EMA Research Blog: Navigating IT and Security Horizons

In early 2026, the world of IT fleet management is undergoing its most radical transformation since the 2020 remote work pivot. The original intent of device management solutions was to make managing multiple computers that required the same configuration easier. Today, it has become the frontline of corporate survival.

Late last night, Mr. William Chalmers from Lloyds Banking Group in the United Kingdom sent me quite an unusual email. With the subject “Mutual Investment,” I absolutely expected yet another boring investment scam email which would promptly go into the spam bin. However, upon opening this email I was pleasantly surprised to see that this scammer had not sent me an “investment opportunity” (read that as investment scam) but accidentally emailed me his source code. Oops. I won’t include the full code here, but I will include some interesting snippets.

If 2025 was the year the industry aggressively deployed agentic AI to automate everything from code deployment to customer service, 2026 is shaping up to be the year we pay the security debt for that speed. We have effectively built an "AI-native" enterprise ecosystem, but in doing so, we have introduced a new class of insider threat that doesn't sleep, doesn't take breaks, and crucially doesn't think like a human.

Well, 2025 has been an extremely interesting year with what can only be described as a massive  explosion of agentic AI. And while agentic might hold a large amount of potential to address deficiencies the industry has struggled with for years, with great power comes great responsibility.

Google's upcoming Android Developer Verification Program (ADVP), which launches fully in 2026, requires all developers to register and verify their identities before their applications can be installed on certified Android devices.

When I attended the Identity Week conference in Washington, D.C. last year, I noted a heavy focus on biometrics, especially focused on employee onboarding and background checks. While this is an important topic, I was disappointed that there wasn’t more focus on identity security and non-human identities. This year at Identity Week, that changed significantly.

The recent U.S. strikes on Iranian nuclear facilities dramatically reshaped the cyberthreat landscape facing American networks. In the weeks and possibly even months following the bombings, cybersecurity professionals should anticipate a surge in both opportunistic and state-aligned intrusions aimed at disrupting critical systems, stealing sensitive data, or undermining public confidence in digital infrastructure. Understanding the motivations, tactics, and potential targets of these adversaries is essential for organizations seeking to bolster their defenses and maintain operational resilience.

Black Hat Asia 2025 returned to Singapore with a dynamic mix of technical depth, real-world impact, and plenty of sobering insights about the evolving cybersecurity landscape. Across two packed days, experts from around the globe tackled threats old and new, offering live demonstrations, original research, and thought-provoking commentary on the increasingly blurred lines between digital, physical, and even quantum attack surfaces.

In an era when government operations increasingly rely on digital infrastructure to remain effective, accountable, and secure, messaging platforms emerged as both an enabler and a risk vector. The question of how government agencies communicate—internally, externally, and across jurisdictional lines—is no longer merely a matter of workflow optimization. It is a fundamental aspect of mission assurance, public trust, and operational integrity. Yet even as messaging tools proliferate and mature, the gulf between platforms built for accountability and those designed for privacy remains pronounced. Nowhere is that divide more evident than in the ongoing tension between Microsoft Teams and Signal—two platforms that, while often deployed in parallel, represent fundamentally different answers to the same set of urgent questions about security, control, and digital sovereignty.

In an era when cybersecurity threats continue to evolve at an unprecedented pace, organizations are seeking robust, goal-oriented solutions to identify and remediate security vulnerabilities effectively. Traditionally, penetration testing as a service (PTaaS) played a critical role in structured, systematic security assessments. However, as the industry shifts toward more dynamic and continuous testing models, it is becoming increasingly clear that PTaaS needs a redefinition—one that includes the advantages of bug bounty programs under its umbrella.