cybersecurity

Germany approves draft law expanding cyber defense powers for federal authorities

Germany’s federal cabinet has approved draft legislation that would expand cyber defence capabilities for three federal agencies, the Federal Office for Information Security (BSI), the Federal Criminal Police Office (BKA), and the Federal Police (Bundespolizei), as part of a broader effort to strenghten the country’s response to cyber threats.

Under the proposal, authorities would be able to block or disrupt software and server infrastructure used in cyberattacks, including systems located outside Germany. The BSI would also receive expanded authority to collect, store, and analyse data to detect activities indicative of attack preparation. Telecommunications providers and major digital platforms would be required to relay BSI warnings about identified threats directly to users.

The government describes the measures as ‘active cyber defence,’ arguing that they are intended to stop or disrupt ongoing attacks rather than conduct retaliatory cyber operations. Current practice involves redirecting attacks to isolated network areas; the new framework would instead authorize direct action against attacker-controlled systems.

According to the Federal Situation Report on Cybercrime 2025, presented by Federal Interior Minister Alexander Dobrindt and the Vice President of the Federal Criminal Police Office, Martina Link, Germany is among Europe’s most frequently targeted countries for cyberattacks.

Federal authorities in Germany have documented sustained campaigns against industrial companies, small and medium-sized enterprises, research institutions, government bodies, and political parties, with a portion attributed to state-affiliated actors.

The draft will now proceed to parliamentary debate. It requires a legislative vote before entering into force.

Why does it matter?

The proposal reflects a broader shift among governments toward more proactive cybersecurity strategies as cyberattacks become increasingly frequent and sophisticated. Rather than focusing solely on defending networks, authorities are seeking legal powers to disrupt malicious infrastructure before attacks cause significant harm.

The legislation also raises important questions about the scope of state cyber powers, oversight mechanisms, and the legal implications of taking action against infrastructure located outside national borders. If adopted, it would mark one of Germany’s most significant cybersecurity policy changes in recent years.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

NATO formalises cyber partnerships with Microsoft, Palo Alto Networks and ESET

NATO has announced strategic partnerships with Microsoft, Palo Alto Networks and ESET during the International Conference on Cyber Conflict (CyCon) in Tallinn, Estonia. The non-commercial agreements are intended to facilitate information sharing, the exchange of best practices and coordination on cyber incidents of mutual concern.

The partnerships follow a commitment made at the 2023 NATO Summit in Vilnius, where member states agreed to expand structured cooperation with private-sector cyber companies. Speaking at CyCon, NATO Assistant Secretary General for Cyber and Digital Transformation Jean Charles Ellermann-Kingombe said effective cyber defence depends on both technical capabilities and shared norms, particularly as attacks on critical infrastructure become more frequent and cyber threats evolve.

The three companies bring distinct capabilities: Microsoft operates one of the largest threat intelligence networks globally; Palo Alto Networks specialises in enterprise network and cloud security; and ESET is one of the major providers of endpoint protection with significant presence in Central and Eastern Europe.

The 2026 CyCon edition, themed ‘Securing Tomorrow,’ runs 26–29 May and convenes approximately 800 participants — including policymakers, technical experts, academics, and industry representatives — from 48 countries. The conference is organised annually by NATO’s Cooperative Cyber Defence Centre of Excellence, based in Tallinn.

Why does it matter?

Governments increasingly rely on cooperation with private-sector cybersecurity companies to identify threats, protect critical infrastructure and respond to cyber incidents. The partnership reflects NATO’s recognition that much of the expertise, threat intelligence and digital infrastructure relevant to cyber defence is operated by industry.

The agreements also signal a broader effort by the alliance to strengthen cyber resilience and improve coordination as cyber threats become more sophisticated and increasingly target both civilian and military systems.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

UK and Poland deepen cyber and defence cooperation under new treaty

The United Kingdom and Poland have agreed a broad package of defence, cybersecurity and security initiatives under a new Security and Defence Partnership Treaty. The agreement strengthens cooperation on defence, sanctions, border security, technology and energy resilience.

