Tag:

cybersecurity

Tech

Is China’s ‘reverse Great Firewall’ quietly blocking global access to official data?

by Chief Editor
written by Chief Editor

China’s “Reverse Great Firewall”: A Growing Information Blackout

Access to Chinese public information is becoming increasingly restricted for those outside the country, according to a recent study. A growing number of official Chinese government websites are inaccessible to overseas researchers, policymakers, businesses, and even casual internet users. This isn’t a sudden shift, but a gradual contraction that experts are calling a “reverse Great Firewall.”

The Rise of Geo-Blocking

For years, the “Great Firewall” has been synonymous with China’s control over information *within* its borders, censoring content and restricting access to foreign websites. Now, China appears to be implementing similar tactics to control the flow of information *out* of the country. This new approach centers on geo-blocking – a technique that identifies a user’s location via their IP address and restricts access accordingly.

Vincent Brussee, a PhD candidate at Leiden University in the Netherlands and author of a recent paper on the subject published in the Journal of Cybersecurity, notes that China is “pioneering geo-blocking in the same way as they pioneered the ‘original’ Great Firewall.” This suggests a deliberate strategy to prevent foreign data mining and open-source intelligence gathering.

Why the Change? Concerns Over Data Security and Control

The motivations behind this shift are likely multifaceted. Increased concerns over data security and the desire to control the narrative surrounding China are key drivers. By limiting access to official information, Beijing can potentially shape the understanding of its policies and actions on the international stage.

This also impacts businesses operating in or researching the Chinese market. Access to official data is crucial for due diligence, market analysis, and risk assessment. The shrinking availability of this information creates challenges and uncertainties for foreign companies.

Implications for Open-Source Intelligence

Open-source intelligence (OSINT) relies heavily on publicly available data. The “reverse Great Firewall” directly undermines OSINT efforts focused on China. Researchers and analysts who previously relied on Chinese government websites for information will now face significant obstacles. This could lead to a greater reliance on less reliable sources or increased costs associated with alternative data collection methods.

What Does This Mean for the Future?

The trend towards increased information control is likely to continue. We can anticipate several potential developments:

  • Expansion of Geo-Blocking: More Chinese government websites and databases will likely turn into inaccessible from outside the country.
  • Sophisticated Blocking Techniques: China may employ more advanced techniques to circumvent VPNs and other tools used to bypass geo-restrictions.
  • Increased Focus on Domestic Narratives: Beijing will likely prioritize the dissemination of information through state-controlled media channels, further shaping the global perception of China.
  • Greater Scrutiny of Data Collection: Increased regulation and oversight of data collection activities by foreign entities within China.
Pro Tip: When researching China, diversify your sources. Relying solely on official Chinese government websites is no longer a viable strategy. Explore academic databases, international organizations, and reputable news outlets.

FAQ

Q: What is the Great Firewall?
A: The Great Firewall is the combination of legislative actions and technologies used by China to regulate the internet within its borders.

Q: What is geo-blocking?
A: Geo-blocking restricts access to online content based on a user’s geographic location, typically determined by their IP address.

Q: Will VPNs still work to access blocked websites?
A: While VPNs can sometimes bypass geo-restrictions, China is actively working to block VPN services, so their effectiveness is not guaranteed.

Q: What impact will this have on businesses?
A: Businesses may face challenges in gathering market intelligence and conducting due diligence in China due to limited access to official data.

Q: Is this a new phenomenon?
A: While the term “reverse Great Firewall” is recent, the trend of restricting access to information for foreign entities has been gradually increasing.

Want to learn more about cybersecurity and information control? Explore our other articles or subscribe to our newsletter for the latest updates.

0 comments
0 FacebookTwitterPinterestEmail
Tech

10 Best Enterprise Cybersecurity Solutions Providers to Watch in 2026 » World Business Outlook

by Chief Editor
written by Chief Editor

The Evolving Landscape of Cybersecurity: Beyond Zero Trust in 2026

Cyberattacks are a constant threat. Organizations currently block an average of 1,636 intrusion attempts weekly, and a staggering 98% of public-facing web applications still contain known vulnerabilities. This escalating risk is driving boards to prioritize security, particularly in light of new incident-disclosure rules.

The Rise of AI-Driven Security and the Vendor Maze

Despite the urgency, security leaders face a complex market. Approximately 3,000 vendors claim to offer “zero trust” or “AI-driven” protection, creating a crowded field with finite budgets. The need for a curated shortlist of partners – those demonstrating breadth, research and development momentum, proven results, and strong channel support – is paramount.

Zero Trust: From Mandate to Maturity

The U.S. Government’s push for Zero Trust Architecture, formalized in a 2021 Executive Order, has become a cornerstone of modern cybersecurity. Zero Trust operates on the principle of “never trust, always verify,” requiring continuous authentication and authorization for every user, device, and application. The U.S. Army Communications-Electronics Command (CECOM) Software Engineering Center (SEC) is actively leading the implementation of this architecture.

The focus is shifting from simply adopting Zero Trust as a framework to achieving true Zero Trust maturity. This involves integrating Zero Trust principles into existing systems, leveraging existing risk management frameworks (RMF) to enhance security without duplication of effort.

Beyond the Top Ten: Key Trends Shaping 2026

While a select group of providers – including Palo Alto Networks, TD SYNNEX, Cisco, Microsoft Security, and Fortinet – are leading the charge, several key trends are reshaping the cybersecurity landscape.

