The IT Nerd

Quorum Cyber today reveals the extensive, but alarming findings of its 2026 Global Cyber Risk Outlook report. AI automation and Ransomware-as-a-Service (RaaS) platforms have fundamentally altered the threat landscape, enabling nation-state actors to automate up to 90% of intrusions, and pushing vulnerability disclosures past 35,000 for the first time. Attackers abandon slow-encryption tactics, as evidenced by ransom demands in financial services exploding by 179%. Organizations face a stark reality: detection windows are shrinking, barriers to hacker entry are collapsing, and even modestly skilled criminals now wield capabilities once reserved for elite operators.

Insights from the 2026 Global Cyber Risk Outlook are derived from incidents and investigations observed across over 350 global organizations ranging in staff size from 10 to 10,000 throughout calendar year 2025. Highlighted report findings that need to reshape 2026 cyber risk considerations include: 

• The number of newly formed ransomware groups increased by 30% in the year to October 2025 
• Global vulnerability disclosures rose 21%, surpassing 35,000 
• Early evidence of a nation-state group using AI agents to automate up to 90% of an intrusion 
• Cybercriminals are increasingly shifting away from encryption toward faster, lower-cost data exfiltration attacks 
• New white-label RaaS platforms enabling rapid launch of branded criminal operations 
• Average ransom demands surged across multiple sectors, including 179% in financial services and 97% in manufacturing 
• Nation-state threat actors associated with Russia, China, and Iran remain the top threats to the public sector, while North Korea-linked actors likely earned over $2 billion from cybercrime in 2025 

Industry Sector Companion Reports

In addition, the 2026 Global Cyber Risk Outlook includes companion reports focused on nine industry sectors, including energy, financial services and insurance, healthcare and pharmaceuticals, higher education, housing and construction, legal and professional services, manufacturing, public sector, and retail. Each companion report outlines sector-specific threat dynamics and practical considerations for strengthening cyber resilience. 

Quorum Cyber Teams With Microsoft

To help organizations interpret these findings and prioritize action, Quorum Cyber will host a live webinar on February 25 featuring Lesley Kipling, Chief Security Advisor at Microsoft, alongside Quorum Cyber’s Threat Intelligence leadership. The session will examine how evolving threat actor tactics intersect with modern cloud, identity, and AI-driven environments — and what security leaders should focus on to strengthen resilience heading into 2026.

The 2026 Global Cyber Risk Outlook reflects Quorum Cyber’s Microsoft-first approach to security, informed by deep visibility into cloud, identity, and AI-driven environments. Founded as a Microsoft-first security services provider, Quorum Cyber is a long-standing member of the Microsoft Intelligent Security Association (MISA) and holds all four Microsoft Security specializations: Cloud Security, Identity and Access Management, Information Protection and Governance, and Threat Protection. 

Quorum Cyber has ranked in 30th place this year in the 2025 MSSP Alert Top 250 – MSSP Alert’s annual list and research tracking the world’s top managed security services providers (MSSPs).

The company has jumped 20 places from its ranking of 50th in 2024, and since 2022 has risen by almost 120 positions. The rating is a measure of the company’s range of managed cybersecurity services and the types of cyber incident it has handled in the past 12 months, along with its revenue and headcount figures.

MSSP Alert is one of the leading online resources that reviews and assesses MSSPs and how they contribute to cybersecurity across the wider global economy. In an ever-evolving market, the MSSP Top 250 sets a benchmark for service excellence and innovation and keeps organizations and decision makers informed about the breadth and quality of services available in the market.

MSSP Alert compares cybersecurity service providers on several criteria including:

• Annual recurring revenues
• Profitability
• Business growth rate
• Cybersecurity professional headcount
• Managed security services offered
• MSSP Alert’s editorial coverage of MSSPs worldwide
• Third-party industry honors from analysts such as Gartner, Forrester, and IDC

In 2025 Quorum Cyber continued to build momentum for a new phase of growth for 2026 and beyond. The company launched its new Threat Division, made several exciting Executive Appointments, and won a string of Prestigious Awards. All this on top of integrating its two major acquisitions: Difenda and Kivu Consulting.

