Cybersecurity

Cybersecurity startup Armis, specializing in connected device security, raised $435 million, valuing the company at $6.1 billion. Led by Goldman Sachs Alternatives, the funding will fuel growth and address the increasing demand for IoT, OT, and medical device security. Armis’ platform helps organizations discover, secure, and manage connected devices, providing threat detection and mitigation. CEO Yevgeny Dibrov sees Goldman Sachs as an ideal partner for a future IPO, targeted for late 2026 or early 2027, with a near-term goal of reaching $1 billion in ARR.

Boards are demanding productivity gains from enterprise AI, but features like web browsing and application connectivity introduce cybersecurity risks, including indirect prompt injection attacks. Tenable research highlights these vulnerabilities, potentially enabling data exfiltration and malware persistence. Mitigation requires treating AI assistants as distinct IT entities, subject to rigorous audit and zero-trust controls, including a comprehensive AI system registry and context-aware feature constraints. Organizations must invest in training and continuous monitoring to proactively address emerging threats and evolving vendor security postures.

A cyberattack on Jaguar Land Rover (JLR) has raised concerns about UK’s cybersecurity preparedness. Estimated to cost £1.9 billion, the attack disrupted JLR’s global manufacturing, impacting its supply chain and causing a 25% drop in wholesale deliveries. The attack is attributed to Scattered Lapsus$ Hunters utilizing a zero-day vulnerability. The UK government is providing support, including loan guarantees, while urging companies to improve cybersecurity. The incident also highlights questions around outsourcing IT and the effectiveness of cyber insurance.

Palo Alto Networks launched Cortex AgentiX, AI-powered agents for automated cloud cybersecurity. Designed to enhance threat intelligence and breach response across vendor platforms, AgentiX addresses the growing demand for autonomous security solutions. CEO Nikesh Arora emphasizes a human-in-the-loop approach, reflecting AI’s current limitations. The launch follows news of cybersecurity vulnerabilities at other companies and Palo Alto’s acquisition of CyberArk, signaling a focus on AI-driven and integrated security. Analysts see this as part of a broader industry trend towards AI/ML for threat detection and response.

CrowdStrike CEO George Kurtz refutes the idea that AI will replace cloud software, arguing they are interconnected. He believes agentic AI will accelerate SaaS adoption as providers integrate AI to enhance their offerings. CrowdStrike’s AI-powered Falcon platform benefits from this trend, protecting both its own services and other SaaS providers like Salesforce. The market reflects this confidence, with CrowdStrike’s stock surging and outperforming the cybersecurity sector, indicating strong investor belief in the company’s AI-driven cloud security strategy.

Security researchers have identified a novel cybersecurity threat called ‘prompt hijacking’ that exploits vulnerabilities in AI communication protocols like the Model Context Protocol (MCP). A flaw in the *oatpp-mcp* implementation allows attackers to inject malicious commands into user sessions, potentially leading to code injection, data exfiltration, or arbitrary command execution. Organizations should enforce secure session management with cryptographically secure session IDs, strengthen client-side defenses, and implement zero-trust principles for AI protocols to mitigate this and similar attacks. This highlights the need to adapt established security practices to protect the growing AI ecosystem.

Kyndryl’s 2025 Readiness Report, based on a survey of 3,700 leaders, reveals that while AI investments are yielding increased ROI, scaling AI remains a challenge. Many organizations struggle with outdated IT infrastructure, skills gaps, and a complex regulatory landscape. Despite confidence in tools and processes, foundational tech often hinders innovation. Geopolitical pressures also force cloud strategy reevaluation. Companies are increasing AI spending, prioritizing cybersecurity, and recognizing the need to address talent and culture to fully realize AI’s potential.

A recent survey of UK CFOs reveals that 99% have experienced payment-related cyber incidents in the past two years, making cybersecurity their top operational risk. While 94% plan to increase cybersecurity spending and universally desire automation, particularly in Accounts Payable, integration challenges with legacy systems hinder progress. Only 64% are confident in their systems’ ability to provide essential real-time oversight, highlighting the urgent need for modern, unified solutions to combat cyber threats and improve efficiency.

Cognizant is partnering with SmartestEnergy to enhance its cybersecurity defenses with Managed Extended Detection & Response (MXDR) and a 24/7 Security Operations Centre (SOC). This collaboration aims to protect SmartestEnergy’s critical infrastructure and customer data amidst increasing cyber threats targeting the energy sector. Cognizant will provide continuous monitoring, proactive threat hunting, and rapid incident response, leveraging AI-powered analytics to bolster resilience and ensure business continuity as SmartestEnergy expands its operations and supports the transition to net-zero emissions.

CrowdStrike (CRWD) shares jumped over 12% after an investor day presentation outlining strong long-term financial projections, including a 20% net new ARR growth rate by 2027 and a $10 billion ARR goal by 2031. The company’s acquisition of Pangea, an AI security platform, and a strategic partnership with Salesforce further boosted investor confidence. Analysts cite CrowdStrike’s advanced AI security capabilities and proactive market approach that led to revised upward price targets, highlighting the company’s leadership in the expanding cybersecurity landscape.