Defence cooperation is a central element of the treaty, with both countries planning joint work on missile systems, expanded ammunition production and closer defence-industrial cooperation.

Large-scale military exercises focused on counter-drone operations, electronic warfare and missile defence are also expected to strengthen interoperability between British and Polish forces on NATO’s eastern flank.

Cybersecurity and hybrid threat response feature heavily in the agreement. Britain and Poland plan to coordinate cybersecurity efforts, sanctions enforcement and responses to foreign information manipulation and interference.

A new counter-hybrid working group will support efforts to disrupt hostile state activity, while dedicated cooperation on disinformation aims to strengthen democratic resilience and expose coordinated influence campaigns.

Additional projects include cooperation on irregular migration, maritime security, science and technology, healthcare resilience and clean energy transition. The agreement also includes cooperation on quantum technologies, digital innovation, space security and hydrogen development to strengthen economic and security resilience.

Why does it matter? 

The treaty reflects a broader trend in European security policy, where cybersecurity, technology resilience, energy security and defence are increasingly treated as interconnected challenges.

As concerns grow over hybrid threats, disinformation campaigns and critical infrastructure vulnerabilities, governments are seeking closer cooperation across both military and civilian domains.

Cooperation on missile production, sanctions enforcement, disinformation response and emerging technologies signals a long-term effort to strengthen Europe’s eastern flank while reducing dependence on fragmented supply chains and external strategic vulnerabilities.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

UK cyber guidance targets legacy trust in network access

The UK’s National Cyber Security Centre has issued new guidance on Zero Trust Network Access, warning that many deployments still rely on outdated assumptions about trust.

ZTNA is often introduced to modernise access to applications. However, the NCSC said many implementations still treat network location as a primary indicator of trust, meaning new tools can continue to rely on broad, network-based access rather than more granular and context-driven decisions.

The guidance explains how organisations can design and implement ZTNA to better align with zero-trust principles and modern network environments. It sets out the organisational and technical foundations required before deployment, describes key design requirements, and provides a reference architecture for accessing private applications and Software-as-a-Service.

A key focus is identifying common anti-patterns that undermine ZTNA security outcomes. The NCSC said many deployments fail not because of missing technology features, but because legacy trust assumptions are carried forward into new designs.

The guidance is aimed primarily at architects, security practitioners, and technical decision-makers responsible for designing or evolving access architectures. It is intended to support organisations exploring ZTNA as part of a broader zero trust strategy, replacing or reducing reliance on legacy ‘walled garden’ architectures, or reviewing existing deployments.

The NCSC said the guidance does not redefine zero trust, prescribe a single technical solution, or serve as a compliance checklist. Instead, ZTNA should be treated as part of a wider zero trust architecture shaped by an organisation’s users, systems, threats, and operational constraints.

Why does it matter?

The guidance highlights a common problem in cybersecurity modernisation: organisations can adopt new access technologies while still preserving older trust models. Poorly designed ZTNA deployments may leave broad access paths in place, weakening zero-trust goals and limiting resilience. NCSC’s message is that effective access control depends not only on deploying new tools, but on redesigning trust decisions around context, users, systems, risks, and operational needs.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Anthropic says AI system identified thousands of critical software flaws

Anthropic has published an update on Project Glasswing, a cybersecurity initiative focused on identifying software vulnerabilities using AI systems.

According to Anthropic, partner organisations used Claude Mythos Preview to identify thousands of high- and critical-severity vulnerabilities across software platforms and infrastructure systems.

The company said the initiative demonstrated how AI systems are increasing the speed and scale of vulnerability discovery processes. Anthropic reported that participating organisations observed substantial increases in software vulnerability detection capabilities during testing.

Evaluations cited by Anthropic suggested the system performed strongly in vulnerability identification and exploit-detection tasks compared with earlier AI cybersecurity models.