The Expanding Role of Managed Security Service Providers (MSSPs)

The complexity of modern threats and the shortage of skilled cybersecurity professionals are driving demand for MSSPs. These providers offer 24/7 monitoring, threat detection, and incident response services, allowing organizations to outsource their security operations.

Supply Chain Security Takes Center Stage

Recent breaches have highlighted the vulnerability of supply chains. Organizations are increasingly scrutinizing the security practices of their vendors and implementing measures to mitigate supply chain risks. Transparency and robust vendor risk management programs are becoming essential.

Sustainability as a Security Imperative

Environmental, Social, and Governance (ESG) considerations are influencing security decisions. Organizations are seeking energy-efficient security solutions and providers with a commitment to sustainability. Fortinet’s energy-efficient ASICs and Microsoft’s carbon-neutral data centers are examples of this trend.

The Convergence of Security and Networking

Cisco’s strategy of integrating security into its networking infrastructure exemplifies a growing trend. By embedding security features into switches, routers, and cloud services, organizations can create a more secure and resilient network.

Framework Alignment and Ecosystem Strength

Choosing a security partner requires careful consideration. Mapping vendors to frameworks like the NIST Cybersecurity Framework helps identify coverage gaps. A strong partner ecosystem, like that offered by TD SYNNEX, provides access to a wide range of tools and expertise.

Did you know? A Forrester study found that a consolidated Palo Alto Networks deployment can yield a three-year ROI of 163%.

The Importance of Skills Enablement

Technology alone is not enough. Organizations need skilled professionals to operate and maintain their security systems. Providers offering robust training programs, such as Fortinet’s NSE training, are valuable partners.

Pro Tip: Prioritize vendors that invest in cybersecurity training and certification programs for your team.

FAQ: Navigating the Cybersecurity Landscape

  • What is Zero Trust? A security framework based on the principle of “never trust, always verify,” requiring continuous authentication and authorization.
  • Why is supply chain security important? Supply chains are increasingly targeted by attackers, making vendor risk management crucial.
  • How can MSSPs help my organization? MSSPs provide 24/7 monitoring, threat detection, and incident response services.
  • What role does AI play in cybersecurity? AI is used for threat detection, incident response, and automation of security tasks.

Choosing the right security partner is a critical decision. Consider your organization’s specific needs, risk profile, and budget. Focus on providers that offer a comprehensive approach to security, a commitment to innovation, and a strong track record of success.

What are your biggest cybersecurity challenges? Share your thoughts in the comments below!

0 comments
0 FacebookTwitterPinterestEmail
Tech

From Physics to Securing the Internet: The Story of FreeRADIUS Founder Alan DeKok

by Chief Editor
written by Chief Editor

From Physics to Securing the Internet: The Enduring Legacy of FreeRADIUS and the Future of Network Authentication

Alan DeKok’s journey from nuclear physics to becoming a leading figure in network security is a testament to the power of adaptability and the often-unforeseen opportunities that arise from pursuing one’s curiosity. His creation, FreeRADIUS, a foundational open-source software for authenticating users, quietly underpins a significant portion of internet access worldwide – from major internet service providers to university Wi-Fi networks.

The Unseen Foundation of Internet Security

Most internet users are unaware of the complex processes happening behind the scenes to verify their identity and grant access to online resources. FreeRADIUS acts as that gatekeeper, a critical component of the Remote Authentication Dial-In User Service (RADIUS) protocol. It’s a system DeKok began developing as a side project in the late 1990s, recognizing a gap in the market for actively maintained open-source RADIUS servers.

From Strawberries to Subatomic Particles: A Unique Skillset

DeKok’s path wasn’t a direct line to technology. Growing up on a farm, he quickly realized a preference for the challenges of 8-bit computers over agricultural labor. This led him to pursue a Bachelor’s and Master’s degree in physics at Carleton University. He found physics appealing due to its blend of mathematics and practical application. His work at the Sudbury Neutrino Observatory, managing a water-purification system achieving an astonishing one atom of impurity per cubic meter, honed his problem-solving skills.

Pro Tip: DeKok emphasizes that the ability to understand the “big picture” and break down complex problems into manageable pieces – skills honed during his physics studies – are invaluable in the rapidly evolving field of network security.

The Rise of FreeRADIUS and InkBridge Networks

After stints at Gandalf and CryptoCard, DeKok founded NetworkRADIUS (now InkBridge Networks) in 2008, driven by a desire to continue developing and supporting FreeRADIUS. Today, the software is used by an estimated 100 million people daily, and InkBridge Networks employs experts across Canada, France, and the United Kingdom. DeKok estimates that at least half of the world’s internet users rely on his software for authentication.

Why RADIUS Endures: Simplicity and Implementation

Despite the emergence of alternative protocols like Diameter, RADIUS continues to thrive. While Diameter offered potential improvements, RADIUS’s simplicity and widespread existing implementation have given it a significant advantage. DeKok believes RADIUS is “never going to go away,” citing the billions of dollars of equipment currently running the protocol.

The Open-Source Advantage

DeKok attributes FreeRADIUS’s success to its open-source nature. Initially adopted as a way to enter the market with limited funding, open-sourcing allowed FreeRADIUS to compete effectively with larger companies and establish itself as an industry-leading product. This collaborative approach fosters innovation and ensures the software remains adaptable to evolving security threats.

