Critical infrastructure

Geneva Cyber Week to bring diplomacy, cyber policy, and AI security debates together

The United Nations Institute for Disarmament Research and the Swiss Federal Department of Foreign Affairs will co-host Geneva Cyber Week from 4 to 8 May 2026, bringing policymakers, diplomats, technical experts, industry leaders, academics, and civil society representatives to venues across Geneva and online for a week of discussions on cyber stability, resilience, governance, digitalisation, and the security implications of emerging technologies, including AI.

Returning after its inaugural edition, the event is being positioned as a response to a more fragile cyber and geopolitical environment. Held under the theme ‘Advancing Global Cooperation in Cyberspace’, Geneva Cyber Week 2026 comes at a moment of mounting cyber insecurity, intensifying geopolitical tension, and rapid technological change, with organisers framing the gathering as a space for more practical cooperation across diplomatic, technical, operational, and policy communities.

“Cybersecurity is no longer a niche technical issue; it is a strategic policy challenge with implications for international peace, economic stability and public trust. At a moment of growing fragmentation and accelerating technological change, Geneva Cyber Week brings together the communities that need to be in the room — diplomatic, technical, operational and policy — to move from shared concern to practical cooperation,” said Dr Giacomo Persi Paoli, Head of Security and Technology Programme at UNIDIR.

The programme will feature nearly 90 events and reinforce Geneva’s role as a centre for cyber diplomacy, international cooperation, and digital governance. Scheduled sessions include UNIDIR’s Cyber Stability Conference, Peak Incident Response organised by the Swiss CSIRT Forum, Digital International Geneva, the World Economic Forum Annual Meeting on Cybersecurity, and a Council of Europe session titled ‘Artificial Intelligence, Cybercrime and Electronic Evidence: Risks, Opportunities, and Global Cooperation’.

The week will also include partner-led panels, workshops, simulations, exhibitions, and networking events to connect specialist communities that do not always work in the same room. That broader structure reflects an effort to treat cyber issues not only as a technical or security matter but also as a governance, trust-building, and international-coordination challenge.

“At a time when digital threats know no borders, fostering inclusive discussions is essential to building trust, advancing common norms, and promoting a secure and open cyberspace for all. International Geneva provides an unparalleled multilateral environment to address these cybersecurity challenges collectively. Geneva Cyber Week’s diverse programme embodies this collaborative spirit,” said Marina Wyss Ross, Deputy Head of International Security Division and Chief of Section for Arms Control, Disarmament and Cybersecurity at the Swiss FDFA.

Across the city, Geneva will also mark the week visually, including flags on the Mont Blanc Bridge and special illumination of the Jet d’Eau on Monday evening. But beyond the symbolism, the event’s significance lies in how it seeks to bring cyber diplomacy, incident response, governance debates, and emerging technology risks into the same international conversation.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

Singapore to update cybersecurity standards and vendor obligations amid AI-enabled threats

Singapore’s Ministry of Digital Development and Information said the government will review and update cybersecurity standards and obligations as part of its response to evolving cyber threats, including AI-enabled attacks.

In a written parliamentary reply, the ministry said Singapore’s position as a major financial hub and digital economy makes it an attractive target for malicious actors. It added that the Cyber Security Agency of Singapore regularly updates the public on cybersecurity threats through SingCERT advisories and the Singapore Cyber Landscape publication.

The ministry said critical systems are already subject to higher cybersecurity standards and obligations under the Cybersecurity Act. It also said the government has invested in capability development, citing initiatives such as the Cybersecurity Development Programme and national exercises including Exercise Cyber Star.

As the threat evolves, so must the response, the ministry said. It stated that the Cyber Security Agency of Singapore will review and update cybersecurity standards and obligations to strengthen security controls, and that the government will help owners of critical systems better detect threats, including those from advanced threat actors and AI-enabled threats, through proprietary threat detection systems.

For government systems, the ministry said GovTech has internal guidelines to safeguard systems that hold sensitive data and provide important government services. It added that GovTech will introduce more stringent cybersecurity and data protection obligations for government vendors, including requiring vendors that manage critical systems and sensitive government data to meet Cyber Trust Mark requirements.

The reply also pointed to measures for businesses and consumers. It said the Cyber Security Agency of Singapore has rolled out initiatives, including its CISO-as-a-Service programme for small and medium enterprises, while mandatory cybersecurity requirements for gateway devices such as home routers have already been introduced.

The ministry added that standards for home routers will be raised further and that Singapore will explore introducing similar standards for IP cameras.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU digital identity strengthens after 20 years of .eu expansion

Two decades since the launch of the .eu domain, the EU has marked its role in establishing a unified digital identity across member states.

On 7 April 2006, the .eu top-level domain (TLD) was launched, offering businesses, citizens, and organisations a pan-EU online identity.

Over time, .eu has developed into one of the largest country-code domains globally, with millions of registrations and consistent growth.

Its technical stability and security record, including uninterrupted service since launch, have reinforced its reputation as a reliable digital infrastructure. Investments in fraud detection and data integrity have further strengthened trust in its ecosystem.