New Threat Business Unit

In January 2025, the business launched its new Threat business unit and appointed Paul Caiazzo as Chief Threat Officer. As a cybersecurity engineer, entrepreneur, and strategist with over 27 years’ experience, Paul brings a wealth of knowledge and expertise to the role, having previously developed cybersecurity businesses from the ground up. The Threat division of Quorum Cyber covers threat intelligence, threat hunting, incident response and ransom negotiations. The team is trusted by regulated sectors, has Preferred Vendor Status with over 40 insurance companies, and has established law firm partnerships with top boutique and full-service law firms.

Strengthened Leadership Team with New Senior Appointments

Quorum Cyber also strengthened its leadership team in 2025 with several senior appointments:

• Chief Revenue Officer (CRO) Mike LaPeters joined the business with 30 years’ experience in building and leading sales and marketing organizations and channels for security, storage and infrastructure software products.
• Stacey Sweeney brings nearly 30 years of cybersecurity marketing leadership experience to the Chief Marketing Officer (CMO) role. In her career to date, she has built high-performing teams to shape and revitalize brands.
• With more than two decades of senior leadership experience in the enterprise technology sector, Melissa Webb’s role as Vice President – Microsoft Partnership will drive and grow Quorum Cyber’s strategic partnership globally.
• And, as a seasoned risk and cybersecurity executive with over 25 years’ experience, John Bruce joined as the company’s Chief Information Security Officer (CISO) to further strengthen defenses across the business.

Awards and Recognition

In April 2025, Quorum Cyber won the Microsoft Security MSSP of the Year 2025 award at the Microsoft Excellence Awards. It also reached the finals of two more categories: Data Security & Compliance Trailblazer, and Security Changemaker. And for the second consecutive year, it was named as a Finalist in the 2025 Microsoft Security Partner of the Year awards, in November.

This month the company was named as a Microsoft Security Excellence Awards Finalist for Data Security & Compliance Trailblazer and Security Service Partner of the Year. Quorum Cyber has been named as a finalist in at least two categories at the Microsoft Security Excellence Awards since 2023, showing remarkable consistency in providing the highest standards of service delivery and satisfaction to customers worldwide.

Quorum Cyber was awarded Managed Security Service Provider of the Year at the CyberSecurity Breakthrough Awards 2025 in October and won Cybersecurity Company of the Year at the Scottish Cyber Awards 2025 in February.

With the Microsoft partnership being one of the pillars of the company’s success, Quorum Cyber also achieved the Identity and Access Management Specialization from Microsoft this year. As a Microsoft Solutions Partner for Security, the company now holds all four available Microsoft Security specializations: 1) Threat Protection, 2) Cloud Security, 3) Information Protection and Governance, and 4) Identity and Access Management. Building on this, in October Quorum Cyber was named as a proud participant of both the Microsoft Security Store Partner Ecosystem and the Microsoft Sentinel Partner Ecosystem.

Quorum Cyber today announced it is a Data Security & Compliance Trailblazer award finalist and a Security Service Partner of the Year award finalist in the Microsoft Security Excellence Awards. The company was honored among a global field of industry leaders that demonstrated success across the security landscape during the past 12 months. 

Quorum Cyber has been named as a finalist in at least two categories at the Microsoft Security Excellence Awards since 2023, showing remarkable consistency in providing the highest standards of service delivery and satisfaction to customers worldwide. 

This year’s recognition closely follows news, in November 2025, that Quorum Cyber was named as a finalist of the 2025 Microsoft Security Partner of the Year Award. The company was honored among a global field of top Microsoft partners for demonstrating excellence in innovation and implementation of customer solutions based on Microsoft technology.