The Future of Network Authentication: Beyond Passwords

While FreeRADIUS remains a cornerstone of network security, the landscape of authentication is rapidly changing. Several trends are poised to shape the future of how users access networks and online services:

Multi-Factor Authentication (MFA) Expansion

The increasing sophistication of cyberattacks is driving the adoption of MFA. While traditionally relying on SMS codes or authenticator apps, future MFA solutions will likely integrate biometric authentication (fingerprint, facial recognition) and passwordless technologies.

Passwordless Authentication

Passwordless authentication methods, such as WebAuthn and FIDO2, are gaining traction. These technologies leverage cryptographic keys stored on devices to verify user identity, eliminating the need for passwords altogether. This reduces the risk of phishing attacks and improves user experience.

Zero Trust Network Access (ZTNA)

ZTNA is a security model based on the principle of “never trust, always verify.” Unlike traditional VPNs, ZTNA provides granular access control based on user identity, device posture, and application context. This approach minimizes the attack surface and enhances security for remote access.

AI and Machine Learning in Authentication

Artificial intelligence (AI) and machine learning (ML) are being used to detect and prevent fraudulent authentication attempts. ML algorithms can analyze user behavior patterns to identify anomalies and flag suspicious activity, providing an additional layer of security.

Frequently Asked Questions (FAQ)

  • What is FreeRADIUS? FreeRADIUS is an open-source implementation of the RADIUS protocol, used for authenticating users and controlling network access.
  • Who uses FreeRADIUS? Major internet service providers, financial institutions, universities, and other organizations rely on FreeRADIUS for network security.
  • What is the RADIUS protocol? RADIUS is a networking protocol that provides centralized authentication, authorization, and accounting (AAA) services.
  • Is FreeRADIUS secure? FreeRADIUS is actively maintained and regularly updated to address security vulnerabilities.

Alan DeKok’s story highlights the importance of adaptability, continuous learning, and the often-serendipitous nature of career paths. As network security continues to evolve, the principles he embodies – a focus on foundational knowledge, a willingness to embrace new technologies, and a commitment to open collaboration – will remain essential for securing the internet for years to come.

Explore more articles on network security and open-source technologies.

0 comments
0 FacebookTwitterPinterestEmail
Tech

India-made world-class cybersecurity IP – The HinduBusinessLine

by Chief Editor
written by Chief Editor

India’s Cybersecurity Startups: From Niche Services to Global Platforms

India’s cybersecurity landscape is undergoing a significant transformation. Startups are moving beyond traditional services and focusing on product-led platforms, driven by increasing digitization, the growing sophistication of AI-powered threats, and the implementation of new data protection regulations like the Digital Personal Data Protection (DPDP) Act.

The Rise of Product-Led Cybersecurity

Over the last five years, India’s cybersecurity sector has experienced rapid growth, expanding from $1.05 billion to $2.05 billion, representing a 34% compound annual growth rate. This expansion is fueled by a shift towards innovation and intellectual property (IP) development. According to the Data Security Council of India (DSCI), approximately 55% of product companies’ revenue now originates from global markets.

Navigating the Challenges: Trust and Investment

Despite the promising growth, Indian cybersecurity startups face two key hurdles. First, building sufficient trust and capability to effectively compete with established global players. Second, securing the long-term investment needed to mature into independent, global entities, rather than becoming acquisition targets.

Glocalization: A Competitive Advantage

The Indian cybersecurity ecosystem is concentrated in major cities like Bengaluru, Pune, Delhi, and Mumbai. Internationally, North America, West Asia, and Southeast Asia are emerging as key markets. Indian startups possess a unique advantage through localized understanding of threats, particularly in sectors like BFSI, manufacturing, and healthcare. This allows them to deliver contextual and actionable threat intelligence tailored to specific geographies and industries.

The DPDP Act and its Impact

The DPDP Act, 2023 and the DPDP Rules, 2025 are reshaping India’s data protection landscape. This new legal framework elevates cybersecurity from a standard IT obligation to a statutory, enterprise-wide, board-level responsibility. Rule 6 of the DPDP Rules specifically outlines the operational architecture for reasonable security safeguards, imposing explicit minimum security standards and strict breach-prevention obligations.

Funding and Innovation: A Positive Trend

Nearly 39% of Indian cybersecurity companies have secured external funding, with most receiving capital within two years of inception. In 2024-25, over 110 patents were filed, demonstrating active innovation and IP development within the sector. This indicates a strong appetite for early-stage investment.

The Trust Factor: A Critical Bottleneck

While technical capabilities are improving, establishing enterprise trust remains a significant challenge. Indian startups often underestimate the length of enterprise sales cycles and the investment required in customer success infrastructure. Demonstrating a proven track record in incident response, achieving rigorous compliance certifications, and consistently delivering results are crucial for building trust.

Consolidation and Acquisition: The Likely Future

Strategic consolidation is anticipated across specific verticals. Indian companies are likely to dominate categories where regional expertise is valuable, such as supply chain security and digital payment fraud. However, many startups may ultimately be acquired by larger incumbents rather than becoming independent global players.

AI Security: A New Frontier

Many large technology players offer generic AI security solutions that address common risks like prompt injection and data leakage. However, startups are winning by offering faster response times, focused solutions, and deep alignment with customer needs. They are uniquely positioned to adapt quickly and deliver secure-by-design AI systems, providing agility and security control in an AI-first world.

Did you know?

The DPDP Act imposes penalties of up to ₹250 crore (approximately $30 million USD) for breach-related failures.