The domain has also evolved to reflect the EU’s linguistic diversity, with the introduction of internationalised domain names and additional scripts such as Cyrillic and Greek. These developments have expanded accessibility and reinforced inclusivity within the European digital space.

Looking ahead, .eu is positioned as a key instrument for advancing digital sovereignty and supporting the Single Market. Its role in global internet governance discussions is expected to grow, particularly as the EU institutions seek to shape a more open, secure, and rights-based digital environment.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Project Glasswing unites tech firms for AI-driven cyber defence

Major technology and security companies have joined forces under Project Glasswing to defend critical software infrastructure using advanced AI. The initiative brings together organisations including AWS, Apple, Google, Microsoft, NVIDIA, Cisco, CrowdStrike, JPMorganChase and the Linux Foundation.

Anthropic is deploying its frontier model, Claude Mythos Preview, at the centre of the effort. The system detects complex software vulnerabilities at scale, uncovering thousands of previously unknown flaws across operating systems, browsers, and core infrastructure.

The model’s findings suggest a major shift in cybersecurity capabilities. AI systems are increasingly capable of matching or surpassing human expert performance in vulnerability discovery, raising both defensive opportunities and security risks.

Some of the flaws identified had persisted for decades, undetected by traditional testing methods.

Project Glasswing aims to convert these capabilities into a coordinated defensive advantage. Partners will use the model to scan and secure systems more efficiently, supported by $100 million in usage credits and additional funding for open-source security initiatives.

The programme also targets long-term improvements in cybersecurity standards and secure development practices.

Modern society depends on software that runs critical infrastructure, including banking systems, healthcare networks, energy grids, and communications platforms. When AI systems find vulnerabilities at scale, the balance shifts between attackers and defenders, making hidden weaknesses easier to uncover and faster to fix before exploitation.

For global infrastructure, this means cybersecurity is shifting from slow, human-driven auditing to continuous, AI-assisted defence, where speed, coordination, and secure-by-design practices become essential to maintaining stability and reducing systemic risk.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

Sweden’s Riksbank urges households to keep cash and multiple payment options for crisis preparedness

Sweden’s central bank, the Riksbank, is urging households to strengthen their ability to make everyday payments in the event of disruptions, warning that the current international situation, combined with Sweden’s high level of digitalisation, may expose vulnerabilities in the national payments system.

The bank frames the advice as part of national preparedness, describing the public as a key component of ‘total defence’ of Sweden and stressing that resilience in the payments market is essential during temporary outages, wider crises and, in the worst case, war.

The Riksbank’s main message is that households should avoid relying on a single way to pay and instead ensure they can use several methods, including cash, cards and mobile payment services. As a benchmark, it recommends keeping SEK 1,000 in cash per adult at home to cover about a week of essential purchases, while noting that some households may need more or less depending on size and circumstances.

Where possible, it advises keeping cash in multiple denominations and encourages people to use cash occasionally in normal times to help keep the cash system functioning.

For card payments, the bank recommends having access to at least two cards from different card networks, such as Visa and Mastercard, so that if one network is disrupted, another may still work. It also highlights mobile payment services such as Swish, noting that they rely on a different infrastructure from card payments and may still function even when cards do not.

People who mainly use mobile wallets like Apple Pay or Google Pay are advised to keep physical cards and PINs readily available in case a phone runs out of battery or fails; the bank adds that a physical card’s chip may allow offline payments during interruptions.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Power hardware shortages are delaying AI data centre expansion, despite record investment

US AI data-centre expansion is increasingly being constrained not by chips, servers or funding, but by the electrical hardware needed to connect new facilities to reliable power, Bloomberg reports. While the US–China trade war has pushed many server makers to move production out of China, the deeper dependency remains in power-delivery equipment.

China is still the world’s largest producer of electrical gear used to build and upgrade power infrastructure, both inside data centres and across the wider grid. Shortages of key components, especially transformers, switchgear and batteries, sourced from China and elsewhere, are now slowing project timelines.

The scale of planned build-outs is colliding with these supply limits. Bloomberg cites forecasts that Alphabet, Amazon, Meta and Microsoft will spend more than $650bn in 2026 to expand AI capacity, yet close to half of the planned US data-centre builds this year are expected to be delayed or cancelled.

The problem extends beyond the data-centre fence line. Companies must also fund and coordinate grid upgrades to supply enough electricity, competing for the same scarce equipment as utilities coping with rising demand from electric vehicles and electrified heating.

Sightline Climate data cited by Bloomberg suggests about 12GW of US data-centre capacity is expected to come online in 2026, but only around a third of that capacity is currently under active construction due to multiple constraints. Electrical infrastructure may represent less than 10% of total data-centre cost, but it is schedule-critical, because delays in any link of the power chain can halt an entire project.

Lead times for high-power transformers, in particular, have deteriorated sharply, typically 24 to 30 months before 2020, but now stretching to as long as five years, clashing with AI deployment cycles that can be under 18 months.