At the Microsoft Security Excellence Awards on January 26th, 2026, Microsoft will celebrate finalists in six award categories honoring partner trailblazers, solution innovators, customer and technology champions, and changemakers. This is the sixth year Microsoft is recognizing partners for their outstanding work in the security landscape. All finalists are members of the Microsoft Intelligent Security Association (MISA), an ecosystem of leading security vendors comprised of software development companies and services partners that have integrated their security products and services with Microsoft’s security technology. 

MISA was established to bring together Microsoft leaders, software development companies and services partners to work together to defeat security threats and make the world a safer place. The industry veterans in MISA and Microsoft will vote to select the winners of the Microsoft Security Excellence Awards, providing an opportunity for colleagues to honor their peers for delivering exceptional work to our shared customers.

 Quorum Cyber has made a series of appointments to its senior leadership team to meet its strategic goals. 

John Bruce has joined the Microsoft-only company as Chief Information Security Officer (CISO), Mike LaPeters as Chief Revenue Officer (CRO), Stacey Sweeney as Chief Marketing Officer (CMO), and Melissa Webb as Vice President – Microsoft Partnership. 

The company has grown from a specialized cybersecurity startup into one of the fastest-scaling cybersecurity providers in the market. As a preferred Microsoft security partner and a mission-driven defender for mid-market and enterprise organizations, Quorum Cyber continues to invest aggressively in senior leadership to support accelerating demand across North America, the United Kingdom, and emerging global markets. 

These appointments reflect the company’s commitment to building a world-class executive team capable of scaling operations, strengthening its customers’ cybersecurity and cyber resilience, and advancing its leadership in the Microsoft security ecosystem.

As a seasoned risk and cybersecurity executive with over 25 years’ experience, John Bruce joined as the company’s CISO to further strengthen defenses across the business. He has previously held CISO roles at Places for People Group and CGI as well as senior global partner and director positions at IBM, Lloyds Banking Group, and Royal Bank of Scotland Group. 

Chief Revenue Officer Mike LaPeters has 30 years’ experience in building and leading sales and marketing organizations and channels for security, storage and infrastructure software products. Prior to Quorum Cyber, Mike held a number of senior leadership roles, including CRO at both Huntress and Domotz, VP of Worldwide Sales for VeloBit, VP of North American Sales for AVG Technologies, and VP of Worldwide Sales for Winternals. 

Stacey Sweeney brings nearly 30 years of cybersecurity marketing leadership experience to the Chief Marketing Officer role. She has built high-performing teams to shape and revitalize brands. Her previous leadership roles span emerging to mature companies including Akamai, Quantum Xchange, SANS Institute, and General Dynamics.

With more than two decades of senior leadership experience in the enterprise technology sector, Melissa Webb’s role as Vice President – Microsoft Partnership will drive and grow Quorum Cyber’s strategic partnership globally. Her previous positions include Global Alliance Executive for Microsoft Azure at Red Hat, Director of Business Development for Microsoft Azure, and Director of Global Strategic Alliance Marketing at VMware. 

Quorum Cyber has won the Managed Security Service Provider of the Year award at this year’s CyberSecurity Breakthrough Awards. 

Now in its ninth year, the annual CyberSecurity Breakthrough Awards recognize and celebrate the world’s most innovative information security companies, products and people. This year, they received thousands of nominations from established companies and start-ups in the information security and cyber security sectors around the world, making competition in every category extremely fierce.

This latest award closely follows several other accolades for Quorum Cyber this year, including being named Security MSSP of the Year in the Microsoft Security Excellence Awards 2025, winning the Cybersecurity Company of the Year award at the 2025 Scottish Cyber Awards, and being named a finalist in the Cyber Security Team of the Year category at the UK’s National Cyber Awards.

Quorum Cyber, a proactive, threat-led cybersecurity company founded to help organizations defend themselves in an increasingly hostile digital landscape, today announced its inclusion in the Microsoft Sentinel partner ecosystem. Quorum Cyber was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft. 

