Cybersecurity

Misconfigurations drive major global data breaches

Misconfigurations in cloud systems and enterprise networks remain one of the most persistent and damaging causes of data breaches worldwide.

Recent incidents have highlighted the scale of the issue, including a cloud breach at the US Department of Homeland Security, where sensitive intelligence data was inadvertently exposed to thousands of unauthorised users.

Experts say such lapses are often more about people and processes than technology. Complex workflows, rapid deployment cycles and poor oversight allow errors to spread across entire systems. Misconfigured servers, storage buckets or access permissions then become easy entry points for attackers.

Analysts argue that preventing these mistakes requires better governance, training and process discipline rather. Building strong safeguards and ensuring staff have the knowledge to configure systems securely are critical to closing one of the most exploited doors in cybersecurity.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

TikTok nears US takeover deal as Washington secures control

The White House has revealed that US companies will take control of TikTok’s algorithm, with Americans occupying six of seven board seats overseeing the platform’s operations in the country. A final deal, which would reshape the app’s US presence, is expected soon, though Beijing has yet to respond publicly.

Washington has long pushed to separate TikTok’s American operations from its Chinese parent company, ByteDance, citing national security risks. The app faced repeated threats of a ban unless sold to US investors, with deadlines extended several times under President Donald Trump. The Supreme Court also upheld legislation requiring ByteDance to divest, though enforcement was delayed earlier this year.

According to the White House, data protection and privacy for American users will be managed by Oracle, chaired by Larry Ellison, a close Trump ally. Oracle will also oversee control of TikTok’s algorithm, the key technology that drives what users see on the app. Ellison’s influence in tech and media has grown, especially after his son acquired Paramount, which owns CBS News.

Trump claimed he had secured an understanding on the deal in a recent call with Chinese President Xi Jinping, describing the exchange as ‘productive.’ However, Beijing’s official response has been less explicit. The Commerce Ministry said discussions should proceed according to market rules and Chinese law, while state media suggested China welcomed continued negotiations.

Trump has avoided clarifying whether US investors need to develop a new system or continue using the existing one. His stance on TikTok has shifted since his first term, when he pushed for a ban, to now embracing the platform as a political tool to engage younger voters during his 2024 campaign.

Concerns over TikTok’s handling of user data remain at the heart of US objections. Officials at the Justice Department have warned that the app’s access to US data posed a security threat of ‘immense depth and scale,’ underscoring why Washington is pressing to lock down control of its operations.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Emerging AI trends that will define 2026

AI is set to reshape daily life in 2026, with innovations moving beyond software to influence the physical world, work environments, and international relations.

Autonomous agents will increasingly manage household and workplace tasks, coordinating projects, handling logistics, and interacting with smart devices instead of relying solely on humans.

Synthetic content will become ubiquitous, potentially comprising up to 90 percent of online material. While it can accelerate data analysis and insight generation, the challenge will be to ensure genuine human creativity and experience remain visible instead of being drowned out by generic AI outputs.

The workplace will see both opportunity and disruption. Routine and administrative work will increasingly be offloaded to AI, creating roles such as prompt engineers and AI ethics specialists, while some traditional positions face redundancy.

Similarly, AI will expand into healthcare, autonomous transport, and industrial automation, becoming a tangible presence in everyday life instead of remaining a background technology.

Governments and global institutions will grapple with AI’s geopolitical and economic impact. From trade restrictions to synthetic propaganda, world leaders will attempt to control AI’s spread and underlying data instead of allowing a single country or corporation to have unchecked dominance.

Energy efficiency and sustainability will also rise to the fore, as AI’s growing power demands require innovative solutions to reduce environmental impact.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

US Treasury opens consultation on stablecoin regulation

The US Treasury has issued an Advance Notice of Proposed Rulemaking (ANPRM) to gather public input on implementing the Guiding and Establishing National Innovation for US Stablecoins (GENIUS) Act. The consultation marks an early step in shaping rules around digital assets.

The GENIUS Act instructs the Treasury to draft rules that foster stablecoin innovation while protecting consumers, preserving stability, and reducing financial crime risks. The Treasury aims to balance technological progress with safeguards for the wider economic system by opening this process.

Through the ANPRM, the public is encouraged to submit comments, data, and perspectives that may guide the design of the regulatory framework. Although no new rules have been set yet, the consultation allows stakeholders to shape future stablecoin policies.

The initiative follows an earlier request for comment on methods to detect illicit activity involving digital assets, which remains open until 17 October 2025. Submissions in response to the ANPRM must be filed within 30 days of its publication in the Federal Register.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Health New Zealand appoints a new director to lead AI-driven innovation

Te Whatu Ora (the healthcare system of New Zealand) has appointed Sonny Taite as acting director of innovation and AI and launched a new programme called HealthX.

An initiative that aims to deliver one AI-driven healthcare project each month from September 2025 until February 2026, based on ideas from frontline staff instead of new concepts.

Speaking at the TUANZ and DHA Tech Users Summit in Auckland, New Zealand, Taite explained that HealthX will focus on three pressing challenges: workforce shortages, inequitable access to care, and clinical inefficiencies.

He emphasised the importance of validating ideas, securing funding, and ensuring successful pilots scale nationally.

The programme has already tested an AI-powered medical scribe in the Hawke’s Bay emergency department, with early results showing a significant reduction in administrative workload.

Taite is also exploring solutions for specialist shortages, particularly in dermatology, where some regions lack public services, forcing patients to travel or seek private care.

A core cross-functional team, a clinical expert group, and frontline champions such as chief medical officers will drive HealthX.

