cybersecurity

Swisscom says AI and geopolitics are reshaping the cyber threat landscape

Swisscom has published its 2026 Cybersecurity Threat Radar, warning that cyber threats have grown more complex over the past year as geopolitical tensions and disruptive technologies put added pressure on digital systems. The report presents AI, supply chain exposure, digital sovereignty, and operational technology security as four strategic risk areas for organisations.

The report highlights state-linked cyber activity, hybrid influence operations such as disinformation, and supply chain attacks as key drivers of the current threat environment. It argues that digital transformation has increased dependence on cloud services, third-party software, AI systems, and networked industrial infrastructure, making organisations more exposed to cascading failures and external dependencies.

On AI, Swisscom describes insecure AI use as a risk multiplier. While AI can improve productivity, the report warns that poor governance, weak visibility into models, and uncontrolled use of AI tools in operational environments can expand attack surfaces, affect data quality, and create new compliance challenges.

Software supply chains are also identified as a persistent vulnerability. Swisscom says a single compromised component or manipulated update process can have far-reaching consequences across interconnected systems, making software integrity, origin verification, and traceability increasingly important as mitigation measures.

The convergence of information technology and operational technology is presented as another growing area of concern. In sectors such as energy, healthcare, manufacturing, and building automation, incidents can have consequences that go well beyond financial loss, affecting critical infrastructure, production, and even human safety.

The report also places greater emphasis on digital sovereignty, arguing that organisations need clearer visibility over where data is processed, which legal regimes apply, and how dependent they are on cloud and technology providers. In that sense, Swisscom frames cybersecurity less as a narrow IT function and more as a strategic governance issue tied to resilience, control, and trust.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Ransomware accounts for 90% of cyber losses in manufacturing, claims data shows

Ransomware is responsible for 90% of total cyber-related financial losses in the manufacturing sector, despite accounting for only 12% of claim volume by number, according to an analysis of insurance claims data published by Resilience.

The findings indicate that while ransomware incidents are not the most frequently filed claim type, they produce disproportionately large financial losses when they occur. The manufacturing sector’s low tolerance for operational downtime is identified as a contributing factor to loss severity.

Additional findings from the claims dataset include:

  • 30% of manufacturing claims are linked to phishing and transfer fraud
  • 26% of total losses are associated with multi-factor authentication (MFA) misconfiguration
  • 12% of claims involved wrongful data collection

The report identifies MFA misconfiguration as a notable area of exposure, alongside procedural gaps in financial transfer controls. Recommended mitigation measures include auditing MFA deployment, implementing transfer verification procedures, and investing in ransomware containment capabilities.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU and Republic of Korea launch aviation partnership on technical cooperation and cyber resilience

European and South Korean aviation authorities are conducting a three-week series of technical exchanges in Seoul, covering safety oversight, airspace management, and cybersecurity.

The European Union Aviation Safety Agency (EASA) and South Korea’s Ministry of Land, Infrastructure and Transport are participating under the EU–Republic of Korea Aviation Partnership Project, an EU-funded initiative announced by the European External Action Service (EEAS).

The programme began with a three-day session on the International Civil Aviation Organisation’s Universal Safety Oversight Audit Programme (USOAP), which assesses national aviation safety oversight systems. EASA presented findings from its most recent ICAO audit, with discussions covering oversight frameworks, organisational structures, and lessons identified.

A workshop on performance-based navigation and airspace management followed, addressing procedures to improve the predictability and efficiency of aircraft arrivals, including at airports with parallel runways.

A third workshop on aviation cybersecurity is scheduled for the coming week. It will cover security considerations across aviation systems, including aircraft certification processes and air traffic management infrastructure.

The activities are designed to facilitate technical exchange between Korean and European stakeholders across the aviation sector, according to EASA.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Victorian officials outline approach to managing AI risks in public sector

Ian Pham at the Victorian Managed Insurance Authority (VMIA) outlined approaches to managing AI adoption during the PSN Victorian Government Cyber Security Showcase. Organisations face the challenge of adopting AI while maintaining effective risk management as these systems become more embedded in government operations.

Cybersecurity teams have traditionally operated with a risk-averse approach focused on minimising threats. Such an approach can slow innovation when applied to AI systems used in public sector environments.

A shift towards managing risk in line with organisational objectives is presented as necessary. This includes prioritising relevant risks and moving from reactive responses towards supporting decision-making processes.

AI adoption involves secure environments for experimentation with defined guardrails, including synthetic or non-sensitive data, monitoring mechanisms, usage conditions, and identity and access controls. Exposure can then be increased gradually, supported by governance and continuous reassessment.

Risks linked to AI systems include data leakage, privacy concerns, unauthorised use, and data quality issues. These risks are described as requiring visibility and management, alongside organisational awareness and engagement to support confidence in AI use.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

AI model raises security risks, prompting release concerns, reports say

Anthropic is reported to have declined to release its latest AI model, Mythos, citing potential risks to global cybersecurity. The system is reported to be capable of identifying vulnerabilities across major operating systems and web browsers, raising concerns about possible misuse.

Reports indicate that the company is investigating claims that unauthorised actors may have accessed the model. A reported breach has intensified debate about whether technology firms can maintain control over increasingly powerful AI systems as development accelerates.

The Mythos model is described as part of a new class of AI tools capable of analysing complex digital environments and identifying weaknesses at scale. Such capabilities could support cybersecurity efforts, but may also present risks if exploited by malicious actors.

