Two new reports are pointing to the same problem from different angles: security teams are stretched, visibility is weak, and old risks are still hanging around. Let’s start with Bitdefender's
2026 Cybersecurity Assessment Report. More than half of breach victims said they were told to keep incidents quiet, even when they believed those incidents should have been reported. In the U.S., that figure rises to 68.6%. AI visibility remains another gap. Nearly half of organizations reported partial or no visibility into shadow AI tools and personal accounts being used for work. Bitdefender also found that managers were more likely than security practitioners to overestimate how much visibility their organizations had into AI usage.
Then there’s
SonicWall’s research on financial services, which shows the other side of the problem: old infrastructure is still creating exposure. Financial firms are seeing more than twice the average attack volume per device compared with other industries, including 42.2 million detections tied to a legacy Telnet flaw and 35.6 million Log4Shell attempts.
Put the two reports side by side, and the MSSP opportunity comes into focus. Clients are dealing with new AI risks while still carrying old security debt, and many do not have the people or visibility to manage both. The providers that can connect AI governance, breach response, legacy remediation, and data oversight into one clear service story will have a much stronger role to play in the coming years.
Market Pulse: Cybersecurity Deals, Funding, and Platform Shifts
Keyfactor secures more than $1 billion in growth investment: Keyfactor secured a strategic growth investment of more than $1 billion led by Summit Partners, with existing investors Insight Partners and Sixth Street Growth retaining significant stakes. The company plans to use the funding for product development, geographic expansion, hiring, and potential acquisitions. Keyfactor’s platform manages certificates, public key infrastructure, and machine identities across cloud, hybrid and on-premises environments.
QIZ Security raises $17 million for cryptographic governance: QIZ Security raised $17 million to expand its cryptographic posture management and post-quantum security platform. The Israeli company helps organizations discover cryptographic assets, identify weak or outdated encryption and manage the transition to quantum-safe standards.
8Layers raises $2.9 million for identity protection platform: Spanish identity security startup 8Layers raised $2.9 million through an extended pre-seed round. The company is building a platform designed to detect identity exposure and help organizations respond to risks involving credentials and digital identities.
Exterro Adds Agentic AI to FTK for Remote Forensic Investigations:
Exterro has launched ARMOUR for FTK, an agentic AI capability that allows investigators to run forensic investigations across live endpoints, cloud services, identities and communications using natural-language questions. Built into the FTK Central platform, the system determines which forensic actions are needed, then carries out evidence collection, memory acquisition, artifact analysis, event correlation and timeline reconstruction while maintaining an auditable record. Exterro said the tool is designed to reduce the delays created by investigation teams moving between several security and forensic products, particularly during ransomware, insider risk and data exfiltration cases.
Radware Adds AI Governance Reporting and Claude Code Protection: Radware has expanded its Agentic AI Protection solution with new governance reporting, broader monitoring of AI agent activity and support for developer-hosted agents, including Anthropic Claude Code. The update gives security teams more visibility into how agents interact with applications, tools and enterprise resources, while adding audit-ready reporting designed to support ISO 42001, the EU AI Act and the NIST AI Risk Management Framework. Radware has also extended its controls to developer endpoints, where teams can monitor agent conversations, govern tool use and reduce the risk of sensitive data exposure. The capabilities are available as part of Radware’s existing Agentic AI Protection solution.
authID Adds SynerComm as Biometric Identity Security Reseller: authID has signed a reseller partnership with SynerComm that will bring its biometric identity verification and continuous authentication technology to customers in financial services, healthcare, industrial manufacturing and government. SynerComm will add authID’s services to its cybersecurity portfolio, with use cases spanning workforce access, help desk verification and secure system access. The deal gives authID another channel route into regulated enterprise accounts, while allowing SynerComm to expand its Zero Trust and identity security offerings with passwordless, biometric controls designed to reduce fraud, account takeover and identity risk.
Have news to share or just want to connect? Reach anytime at [email protected].