Network security

Norway joins Pax Silica initiative to secure AI and semiconductor supply chains

The Pax Silixca initiative, which focuses on secure AI, semiconductor, and critical raw materials supply chains, has expanded with the addition of Norway. The partnership aims to strengthen technological innovation while protecting sensitive technologies.

Norway joins a group of 14 participating countries, including the USA, Japan, the UK and India. Norwegian officials said participation could improve market access for domestic companies operating in advanced technological sectors and strengthen economic security cooperation with strategic partners.

Minister of Trade and Industry, Cecilie Myrseth, said the initiative aligns with Norway’s goal of expanding cooperation with leading countries in AI and emerging technologies. Norwegian ambassador to the USA, Anniken Huitfeldt, is expected to formally sign the agreement on behalf of the country.

The move also complements broader Norwegian and European efforts to secure access to critical technologies and supply chains. The government highlighted initiatives linked to the European Chips Act and the EU Critical Raw Materials Act as part of a wider strategy to strengthen technology resilience and industrial competitiveness.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

World Economic Forum report highlights growing role of AI in cybersecurity operations

A World Economic Forum white paper (Empowering Defenders: AI for Cybersecurity), developed with KPMG, states that AI is becoming a core capability for modern cybersecurity. The report notes that attackers are using AI to increase speed, scale and sophistication, while defenders are also adopting AI to improve detection, response and resilience.

The report describes how AI is being used across the cybersecurity lifecycle, from cyber governance and risk identification to threat detection, incident response and recovery. Case studies from major organisations highlight applications in phishing detection, vulnerability management, malware analysis, threat intelligence and automated security reviews.

WEF report also states that effective adoption depends on more than technology investment. Organisations need executive support, reliable data, skilled teams, mature infrastructure and clear governance before deploying AI in critical security operations.

The report also highlights the rise of agentic AI, where autonomous systems can detect, coordinate and respond to threats with limited human intervention. It adds that while these systems could help defenders act faster, they may also introduce risks related to accountability, unintended behaviour and over-reliance on automation.

Why does it matter?

The central message of the report is that AI can strengthen cyber defence only when paired with human judgement, structured pilots, continuous monitoring and clear safeguards. Without these foundations, organisations risk creating fragile systems instead of resilient ones.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

UK’s NCSC warns AI could expose software vulnerabilities at scale

The NCSC says that AI is reshaping cybersecurity by exposing vulnerabilities across software ecosystems.
The National Cyber Security Centre (NCSC) warns that organisations must prepare for a large-scale patch wave. AI enables faster identification and exploitation of weaknesses than traditional defences can handle.

Technical debt, built through years of prioritising short-term efficiency instead of long-term resilience, is now being exposed at scale.

The NCSC notes that AI capabilities enable attackers to identify weaknesses faster and more comprehensively, creating pressure on organisations to respond with rapid and coordinated patching strategies across entire technology environments.

The recommended approach by NCSC prioritises internet-facing systems and external attack surfaces, followed by internal infrastructure and critical security assets.

Automated updates and hot patching are encouraged where available, while organisations lacking such capabilities must adopt scalable and risk-based update processes. Legacy systems without support present a particular risk, requiring replacement instead of reliance on patching alone.

NCSC adds that beyond software updates, the challenge reflects a deeper structural issue within digital ecosystems. Stronger cyber resilience depends on reducing systemic vulnerabilities through secure design practices, improved monitoring and supply chain readiness.

They also said that organisations that fail to prepare for continuous, large-scale patching cycles risk increased exposure as AI continues to reshape the cybersecurity landscape.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Agentic AI risks outlined in joint cyber agency guidance

Six cybersecurity agencies have jointly published guidance urging organisations to adopt agentic AI services cautiously. The document warns that greater autonomy can increase cyber risk, particularly as agentic AI is introduced into critical infrastructure, defence, and other mission-critical environments.

The authors say organisations should use agentic AI primarily for low-risk and non-sensitive tasks and should not grant it broad or unrestricted access to sensitive data or critical systems. The guidance also recommends incremental deployment rather than large-scale implementation from the outset.

The document was co-authored by agencies from Australia, the United States, Canada, New Zealand, and the United Kingdom: the Australian Signals Directorate’s Australian Cyber Security Centre, the US Cybersecurity and Infrastructure Security Agency and National Security Agency, the Canadian Centre for Cyber Security, New Zealand’s National Cyber Security Centre, and the UK’s National Cyber Security Centre.