FAQ

Q: What is the DPDP Act?
A: The Digital Personal Data Protection Act, 2023 is a new law in India designed to protect personal data and regulate how We see processed.

Q: What are the key challenges for Indian cybersecurity startups?
A: Building trust with enterprises and securing long-term investment are the primary challenges.

Q: What is the role of AI in cybersecurity?
A: AI is both a threat and an opportunity. Startups are focusing on developing AI-powered security solutions that are agile and adaptable.

Q: Where are the key markets for Indian cybersecurity products?
A: North America, West Asia, and Southeast Asia are emerging as significant markets.

Q: What is Rule 6 of the DPDP Rules?
A: Rule 6 lays down the operational architecture for reasonable security safeguards, making cybersecurity a legally enforceable standard.

Explore more articles on data privacy and cybersecurity trends to stay informed about the evolving threat landscape.

0 comments
0 FacebookTwitterPinterestEmail
Health

Palo Alto Networks becomes TASE most valued company

by Chief Editor
written by Chief Editor

Why Palo Alto Networks’ Tel Aviv Dual Listing Matters for Global Cybersecurity

Palo Alto Networks, the U.S. Cybersecurity leader founded by Israeli entrepreneur Nir Zuk, announced it will add a secondary listing on the Tel Aviv Stock Exchange (TASE). The move is tied to its recent acquisition of Israeli identity‑security platform CyberArk.

From Nasdaq to TASE: The “CYBR” Ticker

Instead of its Nasdaq symbol PANW, Palo Alto will trade under the ticker CYBR on TASE – a clear tribute to CyberArk’s brand. The company said the dual listing “builds on CyberArk’s heritage and Israel’s position as a global cybersecurity powerhouse.”

Becoming Israel’s Most Valuable Listed Company

With a market capitalization of roughly $115 billion, Palo Alto will outrank Teva Pharmaceuticals ($40 B), Bank Leumi ($38.4 B) and Bank Hapoalim ($35.3 B) on the Israeli exchange, according to Globes Israel. The Tel Aviv Stock Exchange called the decision “a powerful testament to the robustness, maturity, and resilience of the Israeli financial ecosystem.”

Did you recognize? The dual listing makes Palo Alto the largest company by market cap ever listed on TASE.

The CyberArk Deal – What’s Inside?

Sources differ on the exact size of the transaction. The Jerusalem Post reports a total deal value of $21.5 billion, with Palo Alto paying $45 in cash plus 2.2005 shares of its own stock for each CyberArk share. Reuters, meanwhile, cites a $25 billion purchase price. In either case, the acquisition gives Palo Alto a deeper foothold in Israel’s thriving R&D ecosystem.

AI‑Driven Identity Security: The Strategic Rationale

CEO Nikesh Arora warned that “the emerging wave of AI agents will require us to secure every identity, human, machine, and agent.” By merging Palo Alto’s network‑security expertise with CyberArk’s privileged‑access management, the combined entity aims to eliminate “identity silos” and protect hybrid‑cloud environments from AI‑powered threats.

CyberArk CEO Matt Cohen added that the partnership creates “a stronger cybersecurity force than ever before for modern organizations,” giving customers a broader suite of security solutions.

Pro tip: Investors looking to tap into the AI‑security boom should monitor how Palo Alto integrates CyberArk’s technology into its product roadmap – especially around privileged‑access management for autonomous agents.

Future Trends Shaped by the Dual Listing and Acquisition

1. Greater Capital Flow into Israeli Cyber‑Tech

The dual listing lowers the barrier for local institutional and retail investors to own a piece of a $115 B cybersecurity giant. Expect a surge in Israeli capital directed toward AI‑security startups, further cementing Israel’s reputation as a “global cybersecurity powerhouse.”

2. Consolidation Around Identity‑Centric Solutions

With AI agents proliferating, the market will likely consolidate around firms that can secure both human users and machine identities. Palo Alto’s move signals that identity security will develop into a core pillar of any comprehensive cyber‑defense strategy.

3. Cross‑Border R&D Collaboration

Palo Alto’s expanded Israeli R&D center—already its largest outside Silicon Valley—will benefit from closer ties to the local ecosystem, fostering joint development of AI‑ready security products.

4. Recent Benchmark for Dual Listings

Other multinational tech firms may follow Palo Alto’s example, using secondary listings to honor local heritage while accessing new pools of capital. The success of the “CYBR” ticker could set a template for future cross‑exchange listings.

Frequently Asked Questions

What ticker will Palo Alto use on the Tel Aviv Stock Exchange?
CYBR – a nod to CyberArk’s brand.
How does the dual listing benefit Israeli investors?
It provides easier access to Palo Alto shares and integrates the company into Israel’s capital market.
What is the reported value of the CyberArk acquisition?
Sources cite $21.5 billion (Jerusalem Post) and $25 billion (Reuters).
Why is identity security critical for AI agents?
AI agents need privileged access to systems; securing those identities prevents misuse and data breaches.

What’s Next?

Stay tuned for the official listing date on TASE and for updates on how Palo Alto integrates CyberArk’s technology into its AI‑security roadmap. The dual listing not only reshapes the Israeli market but likewise signals a broader shift toward identity‑first cybersecurity in the AI era.

For more on Israeli tech innovation, read our related pieces:

External reference: Reuters – Palo Alto plans dual listing in Tel Aviv

What do you think about this historic dual listing? Share your thoughts in the comments below, and subscribe to our newsletter for the latest updates on global cybersecurity trends.

