De samenwerking tussen NetApp en Commvault bestaat al langer, maar krijgt nu opnieuw extra kracht. Met hun hernieuwde gezamenlijke focus op cyber resilience laten beide partijen zien waar het vandaag echt om draait: niet alleen data veilig opslaan, maar ook dreigingen sneller signaleren en systemen gecontroleerd kunnen herstellen wanneer het misgaat.

NetApp en Commvault zetten met deze versterkte samenwerking nadrukkelijk in op een geïntegreerde aanpak voor enterprise data protection en cyber resilience in hybride omgevingen. Daarbij combineren ze NetApp’s data-infrastructuur en AI-gedreven ransomwaredetectie met de resilience-, protection- en recovery-capaciteiten van Commvault.

Voor organisaties is dat een relevante ontwikkeling. De impact van cyberincidenten wordt namelijk niet alleen bepaald door óf je een back-up hebt, maar vooral door hoe snel je afwijkingen herkent, hoe goed je kritieke data is afgeschermd en hoe betrouwbaar je kunt herstellen zonder onnodige verstoring van de bedrijfsvoering. In dat opzicht verschuift de aandacht steeds meer van alleen beschikbaarheid naar aantoonbare weerbaarheid.

Waarom alleen back-up niet meer voldoende is

Back-up blijft een essentieel onderdeel van een moderne IT-strategie, maar het is niet langer voldoende als enige maatregel. In hybride IT-landschappen zijn data, applicaties en workloads verspreid over on-premises omgevingen, private cloud en public cloud. Dat maakt de afhankelijkheden groter en hersteltrajecten complexer. Wanneer een organisatie pas tijdens een incident ontdekt welke data kritiek is, waar kwetsbaarheden zitten of hoe recovery precies moet verlopen, gaat kostbare tijd verloren.

Juist daarom is cyber resilience breder dan traditionele back-up. Het gaat om het totaalplaatje: preventie, detectie, bescherming, governance en herstel. De hernieuwde verdieping in de samenwerking tussen NetApp en Commvault sluit daar direct op aan, doordat beide partijen inzetten op een end-to-end benadering van databescherming en recovery.

Wat deze samenwerking concreet toevoegt

De kracht van deze samenwerking zit in de combinatie van infrastructuur en herstel. NetApp brengt een enterprise dataplatform met ingebouwde intelligentie en AI-gedreven ransomwaredetectie in. Commvault voegt daar oplossingen aan toe voor resilience, bescherming en recovery op enterprise-schaal. Samen moet dat leiden tot sneller herstel, betere beheersing van risico’s en meer grip op bedrijfskritische data.

Dat is belangrijk, omdat cyber resilience in de praktijk vaak stukloopt op versnippering. Veel organisaties hebben wel tooling voor opslag, losse securitymaatregelen en back-upvoorzieningen, maar missen samenhang. Daardoor ontstaan blinde vlekken tussen IT-beheer, security-operaties en recoveryprocessen. Een geïntegreerde aanpak helpt om die losse onderdelen beter op elkaar te laten aansluiten.

De vertaalslag naar de praktijk

Voor organisaties draait het uiteindelijk niet om de technologie op zichzelf, maar om de vraag: zijn wij in staat om onder druk te blijven functioneren? Dat vraagt om heldere keuzes in drie gebieden.

Allereerst is er de datafundering. Organisaties moeten weten welke data bedrijfskritisch is, waar die zich bevindt, hoe die wordt beschermd en welke afhankelijkheden er zijn met applicaties en infrastructuur. Zonder die basis blijft cyber resilience reactief.

Daarnaast is er cyberweerbaarheid. Dat betekent niet alleen bescherming tegen dreigingen, maar ook het inrichten van processen, verantwoordelijkheden en controles die ervoor zorgen dat afwijkingen tijdig worden gesignaleerd en er adequaat gehandeld kan worden.