It defines agentic AI as systems composed of one or more agents that rely on AI models, such as large language models, to interpret context, make decisions, and take actions, often without continuous human intervention. The guidance says these systems often combine an LLM-based agent with tools, external data, memory, and planning functions, which expands both capability and attack surface.

The agencies say agentic AI inherits many of the vulnerabilities already associated with large language models while introducing greater complexity and new systemic risks. The document identifies five broad categories of concern: privilege risks, design and configuration risks, behaviour risks, structural risks, and accountability risks.

It warns that over-privileged agents, insecure third-party tools, goal misalignment, emergent or deceptive behaviour, and opaque decision-making chains can all increase the likelihood and impact of compromise. To reduce those risks, the guidance recommends secure design, strong identity management, defence-in-depth, comprehensive testing, threat modelling, progressive deployment, isolation, continuous monitoring, and strict privilege controls.

The agencies also stress that human approval should remain in place for high-impact actions and that agentic AI security should be treated as part of broader cybersecurity governance rather than as a separate discipline. The document concludes by calling for stronger research, collaboration, and agent-specific evaluations as the technology matures.

Why does it matter?

The guidance matters because it draws a clear line between ordinary AI adoption and agentic systems that can act with far more autonomy inside real operational environments. Once AI tools move from assisting users to making decisions, calling tools, and interacting with sensitive systems, the security challenge shifts from model safety alone to full organisational risk management. That is why the document treats agentic AI not as a niche technical issue, but as a governance and cyber resilience problem that organisations need to control before deploying at scale.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU and Republic of Korea launch aviation partnership on technical cooperation and cyber resilience

European and South Korean aviation authorities are conducting a three-week series of technical exchanges in Seoul, covering safety oversight, airspace management, and cybersecurity.

The European Union Aviation Safety Agency (EASA) and South Korea’s Ministry of Land, Infrastructure and Transport are participating under the EU–Republic of Korea Aviation Partnership Project, an EU-funded initiative announced by the European External Action Service (EEAS).

The programme began with a three-day session on the International Civil Aviation Organisation’s Universal Safety Oversight Audit Programme (USOAP), which assesses national aviation safety oversight systems. EASA presented findings from its most recent ICAO audit, with discussions covering oversight frameworks, organisational structures, and lessons identified.

A workshop on performance-based navigation and airspace management followed, addressing procedures to improve the predictability and efficiency of aircraft arrivals, including at airports with parallel runways.

A third workshop on aviation cybersecurity is scheduled for the coming week. It will cover security considerations across aviation systems, including aircraft certification processes and air traffic management infrastructure.

The activities are designed to facilitate technical exchange between Korean and European stakeholders across the aviation sector, according to EASA.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Cyberattack on Itron exposes risks to global energy infrastructure systems

Itron has confirmed a cyber intrusion affecting parts of its internal systems, drawing attention to growing vulnerabilities across digital infrastructure linked to essential utility services. In a regulatory filing, the company said an unauthorised third party gained access to certain systems before the activity was contained and removed.

The US energy technology company said it has not identified any compromise of customer-hosted systems, suggesting that the incident may be limited to internal operations for now. At the same time, the lack of detail on the attack method, including whether ransomware was involved, underscores the uncertainty that still surrounds the breach.

As a provider of connected technologies for utilities serving more than 110 million homes and businesses, Itron sits within infrastructure that supports electricity, water, and gas services at scale. That makes the incident significant beyond the company itself, even if operational disruption appears limited so far.

Itron said it activated its cybersecurity response plan, notified law enforcement, and implemented contingency measures, including reliance on backups, to maintain continuity. The company also said operations have continued in all material respects while the investigation remains ongoing.

While services appear largely unaffected at this stage, the filing suggests the full scope of the breach has not yet been determined. The case reflects the growing pressure on infrastructure technology providers to strengthen cyber resilience as threats increasingly target the digital systems underpinning essential services.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

EU cybersecurity certification framework gains momentum after Cyprus event

The European Commission and the European Union Agency for Cybersecurity (ENISA) have stepped up efforts to strengthen cybersecurity certification across the EU during the European Cybersecurity Certification Week held in Cyprus. The event brought together policymakers, industry representatives, and national authorities to support the implementation of a more unified certification framework.