0 comments
0 FacebookTwitterPinterestEmail
Tech

Washington pushes back against EU’s bid for tech autonomy – POLITICO

by Chief Editor
written by Chief Editor

The Shifting Sands of Tech Sovereignty: Europe and the US Navigate a New Digital Landscape

The relationship between the United States and Europe is undergoing a subtle but significant shift, particularly concerning technology. While a transatlantic alliance remains, growing concerns about reliance on both US and Chinese tech are fueling a push for “tech sovereignty” in Europe. This isn’t simply about protectionism; it’s a strategic move to secure critical infrastructure and data in key sectors like AI, quantum technologies, and semiconductors.

The US Position: A Clear Distinction

A key argument emerging from the US, as articulated by a Trump advisor, is a clear distinction between American and Chinese technology. The claim centers on data privacy: personal data is not systematically transferred to the state in the US, unlike concerns surrounding Chinese laws that compel firms to share data for surveillance purposes. This perspective frames the debate not as a rejection of foreign tech, but as a preference for systems aligned with democratic values.

However, this argument isn’t universally accepted. Europe’s pursuit of tech sovereignty suggests a broader unease with dependence on any single foreign power, even a traditional ally. The recent POLITICO Poll reveals a declining perception of the US as a reliable ally across several European nations, including Germany and Canada, further complicating the dynamic.

Europe’s Drive for Independence

The European Commission is actively preparing a “tech sovereignty” package, aiming to bolster homegrown technology and reduce reliance on external suppliers. A cybersecurity proposal, currently under consideration, could empower Europe to identify and mitigate risks associated with foreign tech providers – including those from the US. The focus is on ensuring capacity and independence in critical sectors.

This move isn’t new, but it’s gaining momentum. German Chancellor Friedrich Merz recently voiced concerns about the erosion of US leadership on the international stage, signaling a growing willingness to chart a more independent course.

The Implications of a Fracturing Tech Landscape

The potential consequences of this shift are far-reaching. A fragmented tech landscape could lead to:

  • Increased Costs: Developing and maintaining independent tech stacks requires significant investment.
  • Slower Innovation: Reduced collaboration could hinder the pace of technological advancement.
  • Geopolitical Tensions: Competition for technological dominance could exacerbate existing geopolitical rivalries.
  • New Standards: Diverging standards could create interoperability challenges.

The debate highlights a fundamental question: can a truly “open” and interconnected digital world coexist with national security concerns and the desire for strategic autonomy?

Pro Tip:

For businesses operating in both the US and Europe, understanding these evolving dynamics is crucial. Diversifying supply chains and prioritizing data privacy will be key to navigating this new landscape.

FAQ: Tech Sovereignty and the US-Europe Relationship

What is “tech sovereignty”? It refers to a nation’s ability to control its own digital infrastructure and data, reducing reliance on foreign technology and ensuring strategic independence.

Is Europe completely rejecting US tech? Not necessarily. The focus is on reducing dependence and mitigating potential security risks, rather than a complete ban.

What are the key sectors driving this push for independence? AI, quantum technologies, and semiconductors are considered particularly critical.

How does this affect businesses? Businesses may necessitate to adapt to new regulations, diversify their supply chains, and prioritize data privacy.

Did you know? The concept of tech sovereignty is not limited to Europe. Countries around the world are increasingly focused on securing their digital infrastructure.

Want to learn more about the evolving geopolitical landscape of technology? Explore our articles on cybersecurity threats and international data privacy regulations.

Share your thoughts on the future of tech sovereignty in the comments below!

0 comments
0 FacebookTwitterPinterestEmail
Tech

Cybersecurity breaches top risk for India Inc: FICCI-EY survey

by Chief Editor
written by Chief Editor

India Inc. Braces for a Fresh Era of Risk: Cybersecurity, AI, and Geopolitical Volatility

New Delhi – A recent FICCI-EY Risk Survey 2026 reveals a significant shift in the risk landscape for Indian businesses. Cybersecurity breaches have emerged as the primary concern for 51% of India Inc., surpassing even geopolitical tensions and economic uncertainties. This heightened anxiety comes as India’s economy is projected to grow by 7.4%, highlighting a paradox of optimism tempered by vulnerability.

The Rising Tide of Cyber Threats

The survey underscores a growing recognition that technology risk is now inextricably linked to operational continuity. A substantial 61% of leaders believe rapid technological change and digital disruption are impacting their competitive edge. This isn’t merely about potential financial losses; 61% identify cyber-attacks and data breaches as major threats to their reputation. Further compounding the issue, 57% report concerns about data theft and insider fraud, while 47% acknowledge the difficulty of combating increasingly sophisticated cyberattacks.

This trend reflects a global pattern. Organizations are increasingly reliant on digital infrastructure, creating more entry points for malicious actors. The interconnectedness of supply chains also means a breach at one company can have cascading effects across multiple sectors.

AI: A Double-Edged Sword

Artificial intelligence presents a unique challenge. While 60% of respondents believe inadequate AI adoption could hinder operational effectiveness, a nearly equal 54% express concerns about the ethical and governance issues surrounding AI. This duality suggests Indian companies recognize the potential benefits of AI but are struggling to navigate the associated risks.

The lack of clear regulatory frameworks and the potential for algorithmic bias are key concerns. Companies are hesitant to fully embrace AI without assurances that they can manage these risks effectively.

