Search This Blog

Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Showing posts with label Cyber Security. Show all posts

Accenture Buys Cybersecurity Firms Dragos, runZero, NetRise for $4.18 Billion

 

In a landmark move to fortify its cybersecurity capabilities, Accenture has announced a $4.18 billion deal to acquire a majority stake in industrial cybersecurity leader Dragos, alongside full ownership of asset intelligence firm runZero and device security specialist NetRise. This strategic acquisition spree underscores Accenture’s ambition to expand beyond traditional consulting services and establish itself as a comprehensive provider of software-driven cybersecurity solutions, particularly for critical infrastructure sectors vulnerable to AI-powered cyber threats and geopolitical risks. 

The timing of the deal reflects both opportunity and necessity. While global consulting demand has softened—partly due to the ongoing Iran war impacting Middle East operations—cybersecurity remains a high-growth domain with surging client investment. Accenture, already operating a $10 billion cybersecurity business, sees industrial and operational technology (OT) security as a key frontier. By integrating Dragos’s OT threat monitoring, runZero’s real-time asset discovery, and NetRise’s embedded device security, the firm aims to deliver end-to-end protection for energy grids, manufacturing facilities, transportation systems, and other mission-critical environments increasingly targeted by state-sponsored and criminal hackers.

Dragos brings deep expertise in securing industrial control systems, with a platform widely used by utilities and heavy industries to detect and respond to OT-specific threats. runZero complements this with advanced asset intelligence, enabling organizations to maintain accurate, dynamic inventories of all connected devices—a foundational requirement for effective cybersecurity in complex, hybrid IT-OT environments. NetRise adds another critical layer by securing firmware and embedded systems, which are often overlooked but increasingly exploited attack vectors. Combined, these three companies contribute approximately $208 million in annual recurring revenue and significantly enhance Accenture’s software-led service portfolio. 

The transactions are structured to close by August or September 2026, subject to regulatory approvals and standard closing conditions. Accenture’s majority stake in Dragos—rather than full acquisition—suggests a collaborative approach that preserves the firm’s entrepreneurial agility while leveraging Accenture’s global scale and client network. Full ownership of runZero and NetRise, meanwhile, allows deeper integration into Accenture’s existing cybersecurity and cloud practices. This hybrid model reflects a broader industry shift where consultancies blend strategic partnerships with outright acquisitions to rapidly scale niche capabilities without disrupting innovation cultures. 

For the cybersecurity market, Accenture’s move signals intensifying competition among large professional services firms to capture share in the booming industrial security segment. Enterprises, especially in critical infrastructure, stand to benefit from more integrated offerings that combine strategy, implementation, threat intelligence, and managed services under a single provider. However, investor reaction has been cautious, with Accenture’s shares dropping over 13% following the announcement, partly due to weaker-than-expected quarterly guidance tied to geopolitical headwinds. Still, the $4.18 billion bet highlights Accenture’s long-term conviction that cybersecurity—particularly in the industrial realm—will remain a cornerstone of digital transformation and risk management in the AI era.

WhatsApp Tests New Android Chat Backup Management Feature to Improve Google Drive Storage Control

 

Managing WhatsApp backups on Android might become significantly easier in the future as the messaging platform prepares new solutions to give users more control over their data. The upcoming update will allow people to organize and delete old backups, thus saving space on their devices and ensuring a better management of information stored on Google Drive. 

WhatsApp has been working on the tool for quite some time, while it has not been publicly available yet. Reporters found out about the future feature as they explored the latest beta version of the app. The new tool will appear in the Backup section and will enable users to delete old backups directly from WhatsApp, thus providing more space for data stored on Google Drive. 

This update will make managing storage much easier for millions of Android users who experience difficulties deleting excess data from Google Drive. The update comes as WhatsApp continues working on new ways to improve its cloud backup system. Last year, reporters learned about the company’s plan to create its cloud storage system. That way, WhatsApp users will be able to store their backups on Google Drive or the company’s cloud. 

According to the publication, WhatsApp’s storage will offer 2 gigabytes of space for free, and an additional 10 gigabytes can be acquired for a small fee. Moreover, regardless of the storage method, WhatsApp backups will be end-to-end encrypted. The encryption can be supplemented by a passkey, a regular password, or a 64-digit code. At the same time, WhatsApp has not abandoned its reliance on Google Drive. The application updates in 2021 demonstrated Android users’ demand for more control over their WhatsApp backups. 

