Monday Morning Impact – January 26
Netskope Report Outlines Key Security Threats
Netskope has rolled out the 2026 edition of the company’s Netskope Cloud and Threat Report, analyzing the most significant cybersecurity trends of the previous year, and offering a preview of the challenges and risks that will define the enterprise landscape in 2026.
In 2025, the rapid, often ungoverned, adoption of generative AI fundamentally reshaped the cybersecurity landscape, according to the report. As organizations navigated the complexities of cloud data security, persistent phishing campaigns, and malware delivered through trusted channels, the introduction of widespread AI usage—particularly “shadow AI” and emerging “agentic AI”—layered new and complex data exposure risks onto the modern enterprise environment. Not only do security teams still have to manage existing risks, but they now also have to manage the risks created by genAI.
The most immediate genAI-specific risk is the substantial surge in data exposure, with the rate of data policy violations associated with genAI application usage doubling last year. This accelerated adoption is frequently driven by shadow AI—employee use of unmanaged services and personal accounts—resulting in the leakage of highly sensitive material, including source code, regulated data, and intellectual property. Concurrently, the operational introduction of agentic AI systems, which execute complex, autonomous actions across internal and external resources, creates a vast, new attack surface that necessitates a fundamental re-evaluation of security perimeters and trust models.
The number of people using SaaS genAI apps like ChatGPT and Gemini has increased threefold, while the number of prompts people are sending to the apps has increased sixfold in the last year, according to Netskope. Shadow AI remains a significant challenge, with 47% of genAI users using personal AI apps. With the rise in popularity of genAI apps, the number of incidents of users sending sensitive data to AI apps has doubled in the past year, with the average organization seeing 223 incidents per month.
Personal apps are a significant insider threat risk: 60% of insider threat incidents involve personal cloud app instances, with regulated data, intellectual property, source code, and credentials frequently being sent to personal app instances in violation of organization policies.
Despite a year-over-year decline in the number of people clicking on phishing links, phishing is still a persistent problem, with 87 out of every 10,000 users clicking on a phishing link each month, and Microsoft being the most mimicked brand.
Malware continues to infiltrate organizations through trusted channels: Attackers continue to have success in distributing malware to their victims through trusted channels, including software registries like npm and popular cloud apps like GitHub, OneDrive, and Google Drive.
Channel Impact®
This report provides a look back at the most significant trends of 2025 and serves as a critical preview of the evolving threat landscape for 2026, highlighting the additive nature of the risks that security teams must now confront.
CrowdStrike and Nord Security Announce SMB Cybersecurity Partnership
CrowdStrike and Nord Security have announced a strategic partnership that combines CrowdStrike’s Falcon platform with Nord Security’s secure access and credential management solutions to augment security for small-to-medium businesses.
According to CrowdStrike’s State of SMB Cybersecurity Survey, just 36% of SMBs are investing in new tools, and only 11% have adopted AI-powered defenses. At the same time, adversaries are increasingly targeting smaller organizations with enterprise-level attacks. This partnership is intended to address that gap.
Under the plan, Nord Security will offer Falcon Go, CrowdStrike’s AI-powered solution purpose-built for SMBs, and Falcon Enterprise directly through NordLayer, a toggle-ready network security platform for business, pairing the Falcon platform with NordLayer’s secure access. CrowdStrike, Nord Security, and Pax8 also plan to launch an add-on for Falcon Next-Gen SIEM that combines the capabilities of the Falcon platform with Nord Security’s secure access and network solutions, including 90 days of free access for qualifying customers.
“This partnership transforms how SMBs secure their business,” said Daniel Bernard, Chief Business Officer at CrowdStrike. “Together with Nord Security, we’re redefining cybersecurity for SMBs – combining the power of the Falcon platform with Nord Security’s SMB go-to-market prowess and secure access technology to deliver enterprise-grade protection that’s fast to deploy, simple to manage, and built to stop breaches.”
“Every growing business faces the same challenge: their attack surface is expanding faster than their ability to secure it,” said Mantas Ulozas, Chief Business Development Officer at B2B Commercial at Nord Security. “By combining our secure access and credential management solutions with CrowdStrike’s Falcon platform, we’re removing barriers of cost and complexity that have long limited SMBs’ access to enterprise-grade protection – giving them the visibility and confidence to defend against modern threats.”
Channel Impact®
The partnership is intended to deliver enterprise-grade protection that’s simple, accessible, and effective for every business.
CompTIA: Tech Hiring Remains “Stuck”
Technology-related employment activity remained stuck in neutral in December, according to an analysis of U.S Bureau of Labor Statistics by CompTIA, a suburban Chicago-based industry association.
According to the analysis, tech industry employment was essentially flat, with technology companies reducing staffing by an estimated 1,461 positions last month. Staffing reductions included workers in both technical and non-technical occupations.
Tech occupation employment, which encompasses technology professionals employed in all industry sectors, declined by an estimated 7,000 workers. The unemployment rate for tech occupations dropped to 3.3% in December, compared to the national unemployment rate of 4.4%.
Active employer job postings for technology positions totaled nearly 380,000 in December, down about 10,300 from November. Of this figure, employers deployed 162,000 new tech job postings for the month to recruit for positions spanning software, data, systems, infrastructure and AI.
“Stuck is a fitting characterization for a labor market where employers and workers face uncertainty on so many fronts,” said Tim Herbert, chief research officer at CompTIA.
The data confirms employers continue to increasingly prioritize artificial intelligence (AI) skills among candidates across just about every type of job role. The total volume of active job listings citing an AI skill requirement totaled 94,067 for the month, an increase of 111% year-over-year.
The impact of AI on the tech workforce, and the broader labor market, remains difficult to untangle. Both the direct and indirect effects of AI on employment and hiring are not always apparent in the labor market data. Further clouding the situation is the 64% of companies that acknowledge using AI as cover for staffing decisions, such as hiring freezes or layoffs, according to research from CompTIA.[3] The same report revealed that among businesses reporting an incidence of replacing staff positions with AI, 48% also moved staff to other positions and another 36% added new staff.
Channel Impact®
Partners should note that key tech employment metrics are moving in step with broader labor market, and plan accordingly.
Stay in the Know
Keep tabs on what’s happening in the channel and the impact it will have on the partner community by subscribing to Channel Impact communications.
Recent News
Search Buzz
Buzz Categories
