Epoch Theory and the Future of Vulnerability Management
Epoch Theory is Jeremiah Grossman’s framework for understanding how cybersecurity evolves in distinct phases driven by attacker behavior, not defensive intention.
Article
The Five Most Important Enacted AI Regulations Affecting US and European Organizations
The world moved swiftly to adopt enterprise AI. Here come the regulations. In this story, we cover what security and risk teams need to know to weather the new regulatory waters.
How Gootloader Weaponizes Format Flaws to Evade Detection
For security teams, the message is sobering: initial access brokers such as Gootloader operate at sophisticated technical levels, leverage specialized knowledge of file-format quirks, and maintain operational resilience through rapid innovation.
Too Many Cybersecurity Tools: How To Declutter Through Platformization
For enterprises eager to consolidate their tools, success will take the form of "platformization" of enterprise security stacks.
2025: The Year the World Learned Cybersecurity is Increasingly Unmanageable
We picked the top three news events of 2025. It wasn't easy: and neither will be 2026.
Security Experts Share Their 2026 Cybersecurity Predictions
Here are the predictions we believe will have significant impacts on security professionals in the year ahead: the bad and the good.
Quantum Security Spending Hits a Tipping Point: Why 5% of Security Budgets Now Belong to Post-Quantum Migration
This isn't marginal spending on a future-state concern—it's an immediate, substantial commitment that many CISOs now see as a priority.
AI-Generated Code Is Already Running Critical Infrastructure: Can AppSec Keep Up?
Traditional security tools were designed when code changes were measured in hundreds of lines per sprint and development cycles lasted weeks. Today, AI accelerates code production to thousands of lines daily with fundamentally different patterns than human-written code.
Why Forrester Says Your Agentic AI Deployment Will Cause a Breach in 2026
The agentic AI governance gap is a fundamental enterprise weakness. Sixty-three percent of organizations lack AI governance policies, according to IBM's research. This creates a complete lack of any meaningful organizational control over these deployments.
Default Configurations, Dangerous Defaults, and ServiceNow's AI Agent Discovery
New research highlights the gap between how technology is designed to work and how it's actually safely operated.
AI-Powered Espionage Disclosure: Industry Questions Value of Anthropic's Postmortem
Anthropic's disclosure lacked important elements, which explains the professional criticism that erupted despite the potmortem's potential significance. And while the post is marketing for Anthropic, it also provides strategic threat context for security executives.
The Real AI Threat and the Blurred Lines Between Actual Risk and Marketing Hype
AI-driven attacks are real, and they’re occurring. But to paraphrase cyberpunk writing pioneer William Gibson, “The future is already here – it's just not evenly distributed."
Forrester's 2026 Cybersecurity Predictions
2026 will bring CISOs and security professionals potential AI breaches, tight infrastructure regulation, a new European Union vulnerability database, quantum security growth, and merger and acquisition shifts.
F5 CEO Provides Update on Status of Nation-State Intrusion
The breach has triggered a reckoning with security blind spots that extend far beyond one company's network.
Cybersecurity's Talent Paradox: Why So Many Open Jobs Likely Coexist with Career Chaos
The field desperately needs people, but neither employers nor job seekers seem yet to fully align on what skills those people should possess in an AI-dominated future.
Top 10 Cybersecurity-Related Jobs with the Highest Projected Demand
We've examined the available cybersecurity job demand data and projected job growth based on our synthesis of authoritative sources.