Developers worked on ways to meet the users’ requirements and made the new in-app management system more accessible by adding shortcuts to Google Drive’s management system and Android’s built-in settings. In the same vein, Google has also been working on ways to provide more convenience and flexibility for Android users. Recently, Android users have received an additional tool to manage WhatsApp backups. 

With version 26.23 of Google Play Services, users gained the ability to view and control their WhatsApp backups directly from their device’s Settings menu. Thus, the Settings page now offers access to WhatsApp backups without having to open the messaging app. Right now, WhatsApp users can back up their chats, media files, voice notes, and other content to Google Drive. The application can automatically perform backups every day, weekly, or monthly. 

To restore a backup, one has to reinstall WhatsApp on their device and log in with their Google and WhatsApp account. The upcoming update will allow Android users to manage backups directly in WhatsApp, complementing Google’s newly introduced settings. The new system for managing WhatsApp backups will enable Android users to delete unwanted backups directly inside the application. 

That way, the update will enable more control over the backups, which will help the users that have multiple devices or simply change their smartphones too often. Having more than one phone results in multiple backups, whereas excessive WhatsApp backups consume more space on Google Drive. Though WhatsApp has not announced when the update will be released, it should come in the near future. 

After Google released its new system that allows Android users better control over WhatsApp backups, the update can be available to users soon. If the update arrives in 2022, Android users will appreciate the additional flexibility and convenience of managing their WhatsApp backups while keeping their data safe and secure.

UAE Becomes First Arab Nation to Ban Social Media for Children Under 15

 

The United Arab Emirates has become the first Arab nation to impose a comprehensive ban on social media use for children under the age of 15, marking a significant milestone in digital child protection. Announced in mid-June 2026 through a cabinet resolution, the policy prohibits minors below 15 from creating, using, or managing personal accounts on platforms like Instagram, TikTok, Snapchat, and Facebook. 

This decision aligns the UAE with countries such as Australia, Britain, and Canada that have recently tightened online safety rules amid growing concerns about social media's impact on young people's mental health. Under the new regulations, children under 15 are completely barred from accessing interactive social media features, including posting content, commenting on posts, sharing material, or joining public groups and open channels. 

The ban is absolute and cannot be circumvented through parental or caregiver consent, representing a stricter approach than previous guidelines. For teenagers aged 15 and 16, limited access is permitted but comes with enhanced safeguards, including age-appropriate content controls, restrictions on interactions with strangers, screen-time management tools, and mandatory parental supervision features. 

Social media platforms operating in the UAE must now implement robust age-verification systems, including digital identity checks and AI-supported technologies, with self-declared ages explicitly rejected as valid proof. Companies have been given a 12-month transition period ending December 31, 2026, to identify, monitor, and disable accounts belonging to underage users. Failure to comply with these requirements could result in significant penalties, including partial or full blocking of non-compliant services within the country, with enforcement overseen by the Telecommunications and Digital Government Regulatory Authority.

The resolution builds upon Federal Decree-Law No. 26 of 2025 on Child Digital Safety, which came into force on January 1, 2026, and applies to all digital platforms that operate in or have users within the UAE, regardless of where the company is headquartered. These regulations also restrict the collection of personal data from children under 13 without verifiable parental consent and prohibit platforms from using minors' information for targeted advertising or behavioural profiling. The measures are designed to protect children from inappropriate content, online risks, excessive social media use, and misuse of personal data while fostering healthier digital habits. 

The policy has immediate relevance for the UAE's large expatriate population, including over 3.5 million Indians residing in the country, many of whom have school-aged children using social media platforms. In response, Dubai has launched a nationwide initiative aimed at promoting healthy technology use among young people and supporting parents in adapting to rapid technological changes. Authorities emphasise that digital balance does not mean rejecting technology but rather helping children and families use it in ways that support their wellbeing and growth. 

Post-Quantum Cryptography Readiness Becomes a Strategic Cybersecurity Priority for Enterprises

 

Though practical quantum computers may still be years away, organizations are already preparing for the security risks they could create. Post-quantum cryptography has shifted from research into real-world planning as experts warn current encryption could eventually become vulnerable. Rather than waiting for that moment, many businesses are reviewing existing systems now. 