Quorum Cyber is working with Microsoft product teams to shape Sentinel product development, including validation of new scenarios, feedback on product operations, and API extensibility – while also extending Sentinel’s capabilities as part of the partner ecosystem. By creating solutions such as connectors, analytics, playbooks, hunting queries, Jupyter notebook jobs, and Security Copilot agents that leverage Sentinel’s open architecture and advanced analytics, Quorum Cyber is helping make innovation accessible to customers worldwide through the Microsoft Security Store. 

Microsoft Sentinel is evolving beyond its traditional role as a SIEM to also be an AI-ready platform – equipping defenders with unified security data, intelligent reasoning tools to help agents interpret data, and enriched context through graph-powered visibility. By bringing all these features together, Microsoft Sentinel now provides a scalable backbone for modern defense.

The Microsoft Security Store is setting a new benchmark for cybersecurity procurement and deployment. By centralizing a wide range of security solutions and AI agents—organizations can now streamline how they discover, acquire, and operationalize advanced security technologies. With features like industry framework alignment, simplified billing, and guided deployment, the Security Store helps security teams reduce complexity, accelerate adoption, and maximize the value of their security investment.

Quorum Cyber, a proactive, threat-led cybersecurity company founded to help organizations defend themselves in an increasingly hostile digital landscape, today released its Relentless Threats: 2025 Mid-Year Global Cyber Risk Outlook Report.

Compiled by Quorum Cyber’s Threat Intelligence team, with insights derived from its frontline engagements and strategic monitoring over the first half of the year, the report highlights the tracking of over 70 cybercriminal groups and Malware-as-a-Service (MaaS) offerings, unveiling sophisticated new tactics shaping the cyber threat landscape. It also includes a ransomware demand trend for Q1 2022 to Q1 2025 inclusive. 

What You’ll Learn from Quorum Cyber’s 2025 Mid-Year Global Cyber Risk Outlook Report:

• Rising Ransomware Threats: The ransomware group Codefinger has begun exploiting legitimate Amazon Web Services (AWS) features to encrypt cloud storage, marking a troubling trend toward targeting cloud-native infrastructure
• Emergence of New Stealware: Following law enforcement crackdowns, a new variant known as Acreed has emerged, highlighting the underground market’s resilience
• State and Criminal Convergence: North Korea’s Moonstone Sleet exemplifies the growing convergence of state and criminal capabilities, utilizing a Russian-language  Ransomware-as-a-Service (RaaS) platform to target software companies
• Quadruple Extortion Tactics: Groups like Qilin and DragonForce are innovating  extortion methods by incorporating services such as legal harassment, AI-driven  negotiation bots, and call centers, signaling the rise of ‘quadruple extortion’ in ransomware operations
• Mature RaaS Ecosystem: The RaaS model has evolved towards greater maturity and scalability, adopting enterprise business strategies. A newly discovered whitelabel model allows cybercriminal affiliates to rebrand ransomware payloads,  customizing attacks for specific targets
• Increased Ransom Demands: The report reveals a 53% rise in ransom demands from Q1 2022 to Q1 2025, varying across sectors based on financial size and threat actor behaviors
• Actionable Recommendations: understand how to defend against evolving cyber threats, including ransomware and stealware.

2025 Mid-Year Intelligence Briefing

Quorum Cyber recently hosted a webinar to explain the key findings of the report and shared actionable advice so that organizations in any sector can counter the growing threats and minimize the risk of becoming the victim of a cyber-attack. You can watch Relentless Threats: 2025 Mid-Year Intelligence Briefing on-demand for free at any time.

