As organizations pile more apps into their SaaS stack, security teams are playing catch-up. Here's a roundup of some of the more practical writing on shadow IT, ransomware exposure, and data protection across Google Workspace and Microsoft 365.
Two pieces worth reading together: one on what shadow IT actually is and why it's harder to contain than most IT teams expect, and another on practical steps to combat shadow IT before it becomes a liability.
Ransomware targeting SaaS platforms behaves differently from traditional endpoint attacks. There's useful coverage of how protection works specifically within Google Workspace and Microsoft 365 environments.
A good explainer on where DevSecOps ends and traditional cybersecurity begins, provides a useful framing for teams figuring out who owns what.
Last Modified
5/29/2026