Cybersecurity

Experts warn of potential quantum disruption to blockchain security

A survey by the Global Risk Institute has highlighted growing concern that quantum computing could undermine the cryptographic foundations of cryptocurrencies within the next decade.

Experts estimate a 28% to 49% probability that quantum machines capable of breaking current encryption standards could emerge within 10 years, with the probability rising further over a 15-year horizon.

Cryptocurrencies such as Bitcoin rely on public-key cryptography to secure transactions and verify ownership. Advanced quantum algorithms could reverse-engineer private keys from public data, exposing wallets and weakening blockchain security.

The risk is seen as particularly relevant for long-term stored assets and static addresses. Industry researchers and technology firms are already exploring post-quantum cryptography to mitigate potential disruption.

Efforts led by standards bodies such as the National Institute of Standards and Technology focus on developing encryption methods resistant to both classical and quantum attacks, although full migration across decentralised systems remains complex.

The findings place quantum readiness alongside broader digital security priorities, as financial systems, communications networks, and public infrastructure share similar cryptographic dependencies.

The evolving timeline is prompting early-stage preparation across the cryptocurrency ecosystem, where system upgrades must balance security, decentralisation, and continuity.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

European Business Council in Japan holds first cybersecurity conference in Tokyo

Tokyo hosted a cybersecurity conference organised by the European Business Council in Japan (EBC) Digital Committee on 7 April. The event took place at the EU Delegation in Tokyo.

The conference was the EBC Digital Committee’s first event. It brought together experts from the public and private sectors to exchange views on cybersecurity challenges and policy developments.

Speakers included Luis Miguel Vega Fidalgo from the European Commission, Satoshi D. from Japan’s Ministry of Economy, Trade and Industry, and Amelia Alder from Knorr-Bremse. A question-and-answer session followed their presentations.

Participants continued discussions during a networking reception after the session. The Digital Committee co-chairs, Wataru Suzuki and Felix von Helden, thanked the speakers and organisers, including Peter Fatelnig from the EU Delegation to Japan.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot 

Singapore to update cybersecurity standards and vendor obligations amid AI-enabled threats

Singapore’s Ministry of Digital Development and Information said the government will review and update cybersecurity standards and obligations as part of its response to evolving cyber threats, including AI-enabled attacks.

In a written parliamentary reply, the ministry said Singapore’s position as a major financial hub and digital economy makes it an attractive target for malicious actors. It added that the Cyber Security Agency of Singapore regularly updates the public on cybersecurity threats through SingCERT advisories and the Singapore Cyber Landscape publication.

The ministry said critical systems are already subject to higher cybersecurity standards and obligations under the Cybersecurity Act. It also said the government has invested in capability development, citing initiatives such as the Cybersecurity Development Programme and national exercises including Exercise Cyber Star.

As the threat evolves, so must the response, the ministry said. It stated that the Cyber Security Agency of Singapore will review and update cybersecurity standards and obligations to strengthen security controls, and that the government will help owners of critical systems better detect threats, including those from advanced threat actors and AI-enabled threats, through proprietary threat detection systems.

For government systems, the ministry said GovTech has internal guidelines to safeguard systems that hold sensitive data and provide important government services. It added that GovTech will introduce more stringent cybersecurity and data protection obligations for government vendors, including requiring vendors that manage critical systems and sensitive government data to meet Cyber Trust Mark requirements.

The reply also pointed to measures for businesses and consumers. It said the Cyber Security Agency of Singapore has rolled out initiatives, including its CISO-as-a-Service programme for small and medium enterprises, while mandatory cybersecurity requirements for gateway devices such as home routers have already been introduced.

The ministry added that standards for home routers will be raised further and that Singapore will explore introducing similar standards for IP cameras.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UK data reveals alarming growth in online child abuse cases

A sharp increase in online child abuse cases has been reported by the Internet Watch Foundation (IWF) and NSPCC’s Childline, based on data from the Report Remove service.

Nearly 1,900 UK children reported sexual imagery concerns in 2025, a 66 percent rise, with more than 1,100 confirmed cases involving abuse material. Weekly reports show a consistent pattern of coercion, threats, and financial pressure targeting minors.

The scale of the increase reflects structural changes in how abuse operates online. Offenders use fake identities and contact many victims simultaneously, turning exploitation into a repeatable activity.

Financial incentives reinforce the pattern, while teenage boys aged 14 to 17 represent the majority of cases, indicating targeted and adaptive behaviour by perpetrators.

Weaknesses in digital environments further sustain such growth. Platforms prioritise speed and interaction instead of prevention, while anonymity and cross-border activity reduce enforcement effectiveness.