Early preparation is increasingly viewed as essential because delaying changes could make future transitions far more difficult. Fresh policies are adding urgency by setting clear expectations for organizations responsible for protecting critical infrastructure and sensitive data. Quantum readiness is no longer seen as only an IT issue but a business-wide priority involving leadership, governance, funding, and long-term planning. 

Instead of simply replacing outdated encryption, organizations are expected to build flexible strategies that can adapt to future cryptographic standards. A major concern is the “harvest now, decrypt later” threat. Attackers may steal encrypted information today and store it until quantum computers become powerful enough to decrypt it. 

Intellectual property, healthcare records, financial information, source code, and government communications with long-term value could all become exposed in the future, even if current encryption remains secure against today’s computers. The challenge is no longer just preparing for future technology but protecting data that must remain confidential for years. Organizations handling highly sensitive or regulated information may need to begin migration sooner because the consequences of delayed action could be far greater.  

Cybersecurity leaders recommend assigning clear ownership of post-quantum initiatives instead of leaving responsibility with individual application teams. Cross-functional groups involving security, IT, engineering, legal, compliance, procurement, and business leadership are better positioned to manage the transition since encryption supports nearly every part of modern digital operations. 

A critical first step is identifying where cryptography exists throughout the organization. Many companies lack a complete view of which systems rely on specific algorithms, certificates, keys, authentication methods, APIs, cloud environments, and third-party services. Without that visibility, assessing risks or deciding migration priorities becomes extremely difficult. Security experts also stress that this inventory should remain continuously updated rather than existing as a static spreadsheet. 

Ongoing visibility helps organizations identify systems requiring stronger protection, understand dependencies, provide accurate regulatory reporting, and give executives a realistic view of progress. Once cryptographic assets are fully mapped, organizations can prioritize migration based on business impact. Systems protecting customer information, healthcare data, financial services, critical infrastructure, digital identities, and software integrity generally require attention before less critical environments, allowing organizations to spread the transition over several years. 

Preparing for post-quantum security also requires dedicated investment. Funding must support discovery tools, testing environments, migration programs, automation, and governance. Organizations will also need specialists with expertise in cryptography, enterprise architecture, public key infrastructure, compliance, and cybersecurity to guide the transition effectively. Long-term success depends on achieving crypto-agility—the ability to update cryptographic algorithms without rebuilding entire systems. 

Rather than treating post-quantum cryptography as a one-time project, many organizations are designing adaptable security architectures capable of evolving alongside future standards. As artificial intelligence, autonomous technologies, and increasingly complex digital ecosystems continue to expand, flexible cryptographic infrastructure will become even more important.  

Although no one knows exactly when quantum computers capable of breaking today’s encryption will become reality, many cybersecurity experts believe organizations should begin preparing now. Companies that establish governance, maintain visibility into cryptographic assets, and gradually modernize their infrastructure will be better positioned to adapt as quantum computing—and the security landscape—continues to evolve.

GPT-5.6 Sol Debuts With Enhanced Cyber Protections, Limited to Trusted Partners


 

An open preview of OpenAI's next-generation GPT-5.6 model family has been introduced under tight control, marking an important milestone in the advancement of frontier artificial intelligence with an equal emphasis on cybersecurity and responsible deployment. The release is anchored by GPT-5.6 Sol, the company's most advanced and security-hardened model to date. 

It introduces a three-tier architecture comprising Sol, Terra, and Luna, each of which is specifically designed to meet distinct performance, cost, and deployment requirements in software engineering, scientific research, professional knowledge work, computer use, and cybersecurity. OpenAI has restricted access to its API and Codex platforms to a select group of trusted partners following a formal request from the Trump administration rather than releasing the technology to the general public immediately. 

As a result, a cautious strategy emphasizes rigorous security evaluation, controlled real-world testing, and resilience against misuse before the product is available in broad markets. 

GPT-5.6 Introduces a New AI Model Architecture

Moreover, OpenAI is transforming its product architecture, replacing sequential branding with permanent capability tiers in addition to its flagship launch. A long-term restructuring of OpenAI's model portfolio is also part of the GPT-5.6 release, replacing sequential branding with permanent capability tiers that differentiate performance, efficiency, and deployment. 