Discussions focused on advancing the EU Cybersecurity Certification Framework under the Cybersecurity Act, as well as its interactions with related legislation, including the Cyber Resilience Act, the NIS2 Directive, and the Cyber Solidarity Act. The initiative reflects a broader effort to harmonise standards and strengthen trust in digital products and services across member states.

Progress was also reported on two certification schemes currently under development. One concerns European Digital Identity Wallets, aiming to set high security requirements to protect citizens’ credentials, while the other focuses on Managed Security Services, particularly incident response capabilities under the Cyber Solidarity Act.

Participants also reviewed the peer assessment mechanism intended to support consistent implementation across member states. That process, already underway, is designed to promote equivalent cybersecurity standards throughout the EU and reduce the risk of fragmented national approaches.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

ENISA updates cybersecurity assessment framework for the EU Member States

The European Union Agency for Cybersecurity has released an updated version of its National Cybersecurity Capabilities Assessment framework, designed to help countries evaluate the maturity of their cybersecurity strategies and implementation progress.

The revised tool provides a structured approach for identifying strengths, weaknesses, and areas requiring further development.

The framework, known as NCAF 2.0, is intended for policymakers and government officials responsible for national cybersecurity planning. It enables authorities to track progress at both strategic and operational levels while improving understanding of how effectively national strategies are being implemented.

Aligned with key EU legislation, including the NIS2 Directive, the updated framework supports coordination across Member States by offering a shared reference point for capability assessment.

It also facilitates peer review processes and encourages the exchange of best practices in cybersecurity governance.

Why does it matter?

The tool gives EU Member States a consistent way to measure and improve cybersecurity readiness, reducing fragmentation across national approaches.

By identifying gaps and aligning strategies with frameworks like NIS2, it strengthens collective resilience against cross-border cyber threats. The shared methodology also improves coordination, enabling faster learning and more coordinated responses to evolving cyber risks across the EU.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

CISA publishes FIRESTARTER malware report and updates directive

The US Cybersecurity and Infrastructure Security Agency has published a malware analysis report on FIRESTARTER, a malware affecting Cisco Firepower and Secure Firewall products running Adaptive Security Appliance or Firepower Threat Defense software. At the same time, CISA updated Emergency Directive 25-03 with new required actions for Federal Civilian Executive Branch agencies.

CISA said the report was co-sealed with the UK’s National Cyber Security Centre and is intended to help organisations detect and respond to FIRESTARTER. The agencies assess that an advanced persistent threat actor exploited CVE-2025-20333 and CVE-2025-20362 in Cisco ASA firmware to gain initial access and deploy the malware on affected devices.

The report also says FIRESTARTER enabled post-patching persistence. CISA stated that firmware patching on compromised devices did not necessarily remove an existing threat actor.

The updated directive requires affected federal agencies to identify specified Firepower and Secure Firewall devices, collect forensic data, and apply new vendor-provided updates. CISA also urged organisations using the affected Cisco products to review the report and implement the recommended mitigations.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Frontier AI changes cyber risk calculations, New Zealand warns

New Zealand’s National Cyber Security Centre has warned that frontier AI models are likely to change the cyber threat landscape by increasing malicious actors’ ability to discover and exploit software vulnerabilities at greater speed and scale.

The guidance states that frontier AI models have already demonstrated the ability to identify vulnerabilities in software products. At the same time, it notes that defenders should consider where AI can support their own work, including checking in-house code for vulnerabilities and strengthening software before it is deployed into production.

Also, the guidance refers to a recent Anthropic report on Mythos Preview, which describes it as an agentic model capable of autonomously completing a series of tasks. According to the NCSC, Anthropic says the model can identify zero-day vulnerabilities in code and turn them into working exploits.

At the same time, the NCSC stresses that effective security controls remain the best line of defence as new vulnerabilities continue to be discovered. It recommends that organisations review their security posture to ensure it remains fit for purpose, and that appropriate methods to detect and contain malicious activity are in place across networks.

Senior leaders are urged to review how vulnerabilities are identified and managed, including patching, disclosure, supplier assurance, incident response, and protections for critical systems. For developers, the guidance recommends using frontier AI models cautiously in code reviews, patching frequently, reducing attack surfaces, applying defence-in-depth, and monitoring closely for signs of compromise.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.