Manuel Sanchez

When it comes to security, enterprises are entering a period of recalibration – one where familiar playbooks no longer apply, and the old hierarchy of priorities has been upended. As part of this cybersecurity reset, the overwhelming focus in the coming year will be on resilience rather than prevention, and there are multiple ways that resilience will be infused. The Supply Chain Reckoning The first and most visible shift towards resilience starts with a careful look at the supply chain, largely in response to a series of devastating 2025 breaches that crippled major enterprises through compromised managed service providers (MSPs).…

While most enterprises have made ongoing investments in their tech infrastructure and processes to wring out vulnerabilities, many organisations are unknowingly clinging to a habit that’s quietly undermining their security posture: hoarding redundant, obsolete, and trivial (ROT) data. This forgotten clutter—scattered across servers, cloud drives, and legacy systems—serves no business purpose. However, it does some other things exceptionally well: It expands cybercriminals’ attack surface and creates potential governance problems. Additionally, stockpiling data—with no regard to whether it’s actually needed—can rapidly balloon storage costs. Suppose enterprises want to avoid a sprawling digital footprint that increases risk and creates challenges on multiple…

More than just another regulatory box to tick, the EU AI Act demands that enterprises fundamentally rethink their data governance strategies to successfully navigate its complexities. Some organisations physically based outside the EU or without a direct EU market presence might think that they’ve dodged this regulatory bullet and it’s not something that needs to be on their radar – but they’d be mistaken. With Japan and Australia developing similar guardrails and comparable US legislation on the way, the EU AI Act is fast becoming the “gold standard” blueprint for how data needs to be handled in the AI era.…

The challenges around data governance are evolving rapidly, driven by the rapid adoption of generative AI, stringent regulatory requirements, and heightened cybersecurity risks. As we approach 2025, organisations are realising that traditional approaches to data governance are no longer sufficient. At the same time, longtime aspects of cybersecurity such as Zero Trust and multifactor authentication (MFA) are taking on new importance, going from optional to imperative – and helping to underpin security, compliance, and governance efforts. It’s worth taking a closer look at these areas to see what kind of impact they’re having and what steps organisations need to take…

Phishing – that scourge of the internet for several decades now – remains the most popular attack vector when it comes to bad actors trying to get their hands on confidential information. The targets span commercial enterprises, to government agencies (just ask the Police Service of Northern Ireland, which recently suffered a devastating data breach traced to phishing). New generative AI-powered tools like FraudGPT are only accelerating the problem by allowing cybercriminals to create increasingly well-crafted and targeted phishing emails at scale. This means there are no longer as many of the typo-riddled messages of yore to help wave a cautionary flag when someone receives…

Phishing – that scourge of the internet for several decades now – remains the most popular attack vector when it comes to bad actors trying to get their hands on confidential information. The targets span commercial enterprises, to government agencies (just ask the Police Service of Northern Ireland, which recently suffered a devastating data breach traced to phishing). New generative AI-powered tools like FraudGPT are only accelerating the problem by allowing cybercriminals to create increasingly well-crafted and targeted phishing emails at scale. This means there are no longer as many of the typo-riddled messages of yore to help wave a cautionary flag when someone receives…