Tot slot is er herstelbaarheid. Niet alleen de vraag of data teruggezet kan worden, maar ook hoe snel, gecontroleerd en betrouwbaar dat gebeurt. Een recoveryplan moet in de praktijk uitvoerbaar zijn, ook als de druk hoog is en meerdere systemen geraakt zijn.

Waar Idaita en OpenSight elkaar versterken

Juist op dat punt komt de samenwerking tussen Idaita en OpenSight logisch samen.

Idaita helpt organisaties bij het bouwen van een sterke en toekomstbestendige datafundering. Door data, infrastructuur en cloud slim in te richten, ontstaat de basis die nodig is om systemen beschikbaar, beheersbaar en herstelbaar te houden.

OpenSight versterkt die basis met een duidelijke focus op cyberweerbaarheid en herstel. Daarbij gaat het niet alleen om technologie, maar ook om de processen, verantwoordelijkheden en keuzes die nodig zijn om als organisatie veerkrachtig te blijven bij dreigingen of incidenten.

Samen ontstaat daarmee een aanpak waarin data, infrastructuur, processen en security niet los van elkaar worden bekeken, maar als onderdelen van één weerbare keten. En juist die samenhang is essentieel voor organisaties die cyber resilience structureel willen versterken.

Van technologiekeuze naar continuïteitsvraagstuk

De versterkte samenwerking tussen NetApp en Commvault is daarom meer dan alleen technologienieuws. Het onderstreept een bredere ontwikkeling in de markt: cyber resilience wordt steeds minder gezien als een technisch deelonderwerp en steeds meer als een continuïteitsvraagstuk. Bestuurders en IT-teams willen niet alleen weten welke oplossing er draait, maar vooral of de organisatie bestand is tegen verstoring en hoe snel de impact kan worden beperkt wanneer zich een incident voordoet.

Voor veel organisaties ligt daar nog werk. Niet omdat er helemaal geen maatregelen zijn, maar omdat de samenhang ontbreekt tussen dataopslag, detectie, beveiliging, recovery en operationele besluitvorming. Juist daar zit de waarde van een integrale benadering.

Tot slot

De hernieuwde verdieping in de samenwerking tussen NetApp en Commvault bevestigt een beweging die al langer zichtbaar is: cyber resilience vraagt om meer dan alleen back-up. Het vraagt om een slimme combinatie van datamanagement, beveiliging, detectie en herstel, ingebed in de dagelijkse realiteit van de organisatie.

Met Idaita als partner voor een sterke datafundering en OpenSight voor cyberweerbaarheid en herstel, helpen we organisaties om beschikbaar, beschermd en herstelbaar te blijven. Want alleen wanneer die drie samenkomen, ontstaat de veerkracht die nodig is om met vertrouwen te blijven ondernemen en innoveren.

In 2025, attackers became faster, smarter, and above all, less visible. The CrowdStrike 2026 Global Threat Report paints a threat landscape in which adversaries are increasingly exploiting trust: legitimate accounts, trusted cloud services, SaaS integrations, and software supply chains. The result is a type of attack that is difficult to distinguish from normal activity—with an impact that can materialize in minutes.

At the same time, 2025 is the year in which AI adversaries truly ramped up their activities. AI has enabled the acceleration of phishing, the automation of reconnaissance, and the “troubleshooting” of attack techniques. And it doesn’t stop there: AI systems themselves are becoming a new target and part of the attack surface