Geopolitical Instability and Supply Chain Resilience

Geopolitical tensions remain a significant worry for 63% of leaders, forcing a renewed focus on supply chain resilience. The survey highlights a move away from simply minimizing costs towards building more robust and diversified supply networks. This includes nearshoring, reshoring, and investing in alternative sourcing options.

The “trade reset” mentioned in EY’s analysis suggests a broader restructuring of global trade relationships, requiring Indian businesses to adapt quickly to changing conditions.

Beyond the Top Three: Changing Customer Demands and Talent Shortages

The survey also identified changing customer demands (49%) and talent shortages (64%) as critical risks. Meeting evolving customer expectations requires continuous innovation and a deep understanding of market trends. The talent shortage, particularly in areas like cybersecurity and data science, is exacerbating these challenges.

Rajeev Sharma, Chair of the FICCI Committee on Corporate Security & DRR, emphasized the require for adaptability: “In a business environment shaped by volatility, the ability to anticipate, absorb and adapt to risk is emerging as a defining capability for sustained growth.”

The Evolving Role of Risk Management

The report suggests a fundamental shift in how Indian companies approach risk management. Organizations are moving away from episodic risk assessments towards embedding risk management into strategic decision-making, governance structures, and long-term planning. This proactive approach is essential for navigating the increasingly complex and interconnected risk landscape.

Sudhakar Rajendran, Risk Consulting Leader, EY India, noted that risks are “converging rather than occurring in isolation,” requiring a more holistic and integrated approach to risk management.

Frequently Asked Questions

  • What is the biggest risk facing Indian companies right now? Cybersecurity breaches are currently the top risk, cited by 51% of respondents in the FICCI-EY Risk Survey 2026.
  • How are geopolitical events impacting Indian businesses? Geopolitical tensions are driving a need for greater supply chain resilience and diversification.
  • What are the concerns surrounding AI adoption? Companies are worried about both the risks of not adopting AI (falling behind competitors) and the ethical and governance challenges associated with AI implementation.
  • Is talent shortage a major concern? Yes, 64% of executives report talent shortages as a significant risk.

Pro Tip: Regularly assess your organization’s cybersecurity posture and invest in employee training to mitigate the risk of cyberattacks.

Did you know? 61% of leaders feel rapid digital changes are hurting their competitive edge.

Explore further insights on risk management and innovation by visiting the EY India website.

What are your biggest risk concerns for your business? Share your thoughts in the comments below!

0 comments
0 FacebookTwitterPinterestEmail
Tech

Incident Response Plans Evolve Into Battle-Tested Drills as Stricter 2026 Cybersecurity Rules Take Effect

by Chief Editor
written by Chief Editor

Cybersecurity in 2026: From Reactive Plans to Proactive Resilience

As cybercrime continues its relentless rise in both frequency and cost – with data breaches now averaging over $4.5 million – organizations are facing a critical turning point. The regulatory landscape is shifting, demanding a move from static compliance plans to dynamic, decision-driven incident response systems. Delays in breach reporting are proving costly, potentially increasing expenses by nearly 30%, making swift action paramount.

The Speed of Regulation: A Latest Era of Accountability

Modern speed isn’t just a competitive advantage; it’s a regulatory expectation. In the United States, critical infrastructure operators must report significant cyber incidents within 72 hours, with ransom payments disclosed in 24 hours or less. Public companies face mandates to disclose material cyber incidents within four business days of impact assessment, even while investigations are ongoing.

Europe is mirroring this urgency. The enforcement of NIS2 regulations is escalating, and DORA requires standardized reporting and documentation within the financial services sector. Organizations must act quickly and provide evidence that withstands scrutiny; decisions without documentation will be considered invalid by 2026.

Rebuilding the Incident Response Framework

Incident response is evolving from static binders to flexible frameworks centered on clear decision-making. Organizations are now proactively defining what constitutes a reportable incident, minimizing guesswork during a crisis. Materiality is assessed using structured scoring that considers system downtime, data exposure, financial risk, and customer impact.

Pre-approved notification templates streamline legal processes, while forensic practices prioritize the immediate preservation of logs. Approximately six out of ten incident response failures stem from unclear authority and slow decision-making, highlighting the importance of these improvements.

Supply Chain Security: Extending the Perimeter

External parties are increasingly central to incident outcomes. Research indicates that breaches involving vendors, cloud providers, or managed service partners occur in roughly 50% of cases. These third parties often possess crucial access rights and logs necessary for reporting.

Organizations are now incorporating incident response responsibilities into vendor contracts. Playbooks discuss breach notifications in advance, outlining procedures for logging activities, emergency access, and communication protocols. Regulatory compliance demands that partners maintain the same pace and standards.

Tabletop Drills: The New Credibility Metric

Tabletop exercises are becoming the definitive measure of cyber readiness. Regulators and boards increasingly require proof of a team’s ability to execute under realistic conditions. Effective exercises simulate ransomware attacks, cloud outages, and insider threats, enforcing a 72-hour reporting clock.

Organizations that conduct regular drills report a 25–30% improvement in decision-making speed during actual incidents. Critically, these exercises expose recurring weaknesses, such as outdated contact lists, unclear escalation paths, and over-reliance on a few specialists.