Psychological pressure remains central, with threats designed to isolate victims and limit reporting, meaning recorded cases likely underestimate the real scale.

The IWF‘s findings highlight a policy gap between technological expansion and child safety protections in the UK.

While services like Report Remove improve response and mitigation, they do not address underlying risks. Without stronger platform accountability and preventive regulation, online child abuse is likely to continue expanding.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

EU digital identity strengthens after 20 years of .eu expansion

Two decades since the launch of the .eu domain, the EU has marked its role in establishing a unified digital identity across member states.

On 7 April 2006, the .eu top-level domain (TLD) was launched, offering businesses, citizens, and organisations a pan-EU online identity.

Over time, .eu has developed into one of the largest country-code domains globally, with millions of registrations and consistent growth.

Its technical stability and security record, including uninterrupted service since launch, have reinforced its reputation as a reliable digital infrastructure. Investments in fraud detection and data integrity have further strengthened trust in its ecosystem.

The domain has also evolved to reflect the EU’s linguistic diversity, with the introduction of internationalised domain names and additional scripts such as Cyrillic and Greek. These developments have expanded accessibility and reinforced inclusivity within the European digital space.

Looking ahead, .eu is positioned as a key instrument for advancing digital sovereignty and supporting the Single Market. Its role in global internet governance discussions is expected to grow, particularly as the EU institutions seek to shape a more open, secure, and rights-based digital environment.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Project Glasswing unites tech firms for AI-driven cyber defence

Major technology and security companies have joined forces under Project Glasswing to defend critical software infrastructure using advanced AI. The initiative brings together organisations including AWS, Apple, Google, Microsoft, NVIDIA, Cisco, CrowdStrike, JPMorganChase and the Linux Foundation.

Anthropic is deploying its frontier model, Claude Mythos Preview, at the centre of the effort. The system detects complex software vulnerabilities at scale, uncovering thousands of previously unknown flaws across operating systems, browsers, and core infrastructure.

The model’s findings suggest a major shift in cybersecurity capabilities. AI systems are increasingly capable of matching or surpassing human expert performance in vulnerability discovery, raising both defensive opportunities and security risks.

Some of the flaws identified had persisted for decades, undetected by traditional testing methods.

Project Glasswing aims to convert these capabilities into a coordinated defensive advantage. Partners will use the model to scan and secure systems more efficiently, supported by $100 million in usage credits and additional funding for open-source security initiatives.

The programme also targets long-term improvements in cybersecurity standards and secure development practices.

Modern society depends on software that runs critical infrastructure, including banking systems, healthcare networks, energy grids, and communications platforms. When AI systems find vulnerabilities at scale, the balance shifts between attackers and defenders, making hidden weaknesses easier to uncover and faster to fix before exploitation.

For global infrastructure, this means cybersecurity is shifting from slow, human-driven auditing to continuous, AI-assisted defence, where speed, coordination, and secure-by-design practices become essential to maintaining stability and reducing systemic risk.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

ENISA opens public review of draft EUDI Wallet cybersecurity scheme

The European Union Agency for Cybersecurity has published a draft candidate scheme for the European Digital Identity Wallet and the electronic identity schemes under which it is provided. ENISA describes it as a draft version of the European Cybersecurity Certification Scheme for European Digital Identity Wallets.

ENISA states the draft addresses the certification of the cybersecurity of cloud services and is being developed under Article 48(2) of Regulation (EU) 2019/881, the Cybersecurity Act.

As per ENISA, an ad hoc working group has been set up to prepare the candidate scheme. The agency says the public review is intended to validate the principles and general organisation of the proposed scheme and to gather feedback on the draft and its annexes.

ENISA also says the draft candidate scheme is accompanied by an early draft of a separate document, Wallet-Related Service Provider Security Requirements, version 0.5.614, which is provided as a reference and for early opinion on the approach used to define those requirements.

The public review will remain open until the end of April 2026. ENISA has also said it will organise a webinar on 8 April to provide information about the draft candidate scheme and answer questions.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

GEANT Security Days 2026 to address AI, internet resilience, and cyber resilience

GEANT Security Days 2026 will take place in Utrecht, the Netherlands, bringing together security professionals, network experts, incident responders, and chief information security officers from the research and education community.

The opening plenary includes a keynote by Frank Rieger, Chief Technical Officer of a supplier of secure communication systems, on ‘The bumpy road ahead – IT security challenges of the next years.’ According to the programme, his talk will address agentic LLMs, attention economics, and how automation, control of networked systems, endpoints, and software are becoming increasingly important as change accelerates.

