they are given access permissions that are closer to a human identity

In 2026, the most dangerous “insider” may not be a person at all. It may be a well-intentioned agent with too much authority, too little supervision, and unfettered access to the orchestration layer that binds the enterprise together.

Managed detection and response (MDR) is a mature market. Buyers know what “good” looks like. Providers know what they must deliver. The industry has clearly entered a period of rapid consolidation and realignment. Against that backdrop, LevelBlue’s acquisition of Alert Logic’s MDR business from Fortra may look, at first glance, like another tuck-in in an increasingly crowded market, one where a larger company purchases a smaller company—often with similar products, services,

CrowdStrike announces its intent to buy Seraphic Security and SGNL, kicking-off the industry's 2026 M&A activity!

How AI, post-quantum risk, and geopolitics are reshaping data’s role Richmond Advisory Group recently spoke with Jonathan Nguyen-Duy , CTO of Arqit , about the accelerating convergence of data management, post-quantum cryptography (PQC), AI, and geopolitical pressure. The conversation explored how data is shifting from a passive byproduct of digital systems into a strategic, regulated asset—one that underpins predictive security models, digital sovereignty, and trust in AI-d

As the cybersecurity industry looks ahead to 2026, the challenge is not a lack of predictions, but an overabundance of them—many detached from operational reality or focused on singular technologies in isolation. This blog takes a more grounded view, examining how advances in artificial intelligence, defensive AI automation, and cryptographic resilience intersect with geopolitical instability and long-standing threat behaviors. Rather than treating 2026 as a sharp inflection

In the cybersecurity industry, 2025 was a notable year. At one end of the scale, startups emerged from stealth following multi-million-dollar equity injections by well-funded, private investment firms. At the other end, security product and services vendors continued to consolidate, following an uptick in acquisition activity, fueled by eye-watering levels of cash injections. Many purchasers were known serial acquirers – Google buying Wiz, Palo Alto Network’s purchasing of Cy

Every year from November onwards, we start to receive press releases, “thought leadership” reports, LinkedIn posts and DMs about predictions around how the technology and cybersecurity markets will develop during the following year. This year the volume has increased, but the noticeable uniformity of the content points to the wider use of GenAI tools, producing a mass of generic predictions. So many people commenting on their experiences made us ask: should we just avoid maki

(And It Says Something Important About Where Endpoint Security Is Headed)  HP, Inc doesn’t usually get mentioned in the same breath as the “cool kids” of cybersecurity. That’s partly because they’ve never really tried to play that role, and partly because the market still tends to think of HP as a hardware company with security features bolted on.  That framing isn’t wrong, exactly. But it’s incomplete.  After attending HP’s analyst event earlier this month and digging into

Legacy telecommunications companies have a reputation problem. They are often perceived as slow-moving, debt-laden utilities, struggling to find relevance in an era dominated by cloud computing and artificial intelligence. Trapped by aging infrastructure and a commoditized business model, they seem more focused on managing decline than driving innovation. Legacy telco! Against this backdrop, Lumen Technologies is attempting a fundamental reboot. The company, burdened by the

Hot on the heels of Palo Alto Networks’ announcement that it plans to buy CyberArk, SentinelOne (aka S1) has flexed its own M&A muscles...

LevelBlue’s acquisition of Trustwave marks a significant step in the evolution of the managed security services market. The companies aim to form a global pure-play MSSP powerhouse, with over $1 billion in annual revenue, 2,000+ employees, and a customer base exceeding 30,000 organizations.

At the InfoSecurity Europe 2025 show in June, Richmond Advisory Group met with cybersecurity practitioners, vendors and service providers...

The future of API security lies not just in better detection and protection mechanisms, but in deeper integration with business processes and development workflows. As APIs continue to power digital transformation, their security will remain a critical enabler of business success.

LevelBlue, a global leader in cloud-based, AI-driven managed security services, has signed a definitive agreement to acquire Aon's Cybersecurity and Intellectual Property (IP) Litigation consulting groups, which include recognized cybersecurity firm Stroz Friedberg, and Elysium Digital.

Fresh off the RSA Conference 2025, Richmond Advisory Group shares quick profiles of each of the companies we met with as an "RSA Series”....

Fresh off the RSA Conference 2025, Richmond Advisory Group shares quick profiles of each of the companies we met with as an "RSA Series”. This one is on SafeBreach.

Fresh off the RSA Conference 2025, Richmond Advisory Group shares quick profiles of each of the companies we met with as an "RSA Series”....

Although it's now a month ago, RSA Conference 2025, seems like yesterday. Richmond Advisory Group shares quick profiles of each of the companies we met with in our "RSA series" This one highlights the MDR provider Expel.

The cloud security landscape continues to evolve rapidly, and with this acquisition, Google is making a bold statement about its commitment to enterprise security with its acquisition of Wiz.

Richmond Advisory Group shares quick summaries of the discussions we had at RSAC2025 in our "RSA series". This is about IBM and Palo Alto Networks.

Fresh off the RSA Conference 2025, Richmond Advisory Group shares quick profiles of each of the companies we met with in our "RSA-May series". This one is about Netcraft.

A quick conversation about Google DeepMind's “A Framework for Evaluating Emerging Cyberattack Capabilities of AI.”

By Christina Richmond The Announcement The cybersecurity landscape continues to evolve with an increasing focus on proactive security...

We’re excited to announce that Rory Duncan , a renowned technologist, analyst, and writer, is bringing his expertise to Richmond Advisory...

For Arctic Wolf, the acquisition of Cylance could be transformative, but success isn't guaranteed. The real test will be multifaceted.