Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
ExtraHop, a company focused on network detection and response, released its 2026 Global Threat Landscape Report, outlining findings on the evolving state of cyber defence and the increasing influence of AI.
The report notes that while AI adoption has introduced new vulnerabilities, security teams continue to face challenges such as long threat dwell times and high volumes of alerts. It also indicates that, despite expectations for greater automation, many security operations centres (SOCs) still rely largely on manual processes for investigation and response.
Survey results show that 55% of respondents identified AI-based systems, including AI agents and generative applications, as notable security risks. The report also states that 85% of organisations experienced security incidents associated with AI integrations, including AI-assisted external attacks, compromised identities, and issues involving third-party integrations.
The report also discusses the role of AI in enabling faster and more scalable attack methods..
The report indicates that attackers typically remain in networks for more than two weeks before being detected. It also notes that 49% of organisations discovered threats only after data theft had occurred, compared with 31% in the previous year. Factors contributing to delayed detection include alert noise and malicious activity blending into legitimate system workflows.
It further states that attackers used encrypted communication in 41% of cases and legitimate workflows in 38% of cases to avoid detection. In 14% of organisations, breaches were identified only after a ransom demand was made.
The report found that the average ransom demand decreased to £2.1 million from £2.6 million in 2025. However, the proportion of victims who paid ransoms increased to 83%, compared with 70% in the previous year. The report also references an average downtime of around 30 hours per attack, which can contribute to operational pressure on affected organisations.
Despite increased use of AI tools, the report indicates that most security workflows still involve significant manual effort during detection, investigation, triage, and response. SOCs are reported to spend approximately 44% of their time on proactive security tasks, while AI systems are also associated in some cases with increased alert volume and false positives.
Overall, the report suggests a need for improved integration of real-time network context into AI-driven security systems to support more accurate detection and response.