Stakeholder Roles: Before and After 2026

Stakeholder

Before 2026

After 2026

Organizations

Static compliance plans

Decision-driven response systems

Regulators

Limited enforcement

Strict audits and deadlines

Third Parties

Peripheral involvement

Contractually accountable responders

Response Teams

Reactive coordination

Drill-tested execution units

Key Cybersecurity Trends to Monitor

  • Increased use of AI in both cyber defense and cybercrime
  • Ongoing shortage of skilled security professionals
  • Identity-first and Zero Trust security models
  • Rising complexity of multicloud environments
  • Escalating supply-chain and vendor risks
  • Targeted attacks on healthcare and infrastructure
  • Growing regulatory pressure on data protection

Preparing for the Future

  • Treat incident response as a decision system, not a policy.
  • Pre-define materiality thresholds and escalation authority.
  • Align vendor contracts with reporting timelines.
  • Conduct realistic tabletop exercises with documented outputs.
  • Invest in logging, monitoring, and forensic readiness.
  • Train executives and boards on disclosure responsibilities.

Frequently Asked Questions

What is NIS2?
NIS2 is a European Union directive aimed at raising the level of cybersecurity across all member states.
What is DORA?
DORA (Digital Operational Resilience Act) is a regulation focused on ensuring the digital operational resilience of the financial services sector.
What are tabletop exercises?
Tabletop exercises are simulated cyberattacks used to test an organization’s incident response plan and team preparedness.

Don’t wait for the next breach to test your defenses. Explore our resources on incident response planning and schedule a consultation with our cybersecurity experts today.

0 comments
0 FacebookTwitterPinterestEmail
Tech

Machine trust in modern software delivery

by Chief Editor
written by Chief Editor

The Evolving Cybersecurity Landscape: Integrating AI Without Sacrificing Speed

The relentless pace of modern software development is creating a critical tension: how to maintain rapid deployment cycles while ensuring robust security. As organizations increasingly integrate generative AI into their workflows, this challenge intensifies. Traditional security reviews often struggle to keep up, demanding a fundamental shift in how security is approached.

Trust at Machine Scale: A New Paradigm

Establishing trust within automated workflows is no longer a nice-to-have; it’s a necessity. Ilkka Turunen, Field CTO at Sonatype, emphasizes that development automation necessitates a change in how teams build trust. The rise of open-source downloads and AI-assisted coding tools introduces new risks, rendering manual code review insufficient when AI generates code at volume.

The solution? Embed security checks directly into the continuous integration pipeline. Security can’t be a gatekeeping function performed by humans at the finish of a sprint, as this creates bottlenecks. Instead, security must become a core component of the development process itself.

Data Security in the Age of GenAI

Legacy security technologies often fall short because they lack the necessary context regarding the data they protect. Dave Matthews, Senior Solutions Engineer for EMEA at Concentric AI, argues for a move from static boundary defense to a managed asset strategy. This represents particularly crucial for developers rolling out GenAI, which ingests and processes vast datasets.

The stakes are high. A staggering 94 percent of ransomware attacks now involve data exfiltration, according to Guy Batey, Head of Engineering at Rubrik. Attackers prioritize data theft over encryption, requiring a multi-layered prevention strategy. Threat detection must occur closer to the data source, rather than relying solely on backup and recovery systems.

Managing the Chaotic Attack Surface

Rapid development and unmonitored assets contribute to a complex and chaotic attack surface. Marcelo Castro Escalada of Outpost24 highlights the need for “Modern External Attack Surface Management” – a discipline focused on securing endpoints that bypass standard inventory checks. Bringing these assets under management *before* they become entry points is a key objective for DevSecOps teams.

AI and Infrastructure: Building Cyber Resilience

Integrating AI applications into cloud infrastructure requires specific architectural standards focused on cyber resilience. Eng. Sameh Zaghloul, CTIO of Fixed Solutions, points to increased automation and enhanced data analytics as primary components of this process. Leaders from JPMorgan Chase, Saint-Gobain and TMSC agree that security must not hinder developer experience.

the potential for AI to influence user decisions introduces a new dimension to the threat model. Developers must consider how their systems might manipulate human operators, a factor often missed by traditional vulnerability assessments.

Human-Centric Security and Ethical Considerations

Cybersecurity is no longer solely a technical problem; it’s a human one. Mike Brass, Head of GLC, Enterprise Security Architecture at National Highways, advocates for embedding cyber resilience into enterprise strategy through “human-centric security.” This involves integrating practitioner fundamentals with business goals, designing systems that account for human behavior.

The intersection of AI and cybersecurity also presents ethical challenges. Discussions involving representatives from Santander, The Adecco Group, and National Highways highlight the need to understand how AI reshapes threat detection and response, while acknowledging the operational complexities it introduces.

Frequently Asked Questions

Q: What is “trust at machine scale”?
A: It refers to establishing security checks and trust mechanisms directly within automated development pipelines, rather than relying on manual reviews at the end.

Q: Why is data context important for AI security?
A: Legacy security tools lack understanding of the data they protect. AI needs context to identify risks within the vast datasets it processes.

Q: What is External Attack Surface Management?
A: It’s a discipline focused on identifying and securing endpoints that may not be visible through traditional inventory checks.

Q: How can organizations balance security and developer experience?
A: By embedding security into the development process, rather than treating it as a separate, restrictive step.

Did you know? 94% of ransomware attacks now involve data exfiltration, making data security a top priority.

Pro Tip: Prioritize automation in your security checks to keep pace with rapid development cycles.

Wish to delve deeper into the world of cybersecurity and cloud technologies? Explore the Cyber Security & Cloud Expo taking place in Amsterdam, California, and London, part of the TechEx series.

