Last Updated on March 20, 2026 by Matthew Goodchild
Q1 2026: Security Snapshot & What's New at CG
Short, actionable updates on what we're seeing across the IT and cybersecurity landscape; along with real-world examples of how we help businesses strengthen security, reduce risk, and improve system performance.
Credential-Based Attacks Up 22%
Over the past two months, we've seen a noticeable increase in credential-based attacks, especially phishing emails designed to look like Microsoft 365, DocuSign, and shared file notifications.
Key Trends Worth Knowing
- Most modern cyber incidents now start with stolen usernames and passwords.
- Phishing emails are increasingly AI-generated, making them harder to spot with the naked eye.
- Multifactor authentication (MFA) continues to be one of the most effective controls against unauthorized access.
Don't Trust "Urgent" Emails
Many phishing emails rely on urgency: "Your account will be locked," "Immediate action required." If you receive an unexpected or suspicious email:
- 1 Do not click links or open attachments.
- 2 Hover over links to check the actual destination.
- 3 When in doubt, forward it to your IT support team.
Cyber Insurance & Regulatory Standards Are Rising
Cyber insurance carriers and regulators are raising minimum security standards, making controls like MFA, advanced endpoint protection, and continuous monitoring mandatory rather than optional. Many small and mid-sized businesses are discovering gaps in their security posture only during insurance renewals, compliance audits, or after a security incident.
CG Technologies proactively aligns its managed security services with evolving insurance and regulatory requirements. Our approach combines enforced MFA, managed detection and response, centralized monitoring, and strengthened access controls to reduce the risk of ransomware, credential theft, and data breaches; while helping ensure insurance eligibility and minimizing the risk of denied claims.
For prospective clients, this means fewer surprises, stronger protection, and a clear path to meeting today's security expectations. We offer a structured security review to identify gaps, assess risk exposure, and provide practical, business-focused recommendations tailored to your environment.
In today's threat landscape, strong security is not just an IT function, it is a business requirement.
Introducing Our New Managed Service Bundles
We've introduced a new lineup of Managed Service Bundles designed to provide scalable, right-sized IT and cybersecurity protection for growing businesses. Each tier is strategically aligned to the Center for Internet Security (CIS) Controls best practices.
From foundational monitoring and patch management in our Essentials package, to advanced threat detection, identity protection, and layered security controls in our Security and Advanced bundles; each offering maps to key CIS domains: secure configuration, continuous vulnerability management, access control, audit logging, and incident response.
Security Essentials
Reliable IT operations, predictable costs, and a strong foundation for growth.
Security Standard
Stronger cybersecurity for businesses handling sensitive data — without managing tools internally.
Security Pro
For organizations with compliance requirements, higher risk exposure, or a need for strategic IT governance.
If you're looking for a trusted IT partner, we're here to help.
Book a Security Review