Critical infrastructure

NIST explores OT asset management to strengthen cybersecurity

NIST’s National Cybersecurity Center of Excellence (NCCoE) is seeking public feedback on a new project focused on operational technology (OT) asset management as the foundation for stronger OT cybersecurity.

The draft project description, Asset Management as a Foundation for OT Cybersecurity, outlines the project’s scope, challenges and technical approach. The NCCoE plans to demonstrate practical methods for OT asset discovery, inventory, configuration and change management.

The project will involve collaboration with asset owners, operators, and solution providers. The NCCoE plans to demonstrate real-world OT asset management and visibility solutions using commercially available products.

The proposal also includes a high-level reference architecture, desired technical capabilities and alignment with relevant standards, including outcomes from the NIST Cybersecurity Framework 2.0.

The NCCoE said AI is accelerating both the discovery and exploitation of vulnerabilities, making strong OT asset management increasingly important as organisations modernise industrial systems, adopt zero trust architectures and respond to AI-driven cyber threats.

Many organisations struggle to maintain a complete inventory of OT assets. Without effective asset management, activities such as risk assessment, network segmentation, vulnerability management, incident response and technology modernisation become significantly more difficult.

The NCCoE said the laboratory demonstration will support the development of source code, scripts, architectures, procedures, and guidelines. These resources are intended to help organisations gain the visibility needed to detect and respond to modern cyber threats in OT environments.

The centre is seeking input from asset owners, operators, technology providers, and cybersecurity practitioners. Feedback will help refine the project scope, use cases, reference architecture, and demonstration objectives.

Following the consultation, the NCCoE plans to recruit collaborators for project demonstrations and development activities. Public comments on the draft are open until 31 July 2026.

Why does it matter?

Operational technology underpins critical infrastructure, manufacturing and industrial operations, making accurate asset visibility a prerequisite for effective cybersecurity. As AI enables attackers to identify and exploit vulnerabilities more quickly, organisations need reliable inventories, configuration management and continuous monitoring to support risk assessments, zero trust strategies and incident response.

The project also reflects a broader shift towards practical cybersecurity guidance. By working with industry to develop reference architectures, tools and implementation guidance aligned with the NIST Cybersecurity Framework 2.0, the NCCoE aims to help organisations translate cybersecurity best practices into operational improvements across industrial environments.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

NCSC warns of growing cyber risks to critical infrastructure

Hostile state actors were linked to around three-quarters of cyber attacks affecting the UK’s critical national infrastructure over the past year, according to the head of the National Cyber Security Centre.

Speaking at the Royal United Services Institute’s Annual Security Lecture, NCSC CEO Dr Richard Horne said the agency managed more than 200 cyber incidents affecting critical national infrastructure and its supporting ecosystem in the year to May 2026.

Horne said around 75% of those incidents were believed to be linked to state actors. He warned that hostile states are increasingly targeting the systems that underpin essential services in the UK.

The NCSC chief said cybersecurity should not be treated only as a technical risk to be managed, but as an ongoing contest with capable adversaries. He urged executives and board members to improve resilience by understanding their exposure to threats, strengthening proven security fundamentals and ensuring organisations can continue operating and recover quickly after attacks.

Horne also warned that AI is likely to accelerate the threat. The NCSC assesses that by 2028, attackers will probably use AI-enabled cyber capabilities to exploit known vulnerabilities in legacy technology at scale across critical national infrastructure.

He said many serious incidents still occur because basic cybersecurity measures are not in place. The warning places legacy systems, board-level accountability and operational resilience at the centre of the UK’s critical infrastructure security debate.

Why does it matter?

The NCSC warning shows that cyber attacks on critical infrastructure are no longer just an operational IT risk. They are part of a wider geopolitical contest involving hostile states, essential services and national resilience. The AI warning makes the issue more urgent: if attackers can use AI to exploit known weaknesses in legacy systems at scale, organisations that have tolerated unresolved vulnerabilities may face attacks much faster and broader.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

EU targets AWS and Azure under the DMA

The European Commission has informed Amazon and Microsoft of its preliminary view that their cloud computing services, Amazon Web Services and Microsoft Azure, should be designated as gatekeepers under the Digital Markets Act.