The case has contributed to discussions within the technology sector about balancing innovation with efforts to manage potential risks to digital infrastructure.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

CISA releases guidance on Zero Trust adoption in critical infrastructure systems

The Cybersecurity and Infrastructure Security Agency, alongside several US government partners, has released guidance to support the adoption of Zero Trust principles in operational technology systems. The document aims to strengthen cybersecurity across critical infrastructure.

The guide outlines practical steps to address risks linked to increasingly interconnected and remotely operated systems. It highlights vulnerabilities created by expanded attack surfaces and evolving cybersecurity threats.

Key recommendations include improving asset visibility, securing supply chains and implementing stronger identity and access controls. The guidance also addresses challenges such as legacy systems and operational constraints.

Officials say the approach will help organisations reduce risks and improve resilience without disrupting essential operations. US agencies in Washington issued the guidance.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

The Philippines and South Korea launch a major cybersecurity centre project

The Department of Information and Communications Technology in the Philippines has formalised a major cybersecurity partnership with South Korea, securing funding and technical support to establish a National Cyber Security Centre to strengthen the country’s digital defences.

The agreement, supported by the Korea International Cooperation Agency, has been described by Philippine officials as the largest cybersecurity cooperation project of its kind in the country.

The initiative is intended to create a central hub for cyber threat monitoring, incident response, and coordinated defence, while also improving information security management across government systems. The programme is backed by a US$25.6 million grant over five years, reflecting the growing urgency of responding to increasingly sophisticated cyber threats affecting infrastructure and public services.

Beyond infrastructure, the project also aims to strengthen national capacity through training and workforce development, helping build a larger pool of cybersecurity professionals. Philippine authorities have stressed that cybersecurity now extends beyond technical systems and increasingly affects public trust, economic stability, and everyday digital activity.

The agreement with South Korea points to a broader effort to strengthen the Philippines’ resilience as a digital economy, with stronger institutional safeguards against evolving cyber risks and a longer-term commitment to secure digital transformation.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

EU cybersecurity certification framework gains momentum after Cyprus event

The European Commission and the European Union Agency for Cybersecurity (ENISA) have stepped up efforts to strengthen cybersecurity certification across the EU during the European Cybersecurity Certification Week held in Cyprus. The event brought together policymakers, industry representatives, and national authorities to support the implementation of a more unified certification framework.

Discussions focused on advancing the EU Cybersecurity Certification Framework under the Cybersecurity Act, as well as its interactions with related legislation, including the Cyber Resilience Act, the NIS2 Directive, and the Cyber Solidarity Act. The initiative reflects a broader effort to harmonise standards and strengthen trust in digital products and services across member states.

Progress was also reported on two certification schemes currently under development. One concerns European Digital Identity Wallets, aiming to set high security requirements to protect citizens’ credentials, while the other focuses on Managed Security Services, particularly incident response capabilities under the Cyber Solidarity Act.

Participants also reviewed the peer assessment mechanism intended to support consistent implementation across member states. That process, already underway, is designed to promote equivalent cybersecurity standards throughout the EU and reduce the risk of fragmented national approaches.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

ENISA updates cybersecurity assessment framework for the EU Member States

The European Union Agency for Cybersecurity has released an updated version of its National Cybersecurity Capabilities Assessment framework, designed to help countries evaluate the maturity of their cybersecurity strategies and implementation progress.

The revised tool provides a structured approach for identifying strengths, weaknesses, and areas requiring further development.

The framework, known as NCAF 2.0, is intended for policymakers and government officials responsible for national cybersecurity planning. It enables authorities to track progress at both strategic and operational levels while improving understanding of how effectively national strategies are being implemented.

Aligned with key EU legislation, including the NIS2 Directive, the updated framework supports coordination across Member States by offering a shared reference point for capability assessment.

It also facilitates peer review processes and encourages the exchange of best practices in cybersecurity governance.

Why does it matter?

The tool gives EU Member States a consistent way to measure and improve cybersecurity readiness, reducing fragmentation across national approaches.

By identifying gaps and aligning strategies with frameworks like NIS2, it strengthens collective resilience against cross-border cyber threats. The shared methodology also improves coordination, enabling faster learning and more coordinated responses to evolving cyber risks across the EU.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

UK’s National Cyber Security Centre chief warns of ‘perfect storm’ for UK cybersecurity

Dr Richard Horne, chief executive of the UK’s National Cyber Security Centre, has described the country as facing a ‘perfect storm’ for cybersecurity.

Speaking at the CYBERUK conference in Glasgow, Horne described developments in AI and wider international tensions as creating a period of ‘tumultuous uncertainty’. He added that the definition of cybersecurity is expanding as technology becomes more deeply embedded in robotics, autonomous systems, and human-integrated technologies.

Horne called for what he described as a ‘cultural shift’ across organisations, adding: ‘cybersecurity is the responsibility of everyone, whether they sit on the Board or the IT help desk… cybersecurity is part of their mission.’

He also argued: ‘organisations that do not focus on their technology base…as core to their prosperity … are no longer just naïve but are failing to grasp the reality of today’s world.’

On the threat landscape, Horne noted that incident numbers remain ‘fairly steady’, but that the source of attacks has shifted, with ‘the majority of the nationally significant incidents that the NCSC is handling now originate directly or indirectly from nation states.’

He also described cyberspace as part of the contested space ‘between peace and war’ and warned that the UK is seeing Russia apply lessons learned during its invasion of Ukraine beyond the battlefield. In that context, he argued that recent conflicts show ‘cyber operations are now integral to conflict’ and that ‘cybersecurity is the home front’.

Addressing frontier AI, Horne said: ‘Frontier AI is rapidly enabling discovery and exploitation of existing vulnerabilities at scale, illustrating how quickly it will expose where fundamentals of cybersecurity are still to be addressed.’

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.