Sol is the flagship model for advanced reasoning and technical tasks within this framework, Terra delivers performance comparable to GPT-5.5 at approximately half the operational cost for enterprise-scale deployments, while Luna is designed to achieve low latency and low operating cost for high-volume inference applications. Instead of GPT-5.5, which emphasized reasoning and coding improvements, GPT-5.6 emphasizes defensive cybersecurity, controlled deployment, and capability-specific safeguards, reflecting the general trend toward the advancement of security-aware frontier AI. 

The company states that the phased deployment reflects ongoing engagement with federal authorities in an effort to align future frontier AI releases with the objectives outlined in the recent Executive Order governing the assessment of advanced artificial intelligence systems for national security purposes. 

Preparedness Framework Strengthens Cybersecurity Safeguards 

Security remains central to the GPT-5.6 rollout. In its Preparedness Framework, OpenAI has categorized Sol, Terra, and Luna as High Capability models for both cybersecurity, biology, and chemical domains. However, none of these models currently meet the threshold for AI self-improvement as a High Capability model. 

To reduce the increased dual-use risks associated with increasingly capable foundation models, the company has adopted capability-specific safeguards rather than a uniform protection layer in order to mitigate this risk. By combining policy-level restrictions with automated classifiers, cybersecurity- and biology-related prompts are continuously analyzed in real time through the security architecture. 

When potentially high-risk interactions are detected, response generation is temporarily halted until a secondary reasoning model reviews the conversational context to determine whether or not to allow or restrict responses. A risk assessment can also be conducted by OpenAI at an account level to help differentiate legitimate security research and vulnerability analysis from potentially malicious behavior. 

GPT-5.6 Sol Demonstrates Strong Defensive Security Performance

The OpenAI benchmark results demonstrate that GPT-5.6 Sol provides competitive performance in defensive cybersecurity tasks while operating with significantly higher computational efficiency as compared to GPT-5.6 Sol. Sol was able to achieve results comparable to those of leading frontier systems such as Mythos Preview when evaluated on ExploitBench with one-third more tokens required for output. 

In internal testing of large Chromium and Firefox codebases, the model demonstrated the capability of identifying software flaws, isolating vulnerabilities, and providing patching advice as well as basic exploitation primitives. In addition, OpenAI pointed out that the system did not independently develop complete multistage exploit chains, reinforcing its goal of supporting defensive security research rather than facilitating offensive cyber operations. 

Red-Teaming and Safety Testing Ahead of Deployment

The OpenAI preview version included more than 700,000 A100-equivalent GPU hours of automated red-teaming for further strengthening resilience against misuse. Rather than focusing solely on isolated prompt failures, the testing program targeted systemic weaknesses as well as universal jailbreak techniques capable of bypassing model safeguards across a variety of scenarios, thereby enhancing resilience against misuse. 

In the coming week, OpenAI plans to make the models available to a wider range of API and Codex partners. Additionally, OpenAI warns against making government-mediated pre-clearance a permanent requirement for frontier AI deployments. As a result of prolonged restrictions, advanced defensive capabilities may not be available as needed by the wider cybersecurity community to combat rapidly evolving threats if they are prolonged. 

Pricing, Capability Tiers and Enterprise Availability 

Additionally, OpenAI has revised its naming strategy with generation numbers identifying the model family, and Sol, Terra, and Luna remaining persistent capability layers. A tiered pricing structure based on token consumption has been established by the company, with GPT-5.6 Sol charging $5 for a million input tokens and $30 for a million output tokens, Terra charging $2.50 per input and $15 per output, and Luna charging $1 per input and $6 per output, in accordance with the performance profiles and deployment scenarios of each model. 

As part of OpenAI's ongoing commitment to the enterprise, GPT-5.6 Sol will be released on Cerebras in July, delivering inference speeds of up to 750 tokens per second for enterprises with high-throughput AI requirements. 

Government Oversight Shapes GPT-5.6 Rollout 

GPT-5.6's limited release has also been the focus of an ongoing debate concerning national security oversight of frontier AI systems as a result of the limited release. According to OpenAI, the decision was made to limit the initial release following the Trump administration's request for a staggered rollout as government agencies evaluated the impact of the model's advanced capabilities. 

Sam Altman, the Chief Executive Officer of OpenAI, has subsequently advised employees that access to the preview will be approved individually as part of the coordinated rollout process. The request was made in consultation with the Office of the National Cyber Director, the Office of Science and Technology Policy, and Howard Lutnick, Secretary of Commerce. 