The move could extend the DMA’s reach into cloud infrastructure, a sector the Commission describes as critical to Europe’s digital economy and AI development.

The Commission opened market investigations into AWS and Azure in November 2025. It has now been provisionally concluded that both services act as important gateways between businesses and customers in the EU, despite not meeting the DMA’s standard quantitative thresholds.

According to the Commission, AWS and Azure benefit from large and established user bases, high switching costs, loyalty effects, broad cloud ecosystems and long-standing market positions. It also said their AI tool portfolios and partnerships are becoming increasingly important for cloud customers.

Amazon and Microsoft now have the opportunity to examine the investigation files and respond to the preliminary findings. If the Commission confirms its assessment, AWS and Azure would be designated as gatekeepers, and the companies would have six months to comply with DMA obligations.

The Commission said fair and competitive cloud markets are important for secure, sustainable and interoperable cloud services in Europe. It also linked the case to Europe’s wider technological sovereignty objectives, as cloud infrastructure underpins AI systems, enterprise software and public services.

Why does it matter?

The case shows how the EU competition policy is moving deeper into the infrastructure behind the AI economy. Cloud platforms are no longer just business services; they shape access to compute, data, AI tools, software ecosystems and switching options for companies and public institutions. If AWS and Azure are designated as DMA gatekeepers, the decision could affect cloud interoperability, customer lock-in and the balance of power between US hyperscalers and European cloud providers.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Canadian cybersecurity agency warns AI is reshaping cyber threats

Canada’s Centre for Cyber Security has warned that frontier AI models are rapidly transforming the cyber threat landscape, reducing the time organisations have to detect, contain and respond to attacks.

According to the Cyber Centre, AI is enabling cybercriminals to identify vulnerabilities, automate complex attack chains and generate increasingly convincing phishing campaigns, deepfakes and voice impersonation attacks at unprecedented speed and scale.

The advisory follows a joint statement by the Five Eyes cybersecurity agencies urging organisations worldwide to strengthen cyber resilience before AI-enabled attacks evolve into major operational, financial and national security incidents.

The Cyber Centre also highlights internal risks associated with unapproved AI use, including the exposure of sensitive information and reliance on inaccurate or manipulated AI-generated outputs.

Rather than viewing AI solely as a source of risk, the Cyber Centre encourages organisations to integrate frontier AI into cybersecurity operations. AI can help identify vulnerabilities earlier in software development, strengthen secure-by-design practices, improve security monitoring and accelerate incident detection and response.

The guidance emphasises that fundamental cyber hygiene, including timely patching, phishing-resistant multi-factor authentication, network segmentation, centralised logging and regularly tested incident response plans, remains essential despite rapid advances in AI capabilities.

Why does it matter?

The guidance reflects a shift in cybersecurity from preparing for future AI risks to responding to immediate operational challenges. As frontier AI enables attackers to identify vulnerabilities, automate exploitation and produce more sophisticated phishing and social engineering campaigns, organisations may have less time to detect and contain incidents.

The advisory also reinforces an emerging consensus among the Five Eyes partners that AI should be treated as both a cyber risk and a defensive capability. Alongside robust governance and responsible AI use, organisations are increasingly expected to combine AI-enabled security tools with strong cyber hygiene, secure-by-design practices and resilient incident response capabilities to keep pace with a rapidly evolving threat landscape.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

EU funds first regional hubs to protect undersea cables

The European Commission has announced funding for the first two Regional Cable Hubs in the Baltic and Mediterranean seas as part of a broader effort to strengthen the protection of Europe’s critical undersea infrastructure. The initiative aims to improve coordination in monitoring and responding to risks affecting submarine communication and energy cables.