Key findings from the 2025 report

1. Attacks are happening faster than ever
   The average ‘breakout time’ (the time between initial access and lateral movement) dropped to 29 minutes in 2025. This is a 65% increase in speed compared to 2024. CrowdStrike’s fastest observed breakout took just 27 seconds.
2. A growing number of intrusions are malware-free
   In 2025, 82% of detections were malware-free. Attackers use valid credentials, admin tools and ‘living off the land’ techniques to avoid detection.
3. AI accelerates and democratizes attack capabilities
   CrowdStrike observed an 89% year-over-year increase in attacks by AI-enabled adversaries. AI not only increases the scale of attacks but also empowers less sophisticated actors to carry out operations that previously required greater expertise.
4. Cloud and identity are at the center of attention
   Cloud-related intrusions increased by 37% in 2025. Among state-affiliated actors, this figure was as high as 266%. Furthermore, valid account abuse accounted for 35% of cloud-related incidents, clearly indicating that identity is the main battleground.
5. Zero-day exploits and edge devices are narrowing the defense window
   The number of zero-day exploits prior to public disclosure increased by 42%. In 2025, activity linked to China surged by 38%, and in 67% of the vulnerabilities they exploited, the flaw provided direct system access. Furthermore, 40% of these exploits targeted internet-facing edge devices, such as VPNs, firewalls and gateways.
6. The blast radius is being expanded by supply chain attacks
   Attackers are increasingly compromising ‘upstream’ organizations, such as software vendors, repositories and CI/CD, in order to impact downstream organizations at scale. The report describes, among other things, the largest reported crypto theft ever: $1.46 billion, made possible through a supply chain compromise.

Manufacturing companies increasingly targeted

Attacks on industrial organizations and their supply chains led to disruptions in production processes. The speed at which attackers can move within networks makes strict separation between IT and OT, as well as clear chain agreements, essential.

Recommended measures (based on the recommendations in the report)

1. Secure AI: Protect AI Systems as well as AI Usage
   • Ensure that AI governance and monitoring align with how employees use AI tools.
   • Implement access controls and data classification to minimize data breaches.
   • Protect your AI workloads against runtime attacks, such as prompt injection.
   • Evaluate the suppliers and supply chains involved in the development and integration of AI.
2. Treat identity and SaaS as primary attack surfaces
   • Implement phishing-resistant MFA wherever possible.
   • Enforce the principle of least privilege for service accounts and non-human identities as well.
   • Monitor anomalous token and SaaS activity (OAuth, sessions, API keys).
3. Eliminate cross-domain blind spots
   • Consolidate telemetry across endpoints, the cloud, identity, SaaS, and the network.
   • Cross-domain correlation and detection (XDR + next-gen SIEM workflows).
   • Automate data enrichment with threat intelligence to identify attack paths more quickly.
4. Secure the software supply chain and developer workflows
   • Harden developer endpoints en CI/CD.
   • Validate dependencies and package integrity (scanning, signing, policy).
   • Conduct third-party risk assessments on tools and suppliers.
5. Prioritize the patching and monitoring of edge devices
   • Triage en patch internet-facing systemen versneld (streef naar uren/dagen, niet weken)
   • Accelerate the triage and patching of internet-facing systems, aiming for hours or days rather than weeks.
   • Segment to limit lateral movement from the perimeter

In short

2025 showed us that the most successful attacks are not necessarily the ‘newest’ ones, but rather those that are faster, smarter and better concealed through identity, the cloud, SaaS and supply chains. In 2026, the organization that will make a difference are those that organize their defenses to be just as cross-domain and agile as their adversaries’ operations.

Would you like to discuss what these insights mean for your organization (identity, SaaS, cloud, and edge)? Contact OpenSight for a tailored risk analysis and concrete steps for improvement.

For many organizations, 2026 feels like “just another year.” That is, until you see how rapidly cyberattacks are changing. This is not only because attackers are becoming smarter, but also because our technology and rules are evolving. Machines are becoming more digital and therefore more vulnerable, scams are becoming more convincing thanks to GenAI, and the question “What if it goes down for a while?” is slowly changing to “What if it goes down tomorrow?”

Are you also curious about our Cybersecurity Review of 2025, in which we look back on the most notable cybersecurity issues?

Below are the four trends that are expected to make a difference in 2026.

