AI Agents, Context & Governance: Complex but Critical for Risk Management
Management of non-human identities has evolved in response to the rapid adoption of semi-autonomous AI agents. The complex nature of their interactions with both human operators and other agents means that security teams need a more sophisticated approach that uses behavioural context to determine an agent’s permissions. Firms are leveraging an identity management approach mirroring the complexities of human operator requirements, but at a vastly bigger scale.
Feb 26
Zscaler’s Strategic Pivot (2025–2026): Seeking to Secure the Logic Layer in the MDR 3.0 and Agentic AI Era
Between 2025 and 2026, Zscaler embarked on a consequential shift start securing systems making decisions inside them, not just the access.
Feb 18
Sophos to acquire Arco Cyber: provides channel with enhanced GRC capabilities
Global security vendor Sophos has announced its intention to purchase cyber assurance specialist Arco Cyber in a move it says will help companies strengthen their cybersecurity strategy and overall governance. Sophos has positioned the acquisition as a key part of its “Sophos CISO Advantage” proposition, a set of capabilities it says will equip customers with security operations management using agentic AI, integrated platforms, and trusted human expertise delivered via its
Feb 18
As AI Agents Become Pervasive, Identity Matters Even More
Autonomous AI agents can bring significant operational efficiencies, but magnify the risk of vulnerabilities if they are given access permissions that are closer to a human identity
Feb 11
The MFA Killer: Why Your AI Assistant is the New Insider Threat and What to Do About it
In 2026, the most dangerous “insider” may not be a person at all. It may be a well-intentioned agent with too much authority, too little supervision, and unfettered access to the orchestration layer that binds the enterprise together.
Feb 5
CrowdStrike to buy Seraphic Security & SGNL in January Acquisition Spree
CrowdStrike announces its intent to buy Seraphic Security and SGNL, kicking-off the industry's 2026 M&A activity!
Jan 28
Stealth AI, Defensive Agents & Quantum Resilience: The 2026 Cybersecurity Battle Lines are Drawn
As the cybersecurity industry looks ahead to 2026, the challenge is not a lack of predictions, but an overabundance of them—many detached from operational reality or focused on singular technologies in isolation. This blog takes a more grounded view, examining how advances in artificial intelligence, defensive AI automation, and cryptographic resilience intersect with geopolitical instability and long-standing threat behaviors. Rather than treating 2026 as a sharp inflection
Dec 31, 2025
SentinelOne acquires Prompt Security: Agentic AI protection takes centre stage
Hot on the heels of Palo Alto Networks’ announcement that it plans to buy CyberArk, SentinelOne (aka S1) has flexed its own M&A muscles...
Aug 11, 2025
Expel Meeting Summary - RSA Conference 2025
Although it's now a month ago, RSA Conference 2025, seems like yesterday. Richmond Advisory Group shares quick profiles of each of the companies we met with in our "RSA series" This one highlights the MDR provider Expel.
May 30, 2025
IBM: An RSAC 2025 Meet & Greet Summary
Richmond Advisory Group shares quick summaries of the discussions we had at RSAC2025 in our "RSA series". This is about IBM and Palo Alto Networks.
May 22, 2025