Alongside the €5.8 million allocated to establish the hubs, the Commission has launched a €40 million funding call to expand Europe’s capacity to repair damaged submarine cables. The measures form part of the EU Action Plan on Cable Security, which aims to improve resilience against both physical and cyber threats affecting critical data and energy infrastructure.

The programme is intended to enhance the EU’s ability to detect incidents earlier and coordinate rapid responses across member states. Officials say the initiative will also strengthen cross-border cooperation among countries facing shared security challenges in strategically important maritime regions.

Executive Vice-President Henna Virkkunen said the project reflects Europe’s commitment to improving security and sovereignty by investing in stronger infrastructure resilience. The new hubs are expected to act as coordination centres for faster incident response, improved preparedness and enhanced situational awareness in the face of emerging threats.

Why does it matter?

Submarine cables are a critical component of modern digital and energy infrastructure, carrying the vast majority of international internet traffic while also supporting financial transactions, cloud services and cross-border energy connectivity. Disruptions to these networks can have immediate economic, security and operational consequences that extend far beyond the affected region.

The initiative also reflects a broader shift in European security policy. As concerns grow over geopolitical tensions, hybrid threats and infrastructure sabotage, the EU is increasingly treating undersea cables as strategic assets that require coordinated protection, monitoring and rapid repair capabilities. Strengthening resilience in these networks is becoming an important element of Europe’s broader agenda on digital sovereignty, critical infrastructure security and collective resilience.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

Spain moves closer to hosting one of Europe’s first AI gigafactories

Spain has taken another significant step in its effort to become a leading European hub for AI and advanced computing infrastructure.

The Council of Ministers has approved a €300 million voluntary contribution to the European High Performance Computing Joint Undertaking (EuroHPC), the body responsible for supporting Europe’s AI factories and the future development of AI gigafactories.

According to the Ministry for Digital Transformation and Public Administration, the contribution is a critical component of Spain’s bid to host one of the EU’s first AI gigafactories.

The government argues that access to large-scale computing infrastructure is becoming essential for researchers, universities, startups and businesses seeking to develop advanced AI systems and remain competitive in an increasingly AI-driven economy.

The investment builds on Spain’s existing role within Europe’s supercomputing ecosystem. The country already hosts AI factories at the Barcelona Supercomputing Center and the Galician Supercomputing Center, while the MareNostrum 5 supercomputer has supported projects ranging from genomic research to climate and digital twin initiatives.

The funding also aims to strengthen Spain’s position in quantum technologies, an area increasingly viewed as strategically important for Europe’s long-term technological autonomy.

The announcement reflects a wider European push to expand sovereign computing capabilities as demand for AI training infrastructure grows worldwide.

By seeking to host an AI gigafactory, Spain hopes to attract investment, support innovation, strengthen domestic technological capabilities and position itself as a central player in Europe’s next-generation AI ecosystem.

Why does it matter?

Access to large-scale computing infrastructure is becoming a strategic prerequisite for advanced AI development. Training frontier AI models, running large-scale simulations and supporting scientific research require computing resources that are increasingly concentrated among a small number of global technology providers. Spain’s investment seeks to strengthen both national and European capacity in this critical area.

The announcement also reflects the EU’s broader push for technological sovereignty. By expanding domestic AI and supercomputing infrastructure, Europe aims to reduce dependence on foreign computing resources, support innovation ecosystems and ensure that advanced technologies are developed within frameworks aligned with European values, regulations and industrial priorities. The competition to host AI gigafactories is therefore as much about economic competitiveness and strategic autonomy as it is about computing power.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

FIFA World Cup 2026 faces growing AI and cybersecurity threats

The FIFA World Cup 2026 is not only a football tournament. It is one of the largest digital security tests ever associated with a global public event.

With 48 teams, 104 matches and 16 host cities spread across the USA, Canada and Mexico, the ongoing tournament creates a vast network of stadium systems, ticketing platforms, broadcasters, hotels, transport providers, mobile applications, public Wi-Fi networks, payment systems, and connected devices.