Taite underlined that building on existing cybersecurity and AI infrastructure at Te Whatu Ora, which already processes billions of security signals monthly, provides a strong foundation for scaling innovation across the health system.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cyberattack disrupts major European airports

Airports across Europe faced severe disruption after a cyberattack on check-in software used by several major airlines.

Heathrow, Brussels, Berlin and Dublin all reported delays, with some passengers left waiting hours as staff reverted to manual processes instead of automated systems.

Brussels Airport asked airlines to cancel half of Monday’s departures after Collins Aerospace, the US-based supplier of check-in technology, could not provide a secure update. Heathrow said most flights were expected to operate but warned travellers to check their flight status.

Berlin and Dublin also reported long delays, although Dublin said it planned to run a full schedule.

Collins, a subsidiary of aerospace and defence group RTX, confirmed that its Muse software had been targeted by a cyberattack and said it was working to restore services. The UK’s National Cyber Security Centre coordinates with airports and law enforcement to assess the impact.

Experts warned that aviation is particularly vulnerable because airlines and airports rely on shared platforms. They said stronger backup systems, regular updates and greater cross-border cooperation are needed instead of siloed responses, as cyberattacks rarely stop at national boundaries.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

JFTC study and MSCA shape Japan’s AI oversight strategy

Japan is adopting a softer approach to regulating generative AI, emphasising innovation while managing risks. Its 2025 AI Bill promotes development and safety, supported by international norms and guidelines.

The Japan Fair Trade Commission (JFTC) is running a market study on competition concerns in AI, alongside enforcing the new Mobile Software Competition Act (MSCA), aimed at curbing anti-competitive practices in mobile software.

The AI Bill focuses on transparency, international cooperation, and sector-specific guidance rather than heavy penalties. Policymakers hope this flexible framework will avoid stifling innovation while encouraging responsible adoption.

The MSCA, set to be fully enforced in December 2025, obliges mobile platform operators to ensure interoperability and fair treatment of developers, including potential applications to AI tools and assistants.

With rapid AI advances, regulators in Japan remain cautious but proactive. The JFTC aims to monitor markets closely, issue guidelines as needed, and preserve a balance between competition, innovation, and consumer protection.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UK and USA sign technology prosperity deal

The UK and the USA have signed a Memorandum of Understanding (MOU) regarding the technology prosperity deal. The aim is to facilitate collaboration on joint opportunities of mutual interest across strategic science and technology areas, including AI, civil energy, and quantum technologies.

The two countries intend to collaborate on building powerful AI infrastructure, expanding access to computing for researchers, and developing high-impact datasets.

Key focus areas include joint flagship research programs in priority domains such as biotechnology, precision medicine, and fusion energy, supported by leading science agencies from both the UK and the USA.

The partnership will also explore AI applications in space, foster secure infrastructure and hardware innovation, and promote AI exports. Efforts will be made to align AI policy frameworks, support workforce development, and ensure broad public benefit.

The US Center for AI Standards and Innovation and the UK AI Security Institute will work together to advance AI safety, model evaluation, and global standards through shared expertise and talent exchange.

Additionally, the deal aims to fast-track breakthrough technologies, streamline regulation, secure supply chains, and outpace strategic competitors.

In the nuclear sector, the countries plan joint efforts in advanced reactors, next-generation fuels, and fusion energy, while upholding the highest standards of safety and non-proliferation.

Lastly, the deal aims to develop powerful machines with real-world applications in defence, healthcare, and logistics, while prioritising research security, cyber resilience, and protection of critical infrastructure.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EDPS calls for strong safeguards in EU-US border data-sharing agreement

On 17 September 2025, the European Data Protection Supervisor (EDPS) issued an Opinion on the EU-US negotiating mandate for a framework agreement on exchanging information for security screenings and identity verifications. The European Commission’s Recommendation aims to establish legal conditions for sharing data between the EU member states and the USA, enabling bilateral agreements tied to the US Visa Waiver Program’s Enhanced Border Security Partnership.

EDPS Wojciech Wiewiórowski emphasised the need to balance border security with fundamental rights, warning that sharing personal and biometric data could interfere with privacy. The agreement, a first for large-scale data sharing with a third country, must strictly limit data processing to what is necessary and proportionate.

The EDPS recommended narrowing the scope of shared data, excluding transfers from sensitive EU systems related to migration and asylum, and called for robust accountability, transparency, and judicial redress mechanisms accessible to all individuals, regardless of nationality.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Landmark tech deal secures record UK-US AI and energy investment

The UK and US have signed a landmark Tech Prosperity Deal, securing a £250 billion investment package across technology and energy sectors. The agreement includes major commitments from leading AI companies to expand data centres, supercomputing capacity, and create 15,000 jobs in Britain.

Energy security forms a core part of the deal, with plans for 12 advanced nuclear reactors in northeast England. These facilities are expected to generate power for millions of homes and businesses, lower bills, and strengthen bilateral energy resilience.

The package includes $30 billion from Microsoft and $6.8 billion from Google, alongside other AI investments aimed at boosting UK research. It also funds the country’s largest supercomputer project with Nscale, establishing a foundation for AI leadership in Europe.

American firms have pledged £150 billion for UK projects, while British companies will invest heavily in the US. Pharmaceutical giant GSK has committed nearly $30 billion to American operations, underlining the cross-Atlantic nature of the partnership.

The Tech Prosperity Deal follows a recent UK-US trade agreement that removes tariffs on steel and aluminium and opens markets for key exports. The new accord builds on that momentum, tying economic growth to innovation, deregulation, and frontier technologies.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!