To cope, developers are turning to global suppliers, with Canada, Mexico and South Korea becoming major sources of high-power transformers. Even so, US imports of Chinese high-power transformers have surged from fewer than 1,500 units in 2022 to more than 8,000 units through October 2025, according to Wood Mackenzie data cited by Bloomberg. China also supplies over 40% of US battery imports and remains near 30% in some transformer and switchgear categories, underscoring continued reliance despite tariffs and security concerns.

Why does it matter?

Bloomberg’s central warning is that without easing bottlenecks in transformers, switchgear and batteries, and expanding US manufacturing capacity, trillions of dollars of AI investment may not translate into delivered AI capacity, because power infrastructure, not compute, is becoming the limiting factor.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

ENISA launches consultation on EU digital wallet certification

The European Union Agency for Cybersecurity (ENISA) has launched a public consultation on a draft candidate certification scheme for the EU Digital Identity (EUDI) Wallets.

The draft was developed with a dedicated ad hoc working group, and the consultation aims to gather feedback on its structure, core elements, and annexes. Responses are open until 30 April 2026.

The initiative follows the adoption of a regulation establishing the European Digital Identity Framework. The European Commission has mandated ENISA to support the certification of EUDI Wallets, including the development of a European cybersecurity certification scheme under the Cybersecurity Act.

The objective is to define cybersecurity requirements for digital identity solutions and support their consistent implementation across the EU.

In February 2026, ENISA signed a €1.6 million contribution agreement with the European Commission for two years to support the development and rollout of national certification schemes.

Funded under the Digital Europe Work Programme 2025–2027, the agreement supports capacity development, skills development, and alignment with a future European certification framework. Member states are expected to provide at least one certified EUDI Wallet by the end of 2026.

Digital identity wallets are intended to enable secure identification and the protection of personal data in both digital and physical environments.

The proposed certification scheme aims to verify compliance with cybersecurity requirements, addressing the limited use of formal certification in current wallet implementations.

The initiative carries significant regulatory weight as it translates the European Digital Identity Framework into enforceable cybersecurity standards. It ensures harmonised compliance across member states while strengthening trust, interoperability, and legal certainty within the EU’s digital identity ecosystem.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Oracle expands AI options for US government agencies

The US government is set to gain expanded AI capabilities through new infrastructure and model deployment options in Oracle Cloud.

These developments aim to improve agencies’ ability to manage critical tasks, from situational awareness to cybersecurity, while maintaining strict security and compliance standards.

High-performance GPUs and AI models will support faster, more reliable inference and training, helping agencies respond more effectively to public needs.

The focus is on enabling secure deployment in environments with sensitive data and complex regulatory requirements, ensuring AI use aligns with public interest and safety.

Such an expansion builds on existing government AI frameworks, offering capabilities for retrieval-augmented generation, secure inference, and operational analytics.

By integrating AI in a controlled, compliant environment, US agencies can improve efficiency, decision-making, and public service delivery without compromising security.

Ultimately, these advancements by Oracle aim to ensure that government AI adoption benefits citizens directly, supporting transparency, accountability, and effective public administration in high-stakes contexts.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

EIB highlights AI as key driver of Croatia’s economic growth

The European Investment Bank and the Croatian National Bank have emphasised the strategic importance of AI in strengthening Croatia’s economic competitiveness. Discussions at a joint conference focused on accelerating AI adoption through coordinated investment, policy development and skills enhancement.

Despite strong investment activity among firms in Croatia, the uptake of advanced technologies remains limited. Only a small share of companies systematically use generative AI, with applications largely confined to internal processes, highlighting significant untapped potential for productivity gains.

Participants identified key structural barriers, including limited access to finance, shortages of skilled workers and regulatory uncertainty.

Addressing these challenges requires a combined approach that mobilises private capital, improves access to funding for smaller firms and supports the development of a more robust innovation ecosystem.

The EIB continues to play a central role in Europe’s digital transformation, with major funding initiatives aimed at scaling AI technologies and strengthening strategic infrastructure.

By aligning financial instruments with policy priorities, the initiative seeks to enhance long-term growth, resilience and integration into global value chains.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Healthcare data breach raises concerns over cloud security

A cybersecurity incident involving CareCloud has exposed vulnerabilities in the protection of sensitive medical information, following unauthorised access to patient records stored within its systems.

A breach was detected on 16 March, allowing attackers to access electronic health records for several hours, which raised concerns about potential data exposure.

The company has stated that the intrusion was contained on the same day, with systems restored and an external investigation launched.

However, uncertainty remains about whether any data were extracted and the scale of the potential impact, particularly given the company’s role in supporting tens of thousands of healthcare providers and millions of patients.

Such an incident reflects broader structural risks within digital healthcare infrastructures, where centralised storage of highly sensitive data increases the potential impact of cyberattacks.

Cloud environments, including services provided by Amazon Web Services, are increasingly integral to such systems, amplifying both efficiency and exposure.

The breach follows a pattern of escalating cyber threats targeting healthcare data, driven by its high value in criminal markets.

As investigations continue, the case underscores the need for stronger data protection measures, enhanced monitoring systems and more robust regulatory oversight to safeguard patient information.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Diplo chatbot can make mistakes. Consider checking important information.