The scale of digital interconnection is unprecedented in the history of international sport.

The Canadian Centre for Cyber Security has warned that the event will almost certainly attract cybercriminals, state-sponsored actors and other threat groups because of its visibility, infrastructure complexity, and broad supplier ecosystem.

Similar concerns have been raised by cybersecurity researchers, government agencies and intelligence analysts, all of whom view the tournament as a high-value target.

Canada warns FIFA World Cup 2026 could face cyberattacks, scams and AI-driven disinformation.

What makes the World Cup 2026 particularly significant is the growing role of AI.

AI will support crowd management, threat detection, cybersecurity operations, content moderation, logistics planning, and fan engagement. Ironically, the same technologies will provide attackers with powerful new tools to automate phishing campaigns, generate convincing deepfakes, conduct fraud operations and spread disinformation at an unprecedented scale.

Perhaps paradoxically, the result is a tournament where AI functions simultaneously as a defensive capability and an offensive weapon.

The largest entertainment attack surface in history

Cybersecurity experts have described the FIFA World Cup 2026 as the ‘largest global entertainment attack surface in history’. The description reflects not only the size of the tournament but also the complexity of its digital ecosystem.

Every match involves interactions between permanent stadium infrastructure, temporary commercial suppliers, cloud service providers, telecommunications operators, transportation networks, emergency services, broadcasters, and millions of fans. Unlike previous tournaments, many of these systems are deeply integrated through digital platforms and real-time data exchanges.

Researchers have noted that the attack surface extends far beyond FIFA’s own networks. Airlines, hotels, payment processors, media organisations, local authorities, ride-sharing platforms and tourism providers all become part of the broader security environment. A successful attack on any of these entities could create disruption that affects the tournament itself.

The Center for Strategic and International Studies (CSIS) has divided the World Cup attack surface into three layers. The first includes direct tournament infrastructure such as stadiums, ticketing systems, and broadcasting operations.

The second includes supporting infrastructure such as telecommunications networks, transportation systems and cloud providers. The third consists of millions of individual devices belonging to players, officials, journalists, sponsors and supporters.

Consequently, a cyber incident does not need to compromise FIFA directly to have significant consequences. A ransomware attack affecting a hotel chain, a denial-of-service attack against a transportation provider, or a breach of a ticketing partner could undermine public confidence and create operational disruption in multiple host cities.

AI-driven cybercrime and financial fraud

The most immediate threat facing supporters is financially motivated cybercrime. Major sporting events have historically attracted fraud schemes, but AI significantly increases their sophistication and reach.

Criminal groups are expected to exploit public interest through phishing campaigns, social engineering operations, fake ticket sales, fraudulent travel packages, malicious mobile applications and counterfeit livestreaming services.

The Canadian Centre for Cyber Security highlighted research indicating that more than 4,300 suspicious World Cup-related domains had already been identified by August 2025.

Generative AI allows attackers to produce convincing communications in multiple languages within seconds. Emails can imitate official FIFA announcements, airline notifications, hotel confirmations or ticketing updates with remarkable accuracy. AI-generated text can eliminate many of the grammatical errors that have traditionally exposed phishing attempts.

The personalisation capabilities of AI further increase effectiveness. Information gathered from social media profiles can be used to create tailored messages targeting specific individuals.

A supporter who has publicly discussed attending a World Cup match may receive a realistic-looking email containing details of a stadium, flight, or accommodation booking.

Cybersecurity researchers also warn about AI-powered chatbots designed to engage victims in extended conversations, gradually building trust before directing them towards malicious websites or fraudulent payment portals.

Such attacks represent an evolution beyond traditional phishing because they can adapt dynamically to the victim’s responses.

Deepfakes, disinformation and information warfare

One of the most significant AI-related concerns surrounding the World Cup is the potential use of deepfake technology and synthetic media.