0 comments
0 FacebookTwitterPinterestEmail
Tech

Shadow AI assistant Clawdbot raises workplace risks

by Chief Editor
written by Chief Editor

The Rise of ‘Shadow AI’: How Unsanctioned Tools Like Clawdbot Are Reshaping Corporate Security

A recent report from Token Security Labs has revealed a startling trend: employees are increasingly adopting personal AI assistants – often without IT’s knowledge. Their analysis found Clawdbot (also known as Moltbot) is currently active within 22% of their customer organizations. This isn’t an isolated incident; it’s a symptom of a larger shift towards “shadow AI,” where powerful AI tools operate outside traditional security perimeters.

What is ‘Shadow AI’ and Why is it a Problem?

Shadow AI refers to the use of AI applications and services within an organization that haven’t been vetted or approved by the IT or security teams. Clawdbot, a locally-run AI assistant connecting to popular messaging apps like Slack, WhatsApp, and Microsoft Teams, exemplifies this. While offering convenience – calendar management, email responses, file access – it introduces significant risks. The core issue? Broad access to sensitive data coupled with lax security practices.

Consider this scenario: an employee uses Clawdbot on their personal laptop, connecting it to corporate Slack. Suddenly, confidential internal discussions, files, and even credentials are potentially accessible outside the company’s secure network. This bypasses crucial data loss prevention (DLP) controls and audit trails, making it difficult to detect and respond to breaches.

Did you know? A 2023 Gartner report estimated that 30% of organizations will experience “shadow IT” related security incidents by 2024, and AI tools are rapidly becoming a major component of this risk.

The Security Risks: Plaintext Credentials and Exposed APIs

Token Security’s investigation uncovered alarming security vulnerabilities. Clawdbot stores credentials in plaintext, meaning anyone with access to the user’s device can easily view them. Furthermore, researchers like Jamieson O’Reilly have discovered hundreds of publicly accessible Clawdbot instances with open admin dashboards, exposing API keys, OAuth tokens, and conversation histories. In some cases, remote code execution was even possible.

The lack of default sandboxing – explicitly acknowledged in Clawdbot’s documentation – further exacerbates the problem. This means the AI assistant operates with significant system access, increasing the potential damage from a successful attack. Prompt injection, where malicious instructions are embedded within seemingly harmless inputs, also poses a threat when the tool processes emails, documents, and web pages.

Beyond Clawdbot: The Expanding Landscape of Personal AI

Clawdbot is just the tip of the iceberg. The proliferation of open-source Large Language Models (LLMs) and user-friendly interfaces is making it easier than ever for employees to deploy personal AI assistants. Tools like LM Studio and Ollama allow users to run powerful models locally, further blurring the lines between personal and corporate data.

This trend is fueled by a genuine desire for increased productivity. Employees are seeking ways to automate tasks, streamline workflows, and gain a competitive edge. However, without proper guidance and security measures, these efforts can inadvertently create significant vulnerabilities.

What Can Organizations Do? A Proactive Approach

Addressing the challenge of shadow AI requires a multi-faceted approach:

  • Discovery and Visibility: Monitor network traffic for patterns associated with AI assistant activity. Scan endpoints for the presence of directories like “.clawdbot”.
  • Permission and Access Control: Regularly review OAuth grants and API tokens connected to critical systems. Revoke unauthorized integrations.
  • Clear Policies: Establish clear policies regarding the use of personal AI agents, outlining acceptable use cases and security requirements.
  • Approved Alternatives: Provide employees with secure, enterprise-grade AI tools that offer the functionality they need while maintaining IT oversight.

Pro Tip: Implement a robust security awareness training program to educate employees about the risks associated with shadow AI and the importance of following security protocols.

The Future of AI Security: Zero Trust and Continuous Monitoring

Looking ahead, the rise of shadow AI will likely accelerate the adoption of zero-trust security models. This approach assumes that no user or device is inherently trustworthy and requires continuous verification before granting access to resources.

Continuous monitoring and threat detection will also become increasingly critical. Organizations will need to leverage AI-powered security tools to identify and respond to anomalous activity associated with shadow AI applications. The focus will shift from simply blocking these tools to understanding how they are being used and mitigating the associated risks.

Furthermore, expect to see increased collaboration between security vendors and AI developers to build more secure and responsible AI solutions. This includes incorporating privacy-preserving techniques, robust access controls, and comprehensive audit logging.

FAQ: Shadow AI and Your Organization

  • What is the biggest risk of shadow AI? The biggest risk is the potential for data breaches and unauthorized access to sensitive information due to lack of security controls and visibility.
  • How can I detect shadow AI in my organization? Monitor network traffic, scan endpoints, and review OAuth grants and API tokens.
  • Should I completely ban the use of personal AI assistants? A complete ban may not be practical or effective. Instead, focus on providing secure alternatives and establishing clear policies.
  • What is OAuth? OAuth (Open Authorization) is a standard protocol that allows users to grant third-party applications access to their data without sharing their passwords.

The emergence of shadow AI is a wake-up call for organizations. Ignoring this trend is not an option. By proactively addressing the risks and embracing a security-first approach, businesses can harness the power of AI while protecting their valuable assets.

Want to learn more about securing your organization against emerging AI threats? Explore our comprehensive security solutions or subscribe to our newsletter for the latest insights.

0 comments
0 FacebookTwitterPinterestEmail
Newer Posts
Older Posts