All news in category “Market Moves”

📈The UK cybersecurity sector generated £14.7bn in revenue last year and contributed £9.1bn in gross value added, the government reported on 13 May. Employment rose to nearly 70,000 and the number of firms climbed to 2,603, with AI-focused cybersecurity vendors growing sharply. The government unveiled the Cyber Resilience Pledge and plans legislation via the Cyber Security and Resilience Bill to tighten standards. Experts warn that advances in AI increase risks and call for stronger, harmonized incident reporting and defences.

🔧 Cloudflare announced a global workforce reduction of more than 1,100 employees as it reorganizes for the agentic AI era. Founders Matthew Prince and his co-sender emphasized transparency, notifying the entire global team directly by email and scheduling an all-hands and an earnings call to explain the change. The company characterized the move as a structural redesign to adapt to a 600% surge in internal AI usage, not a performance-based action. Departing employees will receive industry-leading severance, extended equity vesting through August 15, and U.S. healthcare support through year-end.

🔒 Palo Alto Networks announced its intent to acquire Portkey and integrate Portkey’s AI Gateway into Prisma AIRS to provide a centralized control plane for agentic AI. The combined platform will offer a unified API to thousands of LLMs, an agent registry, semantic routing, caching and runtime protections such as Agent Artifact scanning and automated red teaming. Integration with CyberArk is intended to enforce agent identity and least‑privilege controls. The goal is to enable enterprises to move autonomous workloads from development to production with consistent governance and minimal performance tradeoffs.

🚀 Yael Nardi joins Minimus as Chief Business Officer, leading top-of-funnel growth, strategic operations, and corporate development in a newly created role. She will implement an operational model to scale marketing and strategic alliances and adapt to AI-influenced customer acquisition channels. Nardi brings 15+ years advising startups, investors, and law firms and led major M&A transactions including Twistlock's sale to Palo Alto Networks. Based in New York, she will help expand Minimus's near-zero CVE hardened container image offerings and go-to-market engine.

🔒 CSO and CISO roles have shifted from technical gatekeepers to board-level leaders accountable for resilience, compliance, and business enablement. Recruiters and incumbent executives emphasize a T-shaped background — deep domain expertise plus broad business fluency — including identity and access management, cloud operations, AI risk, and security automation. Candidates must translate security investments into enterprise value and demonstrate continuous assurance; negotiation, delegation, and measurable outcomes now define success.

🔐 Google has completed its acquisition of Wiz, which will join Google Cloud while retaining the Wiz brand. The combined offering delivers an AI-powered cloud security platform that unifies visibility across cloud, hybrid, and multicloud environments to prevent, detect, and respond to threats. Customers can expect continued support for AWS, Azure, Oracle, and on-premises systems, along with integrations to Google Threat Intelligence and Mandiant consulting. The acquisition is positioned to accelerate AI-native security capabilities, simplify code-to-cloud defenses, and reduce operational toil for security teams.

🔒 OpenAI said it will acquire AI testing startup Promptfoo to strengthen security checks for AI agents as enterprises deploy autonomous systems in business workflows. Promptfoo’s tools let developers test LLM applications against adversarial prompts, including prompt injection and jailbreak attempts, and evaluate whether models follow safety and reliability guidelines. OpenAI plans to integrate Promptfoo into OpenAI Frontier and to continue developing the open-source project while expanding enterprise capabilities.

🔐 IT-Harvest has published its 2026 Cyber 150 list, noting that AI security vendors make up 22% of the cohort. The annual ranking highlights mid-sized cybersecurity firms (50–500 staff) chosen on funding, 2025 growth and market traction. 33 companies were classified as AI security, including fast growers like Tenex.ai (318% growth) and well-funded names such as 7AI and Noma Security. The list also shows broad category distribution and geographic concentration in the US and Israel.

🔒 Check Point recognized top partners across the Asia Pacific at its FY25 Sales Kickoff in Bangkok, honoring organizations that delivered exceptional customer outcomes and sustained growth. The awards spotlight partners advancing prevention-first, AI-powered cyber security amid rising AI-driven threats, expanding hybrid and cloud ecosystems, and regulatory complexity. The gathering of nearly 1,000 employees and partners underscored the company’s commitment to regional collaboration and partner-led resilience.

🔐 A recent job posting from GCHQ for a Chief Information Security Officer has drawn industry attention for offering a maximum salary of £130,000 (roughly €150k–€155k) despite demanding executive-level responsibilities. The role requires deep expertise in securing cloud environments, emerging technologies and compliance with frameworks such as NIST, ISO 27001, GDPR and GovS 007. Desired certifications include CISSP, CISM or CCISO. Observers note the posting highlights the gap between public sector compensation and market rates amid a global cybersecurity skills shortage.