Deepfakes can generate highly realistic audio, video, and images depicting events that never occurred. During a tournament watched by billions of people, such content could spread rapidly before verification mechanisms have time to respond.

Ball, Football, Soccer, Soccer Ball, Sport, Adult, Male, Man, Person, Computer, Electronics, Laptop, Pc, Cup, Screen, Computer Hardware, Hardware, Accessories, Formal Wear, Tie, Monitor, Phone, Electrical Device, Microphone, Mobile Phone, Book, Publication, Blackboard, People, Face, Head, Gianni Infantino, Lionel Messi

A fabricated video appearing to show a national team manager criticising players, a fake government announcement warning of security threats, or an AI-generated recording supposedly involving FIFA officials could create confusion and damage reputations.

Even brief circulation of false information may influence public perception, financial markets, or security decisions.

Threat actors are very likely to employ AI-generated articles, images and videos during the World Cup tournament. Furthermore, state-sponsored influence operations remain possible, particularly if geopolitical tensions involving participating nations intensify.

The risk is not limited to political manipulation. Criminal groups may use deepfakes to support fraud operations, impersonate public figures or create fake emergency announcements designed to generate panic.

The speed of modern social media platforms means that misleading content can reach millions of users before fact-checking efforts can become effective.

The World Cup, therefore, represents a major test for digital information resilience. Governments, media organisations and technology platforms will need rapid verification capabilities to distinguish authentic content from increasingly sophisticated synthetic media.

Critical infrastructure and operational technology risks

The World Cup’s dependence on critical infrastructure creates another layer of cybersecurity concern.

Electricity grids, water systems, telecommunications networks, transportation infrastructure and emergency communications all support tournament operations. Any disruption affecting these systems could have consequences extending far beyond football matches.

Security researchers have warned that operational technology environments often remain less protected than traditional information technology networks. Many infrastructure systems were designed decades ago, long before cybersecurity became a primary concern.

As digital connectivity expands, vulnerabilities within such systems become increasingly attractive targets.

A cyber-attack on public transportation networks could delay tens of thousands of supporters travelling to World Cup matches. Disruptions affecting telecommunications systems could interfere with emergency coordination, media coverage and public communications.

Attacks targeting stadium access systems could create safety concerns if spectators are unable to enter or exit venues efficiently.

The multinational structure of the tournament further increases its complexity. The US, Canada and Mexico operate under different legal frameworks, cybersecurity standards and regulatory environments.

Effective protection, therefore, requires unprecedented levels of coordination between public authorities and private sector partners in the three countries.

Protecting fan data and digital identities

The FIFA World Cup generates enormous volumes of personal data. Ticket purchases, accommodation bookings, transportation arrangements, mobile applications, loyalty programmes and payment systems all collect information about supporters.

Such datasets are highly attractive to cybercriminals. Personal information can be used for identity theft, financial fraud, account takeovers or targeted phishing campaigns. The concentration of large numbers of international visitors further increases the value of collected data.

Digital ticketing systems present both opportunities and risks. While electronic tickets reduce certain forms of fraud and improve operational efficiency, they also create new attack vectors. Compromised accounts, stolen credentials and fake ticket marketplaces can all exploit digital ticketing ecosystems.

The use of biometric technologies introduces additional challenges. Facial recognition systems may be employed for security screening, venue access or identity verification. Although such technologies can improve efficiency and security, they also raise questions about privacy, consent, data retention, and oversight.

Person, Electronics, Mobile Phone, Phone, Adult, Male, Man, Computer Hardware, Hardware, Monitor, Screen, Guard, Face, Head, Mattia De Sciglio

Maintaining public trust requires transparency regarding how personal information is collected, stored, and protected. Strong cybersecurity measures must be accompanied by clear governance frameworks and accountability mechanisms.

Online abuse and AI moderation

Cybersecurity during the World Cup extends beyond technical attacks. Online abuse, harassment and hate speech represent significant digital risks affecting players, officials and supporters.