Machinery Regulation 2027: cyber becomes machine safety

The EU Machinery Regulation (Regulation (EU) 2023/1230) will apply from January 20, 2027, replacing the Machinery Directive from 2006. This makes 2026 the last full year of preparation.

Many people are surprised to learn that this regulation explicitly addresses the reality of modern machines. Today’s machines do more than just perform mechanical tasks; they run software, connect to networks, receive updates, and communicate with other systems. The recitals cite the emergence of digital technologies, such as AI, the Internet of Things (IoT), and robotics, as the reason why there were gaps in existing legislation that are now being closed.

Even more importantly for OT (operational technology), the text includes requirements that directly affect cyber resilience. For instance, there is a crucial health and safety component regarding “protection against corruption” (i.e., manipulation or undesirable influence via links or external connections), and it even references EU cybersecurity certification as a means of demonstrating compliance with certain requirements. It has been made clear that “cyber” is no longer just IT, but also part of product and machine safety.

GenAI phishing: the scammer gets a copywriting agency

Phishing is already a major issue, but by 2026, it will primarily involve large-scale, high-quality phishing attacks. Generative AI has drastically lowered the threshold for creating credible text. Poor grammar and odd phrasing used to be warning signs, but now, attackers can generate neat, businesslike emails in perfect English tailored to the industry, role, and tone in a matter of seconds.

ENISA (the EU’s cybersecurity agency) still cites phishing as the dominant entry point for cyberattacks. In their Threat Landscape report, they mention phishing as a very common starting point for cyberattacks and note the growing trend of AI accelerating and refining this type of social engineering.

Furthermore, ENISA reports that AI-assisted phishing now constitutes a significant portion of global social engineering activity. In other words, AI is no longer just a “gimmick”; it is quickly becoming the norm.

Minimum Viable Company: downtime becomes the real expense

The fourth trend is not about a new hack, but about the question: what happens to your company if something does go wrong? More and more organizations are shifting from the idea of “we must prevent everything” to “we must be able to continue working if it does happen.” This fits in with the concept of the Minimum Viable Company (MVC): the smallest functioning company that can still deliver, invoice, communicate, and meet basic requirements while the rest recovers.

Consulting firms and resilience frameworks use MVC to emphasize that, in a crisis, it is not necessary to immediately return to full capacity. Rather, the focus should be on maintaining a minimal, safe business operation. MVC can now be seen as an important boardroom topic because cyberattacks, outages, and supply chain problems are increasingly becoming “normal” business risks. MVC helps you focus on core processes, critical infrastructure, essential personnel, and key data so that, in the event of an incident, you know what “must stay alive” and don’t get lost in priorities.

For SMEs, this is perhaps the most practical lesson for 2026: not because you suddenly become immune, but because you prevent a single incident from turning into weeks of downtime.

Finally, 2026 will be the year of making mature choices

If you add up the four lines, you see the pattern: cyber is shifting from an “IT problem” to a “business reality.” Machines and OT are becoming more prominent due to the Machine Regulation. Phishing is becoming more convincing and widespread thanks to GenAI. AI tools are becoming more productive, but also more sensitive when it comes to data. The winners are organizations that already know in advance what their “minimum business” looks like.

In that respect, it makes sense that more and more organizations are looking for tools and partners that make AI use manageable and can protect data flows. Zscaler, for example, explicitly positions Zscaler AI around secure AI use and data protection. OpenSight is also an official Zscaler partner and guides organizations in these kinds of processes, precisely where technology, policy, and practice come together.

Would you like to know where your company will stand in 2026? Then it would be wise to conduct a risk assessment of your company.

See also our Cybersecurity Review 2025, in which we discuss the most notable cybersecurity issues in a white paper.

The year 2025 saw a rise in the level of professionalism of cyber threats. Attackers combined social manipulation, identity theft, cloud access and AI-driven automation to cause damage more quickly and in a more targeted way. Such developments necessitate greater visibility, stricter access control and clear frameworks for the use of technology.