 Quorum Cyber will host a live webinar on Tuesday, June 24th, 2025, at 11 AM EDT / 4 PM BST. The 45-minute webinar, which will include a live Q&A session with Quorum Cyber’s Threat Intelligence team members who discovered NodeSnake, will cover their latest findings on the Remote Access Trojan (RAT) variant and malware strain strongly linked to the Interlock ransomware group. RAT and malware strains have been used to compromise the higher education sector and are believed to be targeting the public sector as well. Attendees may register for NodeSnake Explained: How to Detect and Defend Against It at https://bit.ly/4kBMn7g.

Attendees will leave the webinar equipped to defend themselves from NodeSnake and Interlock. They will have the opportunity to ask Quorum Cyber’s experts – Principal Incident Responder Mark Cunningham-Dickie and Threat Intelligence Analyst Michael Forrest –  questions to: 

• Gain valuable insights into NodeSnake and Interlock.
• Understand how to protect their IT estate from the malware and threat actor. 
• Learn how to strengthen their cybersecurity posture and cyber resilience.

Can’t attend the webinar? 

Access additional valuable content:

• Read the in-depth blog: ‘A Deep Dive into NodeSnake: the Devil is in the Detail’. 
• Download the NodeSnake Malware Report from Quorum Cyber’s Threat Intelligence Community.

 Quorum Cyber today announced it won the Security MSSP of the Year award in the Microsoft Security Excellence Awards 2025 presented by the Microsoft Intelligent Security Association (MISA). The company’s innovation and achievements over the past 12 months have elevated and distinguished it within the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors (ISVs) and managed security service providers (MSSPs) that have integrated their security products and services with Microsoft Security technology.

Award winners demonstrated excellence across the security landscape during the past 12 months. 

At the sixth annual Microsoft Security Excellence Awards on April 28, Microsoft announced award winners in 9 categories honoring partner trailblazers, customer and technology champions, and changemakers. This is the sixth year awards were given. Quorum Cyber won the Security MSSP of the Year award. 

Established as an association to bring together Microsoft leaders, ISVs, and MSSPs, MISA focuses on collaborating to combat security threats and create a safer environment for all. Its mission is to provide intelligent, industry-leading security solutions that work together to help protect organizations at the speed and scale of AI in an ever-increasing threat landscape. Together with Microsoft stakeholders, MISA members voted on the Microsoft Security Excellence Awards, recognizing their peers’ efforts towards enhancing security.  

Quorum Cyber has been awarded the Identity and Access Management Specialization from Microsoft. As a Microsoft Solutions Partner for Security, the company now holds all four available Microsoft Security specializations: Threat Protection, Cloud Security, Information Protection and Governance, and Identity and Access Management. This achievement places Quorum Cyber in an exclusive group of Microsoft partners who hold all four security specializations – less than half a percent of partners globally have achieved this distinction.

This new specialization allows the company to showcase its proven, verifiable expertise in deploying Microsoft Identity workloads. It helps customers identify partners with the technical capabilities and proven experience deploying Microsoft Identity workloads using Microsoft Entra ID, a cloud-based identity and access management service. 

Quorum Cyber’s expertise was verified through customer references and Microsoft exams to ensure it can deploy and manage workloads, including managing and securing identities, implementing identity governance, and deploying conditional access policies using Microsoft technologies such as Microsoft Entra ID.

With a close and longstanding relationship with Microsoft, Quorum Cyber was founded as a Microsoft-only security services provider and member of the Microsoft Intelligent Security Association (MISA). In 2024, it was a Microsoft Partner of the Year finalist for demonstrating excellence in innovation and implementation of customer solutions based on Microsoft technology. At the Microsoft Security Excellence Awards in 2024, it was named a Security MSSP of the Year finalist and Security Customer Champion finalist. And Difenda, which Quorum Cyber acquired in 2024, was also shortlisted for Security MSSP of the Year.

Quorum Cyber has a strong vision for identity security. It remains committed to investing in recruiting and training skilled team members, as well as obtaining industry-recognized certifications, to protect its customers in an inhospitable and unpredictable digital landscape.