Experience from previous tournaments illustrates the scale of the problem. FIFA reported that one in five players participating in the 2023 Women’s World Cup experienced online abuse. Through the Social Media Protection Service, nearly 117,000 comments were hidden or blocked during the competition. Almost half of the abusive messages were classified as sexist, sexual, or homophobic.

The scale of online interaction surrounding the men’s World Cup is expected to be substantially larger. Social media platforms, therefore, face significant pressure to prevent abuse while preserving legitimate expression.

Ofcom has already warned platforms about their responsibilities under the UK Online Safety Act. The regulator expects companies to maintain effective reporting systems, sufficient moderation resources and rapid responses to illegal content.

Tech companies face scrutiny during the FIFA World Cup as Ofcom monitors compliance.

AI will play a central role in content moderation efforts.

Machine learning systems can analyse vast quantities of user-generated content and identify harmful material much faster than human moderators alone. However, AI moderation remains imperfect. Algorithms may struggle with sarcasm, cultural context, local languages or rapidly evolving forms of abuse.

Balancing safety and freedom of expression will remain one of the most challenging governance issues during the World Cup.

AI as a cybersecurity enabler

Despite the risks, AI has become an essential component of modern cybersecurity strategies.

Security operations centres generate enormous volumes of alerts, logs and threat intelligence data. Human analysts alone cannot process this information effectively. AI enables organisations to identify patterns, prioritise risks, and respond more rapidly to emerging threats.

Machine learning systems can detect unusual network behaviour that may indicate malicious activity. AI tools can analyse phishing campaigns, identify fraudulent domains and uncover relationships between seemingly unrelated attacks.

cybersecyrity AI

Automated systems can isolate compromised devices and block suspicious traffic before significant damage occurs.

AI is also becoming increasingly important for threat intelligence. Security teams use machine learning models to analyse information from global threat feeds, identify emerging attack techniques and predict potential risks. During an event as large as the FIFA World Cup, such capabilities may provide critical advantages.

Beyond cybersecurity, AI supports broader security operations. Computer vision systems can monitor crowd movement, identify congestion points, and assist with emergency planning. Predictive analytics can help authorities allocate resources more effectively and improve incident response capabilities.

Nevertheless, AI should be viewed as a force multiplier rather than a replacement for human expertise. Automated systems can produce false positives, miss novel attack methods or be manipulated through adversarial techniques. Human oversight remains essential, particularly when decisions affect public safety and civil liberties.

International cooperation and long-term implications

The cybersecurity challenge facing the World Cup cannot be addressed by FIFA alone. Effective protection requires collaboration among governments, intelligence agencies, law enforcement organisations, cloud providers, telecommunications companies, stadium operators, and cybersecurity firms.

Information sharing will be particularly important. Threat intelligence must move rapidly across organisations and national borders. Attack indicators identified in one host city may become relevant to another within minutes.

Adult, Male, Man, Person, Astronomy, Outer Space, Body Part, Hand, Globe, Planet, Handcuffs

The World Cup also serves as a preview of the future challenges facing large-scale public events. As AI becomes increasingly integrated into infrastructure, transportation, communications and security operations, future tournaments will become even more dependent on digital technologies.

The lessons learned from 2026 are therefore likely to influence cybersecurity planning for future Olympic Games, continental championships, political summits and other international gatherings.

Conclusion

The FIFA World Cup 2026 demonstrates how deeply sport has become intertwined with the digital world. Football remains the centrepiece of the tournament, but its success depends equally on cybersecurity, AI governance and operational resilience.

AI will help protect infrastructure, support threat detection, improve crowd management, and strengthen cyber defence capabilities. At the same time, it will enable more sophisticated phishing campaigns, more convincing deepfakes, more effective disinformation operations and increasingly personalised fraud schemes.

The central challenge is not whether AI should be used. The challenge is how it can be deployed responsibly, securely and transparently within one of the most complex public events ever organised.

Success will depend on balancing innovation with security, automation with human oversight and efficiency with public trust.