It was openAI's belief that government-mediated access should continue to be an exceptional measure rather than a long-term deployment model, even as it cooperated with the temporary review process, arguing extended restrictions may deter developers, enterprises, and cybersecurity practitioners from implementing critical AI capabilities. 

New Reasoning Modes Expand Defensive AI Capabilities 

 Along with deployment and governance, OpenAI has also enhanced the defensive security capabilities of GPT-5.6. According to OpenAI, GPT-5.6 is designed to make prohibited offensive activities more difficult, uncertain, and detectable while preserving legitimate applications such as code review, vulnerability research, patch development, and defensive security testing. 

The Max Reasoning Effort mode introduced in GPT-5.6 supports this approach by allowing Sol to allocate considerable computational resources to complex problems before providing responses. With Ultra reasoning, the execution of long-term tasks which require sustained planning and multi-step analysis is enhanced beyond conventional single-agent execution by orchestrating multiple parallel subagents capable of collaborating collaboratively. 

Scientific Benchmarks and OpenAI's Cybersecurity Roadmap

GPT-5.6 is the latest model family from OpenAI that demonstrates the company's commitment to AI-based defensive cybersecurity. Additionally, the company recently introduced GPT-5.5-Cyber as part of its Daybreak initiative, a specialized model for automated vulnerability discovery, patch generation, and software remediation. 

The OpenAI model achieved state-of-the-art performance across CyberGym (85.6%), ExploitGym (39%), and SEC Bench Pro (69.8%), a significant improvement over GPT-5.5 baselines. Additionally, GPT-5.6 Sol has demonstrated improved performance on GeneBench v1 and improved reasoning efficiency, indicating that the latest releases are an integral part of a broader strategy: advancing frontier AI capabilities while also investing equally in tools and safeguards necessary for enhancing cyber defenses.

Five Eyes Warns New AI Models Pose Urgent Cyber Risk

 

The Five Eyes intelligence alliance has issued a stark warning that the latest generation of artificial intelligence could reshape the cyber threat landscape much faster than most organizations expect. In a joint advisory, intelligence and cybersecurity leaders from the United States, the United Kingdom, Canada, Australia and New Zealand said frontier AI models are advancing so quickly that long-standing assumptions about cyber risk may become outdated in only a matter of months. 

The message is clear: AI is no longer just a productivity tool or a research breakthrough. It is also a force multiplier for attackers who want to move faster, exploit weaknesses sooner and launch more sophisticated campaigns. According to the advisory, AI can lower the barriers for malicious actors by making phishing, malware development and vulnerability discovery easier and more efficient. 

That means attackers with limited technical skill may soon be able to carry out actions that once required experienced operators, while more advanced threat groups could automate parts of their workflow at greater scale. The intelligence chiefs said the risk is not theoretical, because the speed of AI development is already changing how quickly vulnerabilities can be found and weaponized. As a result, organizations that wait for mature standards may find themselves exposed before they realize the threat has changed. 

The alliance also emphasized that cyber risk should be treated as a business risk, not just an IT issue. Its guidance urges leaders to understand risk, strengthen foundational security controls and give cyber teams enough authority and resources to respond effectively. The warning stresses that breaches are inevitable, so preparedness matters as much as prevention. In practice, that means testing incident response plans, training staff and making sure the organization can contain and recover from an attack before it turns into a wider operational or financial crisis. 

Five practical steps were highlighted as urgent priorities: reduce unnecessary exposure, accelerate patching, address legacy systems, strengthen identity and access controls and prepare for incidents in advance. The advice is especially relevant because outdated systems and slow patch cycles remain common weaknesses across both public and private sectors. By limiting attack surfaces and tightening access, organizations can reduce the chances that AI-assisted attackers will find an easy opening. The core message is that resilience must be built before a crisis starts, not after. 

For businesses, the report is a reminder that AI’s cyber impact is arriving faster than policy and governance often do. The Five Eyes warning does not argue that AI should be avoided; instead, it says AI should be used deliberately to strengthen defense while leaders move faster on security basics. In other words, the organizations most likely to cope with AI-driven threats will be those that treat cybersecurity as continuous readiness, not a one-time compliance exercise.

China's New AI Model Challenges U.S. Cybersecurity Leaders

 



China's latest open-weight artificial intelligence model is drawing attention within the cybersecurity community after independent evaluations indicated that it can rival some of the vulnerability detection capabilities of leading U.S. frontier AI systems. The findings are fueling renewed debate over whether restricting access to advanced American AI models is enough to slow the spread of powerful cyber capabilities.