⚠️ A recent GCHQ job advertisement seeks a chief information security officer described as one of the most influential cyber security leadership roles in the UK, yet it offers a maximum salary of £130,000 (about $175,000). The role asks for expertise securing cloud environments and emerging technologies, and knowledge of frameworks such as NIST, ISO 27001, GDPR and GovS 007. Professional certifications like CISSP, CISM or CCISO are flagged as highly desirable. The compensation and absence of industry-style incentives have prompted criticism amid a global shortage of security talent.

🔒 Traditional endpoint defenses miss a growing class of non-binary software — browser extensions, code packages, IDE plugins, local servers, containers and model artifacts — that employees and developers install without centralized oversight. AI agents amplify that blind spot by acting with user credentials, autonomously discovering, invoking and installing components at machine speed. Palo Alto Networks says it intends to acquire Koi to deliver Agentic Endpoint Security, focused on visibility, continuous risk analysis and real-time policy enforcement to remediate risky behaviors.

🔒 Palo Alto Networks has completed its $25 billion acquisition of Israel-based CyberArk, integrating privileged access management into its core platform strategy. The deal aims to extend privileged controls across human, machine, and AI identities to reduce standing privileges, limit lateral movement, and accelerate breach response. Palo Alto will continue offering standalone CyberArk while pursuing deeper integration, though analysts warn of transition friction and potential licensing or vendor lock-in.

🔐 CyberArk is joining Palo Alto Networks to elevate identity security as a core platform pillar for cloud, automation and AI-driven environments. The post argues identity is now the primary attack vector: machine identities outnumber humans by more than 80:1 and 87% of organizations experienced multiple identity-centric breaches in the past year. It calls for continuous visibility, dynamic privilege controls and unified governance to secure human, machine and AI agents and reduce opportunities for lateral movement.

🔒 The European Commission has given unconditional approval for Google's $32 billion acquisition of cloud security vendor Wiz, removing a major regulatory hurdle. The clearance lets Google Cloud fold Wiz's multi‑cloud security capabilities into its stack while regulators found no meaningful competition harm. Analysts warn the tie-up could accelerate hyperscaler-led security consolidation, raise long-term lock-in risks, and shift incentives away from cloud neutrality.

🔒 ZAST.AI announced a $6 million Pre-A round led by Hillhouse Capital, bringing total funding close to $10 million. The startup uses an AI-driven Automated PoC Generation + Automated Validation pipeline to produce runnable Proof-of-Concepts and verify exploitable flaws, aiming for near-zero false positives. In 2025 the company reported hundreds of zero-day findings that led to 119 CVE assignments and patches across major open-source projects. The new capital will support R&D, product expansion, and international growth.

🚨 A recent IANS Research and Artico Search survey found that 69% of enterprise CISOs are open to a career move within the next year, often targeting larger-company CISO roles, other executive posts, or non-CISO paths. Analysts attribute the trend to chronic exhaustion, misaligned authority, and a structurally broken role that leaves leaders accountable without matching influence. Experts recommend giving CISOs enterprise-level standing, direct CEO and board access, and authority and budget that match their responsibilities to retain top security talent.

🔒 Zscaler has acquired Singapore-based SquareX to extend browser detection and response (BDR) capabilities into standard web browsers across managed and unmanaged devices. The move enables Zscaler to deliver Zero Trust Exchange controls via lightweight extensions rather than requiring a separate enterprise browser. SquareX's runtime extension enforces session-specific controls such as browser-native DLP, dynamic content isolation, real-time behaviour monitoring, clipboard protections and AI prompt safeguards, integrating with Zscaler policy enforcement to reduce reliance on legacy VPN/VDI.

⚠️ Even experienced CISOs can hit insurmountable roadblocks when leadership offers only lip service, denies resources, or blocks board access. The article identifies common red flags—playacting, cognitive disconnect between executives and security teams, and ethical pressure to conceal breaches—that should prompt serious consideration of leaving. It contrasts those with green flags such as demonstrable executive support, collaborative incident playbooks, and a commitment to transparency. Many leaders now pursue fractional roles or secure indemnity and legal counsel when organizational alignment is absent.

🔒Amutable, a Berlin startup launched this week, says it will bring determinism and verifiable integrity to Linux systems. Its founding team includes prominent Linux engineers such as Lennart Poettering (known for systemd) and ex‑Microsoft executives Chris Kühl (CEO) and Christian Brauner (CTO). The company is focusing on the container stack — Kubernetes, runc, LXC, Incus and containerd — and proposes cryptographic verification of images, signed manifests and continuous checks to detect tampering proactively rather than reactively.