Anthropic also said the model analysed more than 1,000 open-source projects and identified vulnerabilities affecting widely used software components. The company highlighted a vulnerability identified in the open-source cryptography library wolfSSL as one example from the project.

According to Anthropic, the vulnerability was patched after disclosure.

Anthropic said AI-assisted vulnerability discovery may increasingly shift cybersecurity challenges toward verification, disclosure, and remediation processes. The company also said similar AI cybersecurity capabilities are likely to become more widely available across the industry.

Why does it matter?

The rapid growth of AI-driven cybersecurity is becoming increasingly important as AI is fundamentally changing the balance between cyber defence and cyber threats. Systems such as Anthropic’s Project Glasswing demonstrate that advanced AI models can identify software vulnerabilities at a speed far beyond traditional human-led security testing, potentially making critical infrastructure, financial systems, cloud platforms, and open-source software both safer and more exposed at the same time.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

UK government launches cyber resilience measures amid AI-related risks

The UK Department for Science, Innovation and Technology has warned that cyber threats are becoming more frequent and complex, with AI contributing to faster and more scalable attacks. Digital Minister Baroness Lloyd of Effra said cyber resilience is increasingly important for national security and economic stability.

According to the government’s Cyber Security Breaches Survey, 43% of businesses reported experiencing a cyber breach or attack during the past year. The minister said AI tools are making some cyber capabilities more accessible by automating tasks such as vulnerability detection and reconnaissance.

The government also encouraged technology providers to adopt a ‘secure by design’ approach and referred to existing cybersecurity guidance frameworks.

The Department additionally announced a £90 million cyber resilience fund intended to support businesses, including SMEs and NHS suppliers. The government said a broader National Cyber Action Plan is expected later this summer.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Financial institutions increase cyber defences following AI security findings

Banking institutions across the United States, Europe, and Japan are strengthening cybersecurity measures following the identification of new vulnerabilities through AI-assisted security analysis tools. The findings have increased discussion around how AI may affect cyber risks across financial infrastructure.

Security teams are reviewing legacy system vulnerabilities and accelerating remediation efforts, according to sector reports. Smaller institutions are relying on intelligence shared by larger banks, while regulators warn that inaction increases exposure to coordinated cyberattacks.

International financial organisations, including the International Monetary Fund, have highlighted potential risks linked to evolving AI-enabled cyber threats.

Recent incidents involving platform breaches, supply-chain compromises, and AI-related exploit techniques have contributed to broader cybersecurity concerns across sectors.

Cybersecurity specialists said defence strategies increasingly rely on coordinated intelligence-sharing and AI-supported security systems.

Why does it matter?

AI is accelerating both the discovery of system weaknesses and the sophistication of cyberattacks, increasing systemic risk across interconnected financial infrastructure. As banking becomes more digitally dependent, cybersecurity shifts into a core stability concern for global financial governance and market resilience.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

WEF highlights cybersecurity as a strategic economic priority in the AI era

The World Economic Forum said cybersecurity is rapidly evolving into a strategic economic and national security priority as AI systems, geopolitical tensions, and increasingly interconnected digital ecosystems reshape global cyber risks.

During the Annual Meeting on Cybersecurity 2026 held in Geneva, participants discussed how cyber threats are increasingly affecting economic activity, supply chains, financial systems, and critical infrastructure.

The forum said large-scale cyber incidents can disrupt national economies and critical infrastructure. The report referenced a major 2025 cyberattack that disrupted UK automotive production and reportedly contributed to weaker GDP growth, with estimated economic losses reaching approximately £1.9 billion.

WEF argued that organisations are increasingly abandoning compliance-driven cybersecurity models in favour of measurable resilience strategies focused on rapid recovery, operational continuity, incident response readiness, and stronger governance structures.