A second keynote in the opening plenary of GEANT Security Days is scheduled with Valerie Aurora of the Amsterdam Internet Resiliency Club. The programme says her session, ‘Start your own Internet Resiliency Club,’ will look at how communities can prepare for temporary loss of internet connectivity caused by accidents, natural disasters, or armed conflict, and how to build local internet resiliency clubs using LoRa radios, mesh networking, and community management.

Another keynote is listed from Nancy Beers of Sanne Cyber and Happy Game Changers. Her session, ‘Play More Today. Secure Tomorrow,’ is described as a discussion of play and playfulness as tools for learning, innovation, and security practice, drawing on interactive games and team-based approaches.

Topics listed in the GEANT Security Days programme include security operations centres, AI in incident response, AI more broadly, cloud security, community engagement, cyber resilience, the human factor, an unconference or storytelling session, squeezed budgets and stretched teams, and practical security.

The event page says these sessions will address issues such as anomaly detection and prediction, malicious uses of generative AI, trust in third-party services, compliance in multi-cloud and hybrid environments, continuity planning, phishing and credential reuse, and operational pressures on security teams.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

ENISA conference in Cyprus to focus on EU cybersecurity certification

The European Union Agency for Cybersecurity (ENISA) is holding the 2026 European Cybersecurity Certification Conference in Ayia Napa, Cyprus, with support from the Cyprus Presidency of the Council of the EU and the European Commission.

The agency says the conference will address the evolution of the EU cybersecurity certification, updates on certification schemes for the European Digital Identity Wallet and managed security services, exchange across the European cybersecurity ecosystem, and interplays with the Cyber Resilience Act, the Cyber Solidarity Act, and NIS 2.

The programme includes keynote contributions from Despoina Spanou, Deputy Director-General for Communications Networks, Content and Technology at the European Commission, Juhan Lepassaar, Executive Director of ENISA, and Kyriakos Iordanou, General Manager at the Ministry of Energy, Commerce and Industry of Cyprus.

It also includes a presentation by Steffen Zimmermann, Head of Industrial Security at VDMA, followed by an EU cybersecurity certification award ceremony involving Chloe Blondeau, Seconded National Expert at ENISA.

Sessions on ‘CSA2’, the European Digital Identity Wallet, conformity assessment bodies, national accreditation bodies, certification bottlenecks, and managed security services are also included in the agenda.

Speakers listed in the programme include Maika Fohrenbach, Head of Sector for product security and certification policy at DG CONNECT, Apostolos Malatras, Head of the Cybersecurity Certification Unit at ENISA, Xenia Kyriakidou, Head of the National Cybersecurity Certification Authority of Cyprus, Evgenia Nikolouzou, Cybersecurity Expert at ENISA, and Nikolaos Soumelidis, IT/Cyber Security Certifications Director at Q-CERT.

Franz Weprazjetzky of the European Commission, Vicente Gonzalez Pedros, Cybersecurity Expert at ENISA, and Philippe Blot, Deputy Head of Unit and Head of Sector in the Cybersecurity Certification Unit at ENISA, are also listed in the programme.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Sweden’s Riksbank urges households to keep cash and multiple payment options for crisis preparedness

Sweden’s central bank, the Riksbank, is urging households to strengthen their ability to make everyday payments in the event of disruptions, warning that the current international situation, combined with Sweden’s high level of digitalisation, may expose vulnerabilities in the national payments system.

The bank frames the advice as part of national preparedness, describing the public as a key component of ‘total defence’ of Sweden and stressing that resilience in the payments market is essential during temporary outages, wider crises and, in the worst case, war.

The Riksbank’s main message is that households should avoid relying on a single way to pay and instead ensure they can use several methods, including cash, cards and mobile payment services. As a benchmark, it recommends keeping SEK 1,000 in cash per adult at home to cover about a week of essential purchases, while noting that some households may need more or less depending on size and circumstances.

Where possible, it advises keeping cash in multiple denominations and encourages people to use cash occasionally in normal times to help keep the cash system functioning.

For card payments, the bank recommends having access to at least two cards from different card networks, such as Visa and Mastercard, so that if one network is disrupted, another may still work. It also highlights mobile payment services such as Swish, noting that they rely on a different infrastructure from card payments and may still function even when cards do not.

People who mainly use mobile wallets like Apple Pay or Google Pay are advised to keep physical cards and PINs readily available in case a phone runs out of battery or fails; the bank adds that a physical card’s chip may allow offline payments during interruptions.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Diplo chatbot can make mistakes. Consider checking important information.