Blogs & Articles

Management of non-human identities has evolved in response to the rapid adoption of semi-autonomous AI agents. The complex nature of their interactions with both human operators and other agents means that security teams need a more sophisticated approach that uses behavioural context to determine an agent’s permissions. Firms are leveraging an identity management approach mirroring the complexities of human operator requirements, but at a vastly bigger scale.

Between 2025 and 2026, Zscaler embarked on a consequential shift start securing systems making decisions inside them, not just the access.

Global security vendor Sophos has announced its intention to purchase cyber assurance specialist Arco Cyber in a move it says will help companies strengthen their cybersecurity strategy and overall governance. Sophos has positioned the acquisition as a key part of its “Sophos CISO Advantage” proposition, a set of capabilities it says will equip customers with security operations management using agentic AI, integrated platforms, and trusted human expertise delivered via its

Autonomous AI agents can bring significant operational efficiencies, but magnify the risk of vulnerabilities if they are given access permissions that are closer to a human identity

In 2026, the most dangerous “insider” may not be a person at all. It may be a well-intentioned agent with too much authority, too little supervision, and unfettered access to the orchestration layer that binds the enterprise together.

Managed detection and response (MDR) is a mature market. Buyers know what “good” looks like. Providers know what they must deliver. The industry has clearly entered a period of rapid consolidation and realignment. Against that backdrop, LevelBlue’s acquisition of Alert Logic’s MDR business from Fortra may look, at first glance, like another tuck-in in an increasingly crowded market, one where a larger company purchases a smaller company—often with similar products, services,

CrowdStrike announces its intent to buy Seraphic Security and SGNL, kicking-off the industry's 2026 M&A activity!

How AI, post-quantum risk, and geopolitics are reshaping data’s role Richmond Advisory Group recently spoke with Jonathan Nguyen-Duy , CTO of Arqit , about the accelerating convergence of data management, post-quantum cryptography (PQC), AI, and geopolitical pressure. The conversation explored how data is shifting from a passive byproduct of digital systems into a strategic, regulated asset—one that underpins predictive security models, digital sovereignty, and trust in AI-d

As the cybersecurity industry looks ahead to 2026, the challenge is not a lack of predictions, but an overabundance of them—many detached from operational reality or focused on singular technologies in isolation. This blog takes a more grounded view, examining how advances in artificial intelligence, defensive AI automation, and cryptographic resilience intersect with geopolitical instability and long-standing threat behaviors. Rather than treating 2026 as a sharp inflection

Hot on the heels of Palo Alto Networks’ announcement that it plans to buy CyberArk, SentinelOne (aka S1) has flexed its own M&A muscles...

The future of API security lies not just in better detection and protection mechanisms, but in deeper integration with business processes and development workflows. As APIs continue to power digital transformation, their security will remain a critical enabler of business success.

Although it's now a month ago, RSA Conference 2025, seems like yesterday. Richmond Advisory Group shares quick profiles of each of the companies we met with in our "RSA series" This one highlights the MDR provider Expel.