AI featured heavily throughout the discussions. The forum warned that attackers are using AI almost universally, allowing cyber operations to become faster, more autonomous, and more scalable. Leaders also highlighted emerging risks linked to agentic AI systems, software supply chain vulnerabilities, and quantum computing developments.

Participants stressed that cyber resilience now requires far broader coordination between governments, regulators, businesses, insurers, and infrastructure operators. Public-private cooperation, information-sharing systems, interoperable intelligence frameworks, and cross-border regulatory coordination were described as increasingly necessary to manage systemic cyber risks.

The discussions also focused on cyber-enabled fraud, scams, and online criminal operations that increasingly target both institutions and ordinary citizens across digital ecosystems. Experts argued that cybersecurity strategies must combine technological protection, digital literacy, public awareness, and platform-level safeguards instead of relying solely on reactive responses.

WEF concluded that cybersecurity is becoming inseparable from economic security and strategic stability in the AI era, with future resilience depending heavily on how effectively governments and industries align incentives, quantify cyber risk, and strengthen cooperation across interconnected systems.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

ICO warns organisations about growing AI cyber threats

The UK Information Commissioner’s Office has warned that AI is enabling faster, more advanced and harder-to-detect cyberattacks, urging organisations to strengthen their defences against emerging threats.

In a blog post, the regulator highlighted risks such as AI-generated phishing emails, deepfake social engineering, automated vulnerability scanning, AI-powered malware, credential attacks, data poisoning and indirect prompt injection. The ICO said cybersecurity must be treated as a shared responsibility, with organisations expected to take proactive steps to protect the personal data they hold.

The ICO said strong foundational security measures remain essential, but should be reinforced with layered defences to counter AI-powered threats. It pointed to practical steps such as patching systems, restricting access through multi-factor authentication, applying least-privilege principles and managing supplier risks.

The recommendations also include monitoring systems for unusual activity, carrying out vulnerability scanning and penetration testing, and maintaining regularly tested incident response plans. The ICO said AI can also support cyber defence, but should operate within a clear framework of human oversight and accountability.

Organisations are further advised to minimise data collection, conduct regular data audits and train staff to recognise AI-powered social engineering attacks. The ICO said AI tools processing high-risk personal data should be supported by data protection impact assessments and appropriate safeguards.

Why does it matter?

The ICO’s warning links AI-powered cyber threats directly to data protection obligations. As attackers use AI to scale phishing, exploit vulnerabilities and impersonate trusted contacts, organisations are expected not only to improve technical security, but also to limit the personal data they hold, strengthen governance and prepare for faster-moving incidents.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Poland launches campaign to boost business cybersecurity awareness

Poland’s Ministry of Digital Affairs has launched a campaign to encourage entrepreneurs and management teams to take a more active role in protecting their companies from cyber threats.

The campaign, titled ‘Build your company’s digital security click by click’, is aimed at businesses and senior decision-makers. The ministry says its main goal is to encourage firms to address cybersecurity at both organisational and operational levels.

The campaign stresses that cybersecurity is no longer solely the responsibility of IT departments but is a key part of responsible business management. The ministry points to growing risks such as phishing and ransomware as digital technology becomes central to company operations.

According to the ministry, effective cybersecurity depends on three pillars: knowledge, processes and people. The campaign encourages firms to analyse risks, develop incident response procedures, train employees regularly and use official guidance available through cyber.gov.pl.

A separate focus is placed on medium-sized and large companies subject to requirements under Poland’s national cybersecurity system. The ministry says firms in key sectors should understand obligations related to risk management, incident reporting and the protection of information systems.

The campaign also calls on company leaders to integrate cybersecurity into business strategy, including through security policies, investment in skills and the development of a culture of responsibility across organisations.

Why does it matter?

The campaign reflects a broader shift in cybersecurity policy from technical protection towards organisational responsibility. By targeting business leaders, Poland is emphasising that cyber resilience depends not only on tools, but also on governance, staff training, incident response and compliance with national cybersecurity obligations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Diplo chatbot can make mistakes. Consider checking important information.