The real test for FIFA, host governments and technology providers will be resilience. Cyber incidents are almost inevitable given the scale and visibility of the tournament. What will matter most is the ability to detect threats quickly, limit disruption, recover effectively and maintain public confidence.

Ultimately, the FIFA World Cup 2026 may be remembered as the first truly AI-era World Cup, where cybersecurity, misinformation and digital resilience have become as important as events on the pitch.

As citizens, supporters and digital users, we each have a role to play in protecting the integrity of the information and technologies that increasingly shape our lives.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Greece drafts national framework to implement the EU AI Act

Greece has opened a public consultation on a draft law to implement the EU AI Act and create a national framework for AI governance.

The Ministry of Digital Governance and Artificial Intelligence said the draft law has been under public consultation since 21 June 2026, with comments open until 6 July. The proposal aims to introduce the national mechanisms needed to apply the AI Act in Greece while supporting innovation, competitiveness and the protection of fundamental rights.

Under the draft law, the Hellenic Data Protection Authority would become the central market surveillance authority and national contact point for AI Act implementation. The Hellenic Telecommunications and Post Commission would act as the notifying authority for conformity assessment procedures.

The proposal would also establish an Artificial Intelligence Coordination and Expertise Centre to support the implementation of the new framework.

It would create an AI regulatory sandbox, allowing startups and small and medium-sized enterprises to develop and test innovative AI applications in real-world conditions with support from the state.

The draft law also introduces a complaint-handling mechanism, an administrative sanctions system and a unified registry of AI systems used by public-sector bodies. The registry is intended to strengthen transparency, accountability and public trust in government use of AI.

The proposal would also reinforce the role of Greece’s Artificial Intelligence Observatory in monitoring the implementation of the National AI Strategy.

Why does it matter?

Greece’s proposal shows how the EU AI Act is moving from Brussels-level legislation into national enforcement structures. The draft law would assign supervisory roles, create a national AI coordination centre, establish a regulatory sandbox and require a public-sector AI registry. Such measures could shape how AI systems are monitored, tested and deployed across both government and the private sector, while giving startups clearer pathways for compliance.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Five Eyes agencies urge action on AI cyber risk

Five Eyes cybersecurity agencies have urged business and technology leaders to act quickly as AI transforms the cyber landscape.

In a joint statement issued on 22 June, the leaders of the Five Eyes cybersecurity agencies said AI is already changing both offensive and defensive cyber capabilities. They said AI can strengthen cyber defence capabilities, but it is also increasing the speed, scale and sophistication of cyber threats.

The agencies said frontier AI models could surpass current industry expectations and fundamentally reshape cyber capabilities within months rather than years. They warned that AI is lowering barriers for malicious actors and shrinking the time between vulnerability discovery and exploitation.

The statement was signed by cybersecurity leaders from Australia, Canada, New Zealand, the United Kingdom, and the United States. Signatories included the heads of the Australian Cyber Security Centre, the Canadian Centre for Cyber Security, New Zealand’s National Cyber Security Centre, the UK’s National Cyber Security Centre, the US Cybersecurity and Infrastructure Security Agency, and the US National Security Agency’s Cyber Security Directorate.

The agencies said cyber resilience should be treated as a strategic business risk and leadership responsibility rather than solely a technical concern. Boards and executives should ensure that cyber controls are in place and can operate effectively under pressure during real incidents.

The statement urged leaders to assess organisational risk, preparedness and accountability while ensuring cybersecurity remains integrated into broader business decision-making. It also called on organisations to prioritise foundational cybersecurity practices, give cyber leaders sufficient authority and resources, and remain engaged as threats and guidance evolve.

The agencies said secure-by-design and secure-by-default must become standard practice rather than an aspiration. They also said resilience cannot depend on a single technology, making defence in depth essential as AI systems evolve.

The statement warned that new, previously unknown vulnerabilities, including zero-day exploits, will continue to emerge. It said breaches will occur, but preparedness can help organisations contain them quickly and prevent escalation into major operational and financial crises.

