Proof Over Promises: A New Doctrine for Cybersecurity
TechRadar Pro interviewed NetSPI’s Director of Services, EMEA, Sam Kirkman, for a March 14, 2026 article exploring why organizations must demand evidence-based assurances from vendors to ensure robust third-party security. Read the preview below or view it online.
+++
The TechRadar Pro article, “Proof over Promises: A New Doctrine for Cybersecurity,” highlights the urgent need for vendors to shift from trust-based compliance to evidence-based security. As cyberattacks grow in frequency and sophistication, traditional assurances like contracts and certifications are no longer sufficient. Instead, vendors must actively demonstrate their security resilience through measurable and continuous validation, such as penetration testing. This proactive approach not only strengthens vendor-customer relationships but also mitigates risks in an increasingly interconnected and vulnerable digital landscape.
The article emphasizes the critical role of CISOs in driving this shift, advocating for greater alignment between vendors and customers. By demanding proof of robust cybersecurity practices, organizations can move beyond static assurances and address structural blind spots that leave vulnerabilities unchecked. This transformation is essential for building resilience, especially as supply chains become prime targets for cyberattacks. Ultimately, the doctrine of “proof over promises” represents a fundamental evolution in managing third-party risk and ensuring confidence in modern cybersecurity frameworks.
You can read the full article here.
Authors:
Explore More News
AI’s Role in the Next Era of Pentesting
This article discusses how AI can accelerate penetration testing, but without human expertise to validate findings and apply business context, organizations risk confusing faster output with stronger security.
Why Continuous Security Validation is Becoming a Security Imperative
CTO Magazine interviewed NetSPI's Field CISO, Nabil Hannan, for a June 11, 2026, article about how cloud-native architectures, continuous deployment pipelines, APIs, and AI-assisted development have accelerated change across enterprise environments.
Canvas breach puts global education cyber risk in focus
ITBrief interviewed NetSPI's Field CISO, Nabil Hannan, for a May 24, 2026 article about a major data breach in Instructure's Canvas learning management system disrupting final exams at universities.