Below is a brief overview of the most significant trends. You can read the full analysis in our white paper Cybersecurity review 2025.

Social phishing as the main route for attackers

Social engineering has shifted from email to a combination of telephone, chat, and remote support. Attackers now use convincing stories and legitimate tools to gain access without using malware. This makes behavioral and identity-based detection more important than ever.

Manufacturing companies increasingly targeted

Attacks on industrial organizations and their supply chains led to disruptions in production processes. The speed with which attackers move within networks necessitates a strict separation between IT and OT and clear chain agreements.

Why this matters to organizations

The 2025 cybersecurity landscape has been shaped by human behaviour, identity management, segmentation, and the controlled use of AI. OpenSight helps organizations put these principles into practice by identifying risks and translating the right measures into everyday routines.

Download the full white paper

Would you like to receive the complete analysis, including recommendations and practical examples?

The digital threats that businesses face today are greater and more varied than ever before. Hackers are constantly developing new methods, from sophisticated phishing campaigns and ransomware to deepfake attacks and social engineering. The question is no longer whether your organization will be attacked, but when.

Although technical measures such as firewalls and antivirus software are important, they are only part of the solution. Cybercriminals are increasingly targeting the human factor: employees who click on the wrong link or respond to a suspicious request.

That’s why cybersecurity awareness is essential!

What does cybersecurity awareness mean?

Cyber awareness goes far beyond simply knowing that ‘hackers exist’. It is about developing a security-conscious workplace culture, in which employees:

• Recognize and understand risks (phishing, malware, social engineering).
• Know how to act safely in everyday situations.
• Staying alert even when the workload is high or the attack is subtly packaged.

Awareness is therefore not a one-off training course or checklist, but an ongoing process of learning and application.

The dangers of not paying attention to cybersecurity

Many organizations still underestimate the impact of untrained employees. Some facts:

• Human error accounts for 74% of all data breaches (according to recent security reports).
• Phishing remains the most popular method of attack: a single click can grant access to entire corporate networks.
• The financial damage caused by a single incident can quickly amount to tens of thousands of euros, not to mention the potential reputational damage and fines under the GDPR.

As you can see, even the strongest IT environment can be undermined by a single inattentive employee.

Why one cyber security awareness training is not enough

Many companies invest in an annual e-learning or one-off workshop. The problem?

• Information fades quickly without repetition.
• Cyber threats are constantly evolving, so what was relevant last year is now obsolete.
• Employees become less alert when there are no regular triggers.

Awareness only works if it is part of the company’s DNA: short, relevant and repeated training, supplemented with practical simulations such as phishing tests.

The role of OpenSight and KnowBe4

At OpenSight, we believe that an organization can only be truly secure if people are part of the defence. That is why we work together with KnowBe4, the global market leader in security awareness.

What makes this approach unique?

• Access to a library full of training content, available in multiple languages and styles.
• Gamification and campaigns that really appeal to employees (like this year’s 80s arcade theme).
• Reports and metrics that show where risks lie and how they are reduced through training.

With this combination, we make security awareness fun, understandable and effective.

Cybersecurity Awareness Month

October is Cybersecurity Awareness Month worldwide. We are seizing this opportunity to raise awareness among organizations concerning the role their employees play. In collaboration with KnowBe4, OpenSight is organizing a free webinar in which we will take a closer look at:

• How to create support among management and employees.
• The latest cyber threats and how criminals operate.
• Practical ways to improve awareness structurally.

Cybersecurity is never “done”

As cybercrime never stops, neither can cybersecurity awareness. A one-off training course can create a false sense of security. In contrast, continuous programs build a human firewall that keeps pace with the times.

Would you like to know how you can achieve this in your organisation?
Register for our webinar during Cybersecurity Awareness Month and discover how you can structurally embed awareness in your corporate culture.