The Five Eyes agencies recommended five practical actions for leaders. Organisations should reduce their attack surface by limiting unnecessary access and external connectivity, and should question whether systems need to be exposed at all.

They should also accelerate patching processes because AI is shortening the time between vulnerability discovery and exploitation. Delays in patching can increase risk, especially for operational systems with long update cycles.

The statement also urged organisations to address legacy systems, describing unsupported systems as strategic liabilities rather than only technical debt. Leaders were also told to review and strengthen identity and access controls, enforce strong authentication, and regularly review permissions.

Incident preparation was another priority. The agencies said organisations should test response plans, train teams, and assume breaches will happen, with a focus on fast containment and recovery.

The agencies also encouraged organisations to deploy AI as a defensive tool, using it to identify vulnerabilities, strengthen monitoring and accelerate incident response. Organisations that integrate AI tools into security operations can detect vulnerabilities earlier, improve software quality, monitor unusual behaviour and respond faster to incidents.

The statement said success will not come from having the most tools. Instead, it said organisations should focus on getting the basics right, acting quickly and integrating cyber security into core business strategy.

The Five Eyes agencies said leaders who act now will reduce exposure, strengthen resilience, and build confidence with customers, partners, and investors. Those who delay, they said, will face growing, avoidable risks.

Why does it matter?

The statement reflects growing concern among major cybersecurity agencies that AI is changing the balance between attackers and defenders. By accelerating vulnerability discovery, automating reconnaissance and lowering technical barriers for malicious actors, AI could significantly reduce the time organisations have to identify, patch and mitigate emerging threats.

The warning also signals a broader shift in cybersecurity governance. Rather than treating cyber risk as a technical issue delegated to IT departments, governments increasingly expect boards and senior executives to view cyber resilience as a core organisational responsibility. As AI capabilities advance, secure-by-design systems, rapid patch management, strong identity controls and tested incident response plans are becoming central elements of national and corporate cyber resilience strategies.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

US sets post-quantum cryptography deadlines for federal systems

US President Donald Trump has signed an executive order setting deadlines for federal agencies to migrate high-priority systems to post-quantum cryptography.

Executive Order 14409 says large-scale quantum computers could threaten widely used cryptographic systems and create risks for sensitive government data, critical infrastructure and the digital economy. It also highlights ‘harvest now, decrypt later’ attacks, where adversaries collect encrypted information today and decrypt it once quantum capabilities become available.

The order makes it US policy to transition federal information systems to National Institute of Standards and Technology-approved Federal Information Processing Standards for post-quantum cryptography. It also directs the federal government to assist critical infrastructure owners and operators with their own migration planning.

Within 30 days, each federal agency must name a post-quantum cryptography migration lead responsible for cryptographic inventories, migration planning and cross-agency coordination.

The Office of Management and Budget must issue guidance within 90 days requiring agencies to review inventories of high-value assets and high-impact systems (excluding National Security Systems) and submit migration plans.

Federal high-value assets and high-impact systems must transition to post-quantum cryptography for key establishment by 31 December 2030 and for digital signatures by 31 December 2031.

The order also directs CISA, in coordination with NIST, to publish public guidance within 270 days on minimum elements for a cryptographic bill of materials, supporting automated assessment of cryptographic assets in hardware and software.

Procurement rules are also expected to change. The Federal Acquisition Regulatory Council must propose requirements for covered contractors to comply with NIST cryptographic standards, including applicable post-quantum standards, by 31 December 2030.

Why does it matter?

The order gives the US post-quantum transition concrete deadlines and turns cryptographic migration into an operational, procurement and critical infrastructure issue. Quantum-capable attacks remain a future risk, but encrypted data can be stolen now and decrypted later. By requiring inventories, migration leads, contractor obligations and cryptographic bills of materials, the EO pushes agencies and suppliers to understand where vulnerable cryptography is used before quantum threats become practical.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.