Chinese AI company Zhipu AI, also known as Z.ai, released its GLM-5.2 model on June 13 under a permissive open-weight license. Unlike proprietary AI systems that are only accessible through controlled cloud services, open-weight models allow researchers and developers to download the model weights and run them on their own hardware. This approach enables offline deployment, customization through fine-tuning, and unrestricted experimentation without requiring ongoing approval from the model developer.

The release stands in contrast to Anthropic's Claude Mythos, one of several advanced AI systems whose availability has been limited under U.S. export controls because of concerns that highly capable models could be misused for offensive cyber operations. While GLM-5.2 still falls behind leading models from Anthropic and OpenAI across many general-purpose reasoning benchmarks, recent testing suggests it performs remarkably well in one highly specialized area: identifying software vulnerabilities.

Independent benchmarking conducted by Semgrep found that GLM-5.2 achieved an F1 score of 39% when detecting Insecure Direct Object Reference (IDOR) vulnerabilities. IDOR flaws arise when applications expose internal object identifiers without properly verifying whether a user is authorized to access the requested resource, making them a common source of unauthorized data access and privilege abuse. Under the same evaluation conditions, Claude Code recorded scores ranging from 32% to 37%, placing GLM-5.2 slightly ahead in this specific cybersecurity task.

The benchmark also underlined a notable economic advantage. Researchers estimated that GLM-5.2 identified vulnerabilities at an average cost of approximately $0.17 per finding, roughly one-sixth of the cost associated with comparable Claude-based workflows. Lower operating costs could make advanced AI-assisted vulnerability research accessible to a much broader range of organizations, independent researchers, and software security teams.

Additional benchmarking conducted by Graphistry reached similar conclusions, reinforcing the view that an openly downloadable Chinese model can compete with frontier U.S. AI systems in narrowly focused cybersecurity applications. The independent evaluations are particularly noteworthy because they relied on standardized testing methodologies designed to reduce benchmark contamination and minimize vendor-specific bias.

The findings arrive amid growing concern in Washington over the national security implications of frontier artificial intelligence. The Trump administration has increasingly treated advanced AI models such as Mythos and Fable as strategic technologies because of their ability to automate complex cybersecurity tasks, including discovering previously unknown software vulnerabilities that could potentially be weaponized in cyber operations.

Those concerns have shaped U.S. export control policies that restrict access to some advanced AI systems for foreign organizations, including researchers based in China. The underlying assumption behind these controls is that limiting access to the most capable American models would delay competing nations from acquiring comparable cyber capabilities. GLM-5.2's performance is prompting renewed questions about whether restricting model access alone can achieve that objective when capable alternatives are being developed elsewhere.

The discussion is further informed by Anthropic's Project Glasswing, which previously demonstrated the cybersecurity potential of frontier AI by identifying more than 10,000 critical software vulnerabilities during its initial research phase. The project illustrated how advanced language models can assist security researchers in reviewing large codebases, prioritizing weaknesses, and accelerating vulnerability discovery. If open-weight models begin approaching similar levels of performance, comparable capabilities may no longer remain exclusive to a small number of tightly controlled AI providers.

The latest development also comes shortly after OpenAI introduced GPT-5.6 with limited availability because of concerns surrounding misuse. Together, these decisions reflect a broader effort by U.S. AI developers to place increasingly capable models behind controlled access mechanisms while balancing innovation with national security considerations.

Cybersecurity researchers note that advances in open-weight models create opportunities as well as risks. Defensive teams could use these systems to automate code reviews, strengthen secure software development practices, and accelerate vulnerability remediation. At the same time, threat actors may attempt to exploit the same capabilities to identify weaknesses in software before organizations have an opportunity to patch them. Because GLM-5.2 can be downloaded and operated locally, these capabilities are available globally regardless of whether users have access to commercial U.S. AI services.

The emergence of GLM-5.2 does not necessarily indicate that Chinese AI has surpassed American frontier models across every benchmark. However, its strong performance in specialized cybersecurity evaluations suggests that the technological gap is narrowing in selected high-value domains. The development is likely to intensify debate over whether hardware restrictions and access controls alone are sufficient to preserve leadership in AI-driven cybersecurity, or whether future policy must place greater emphasis on strengthening defensive capabilities, accelerating software patching, and preparing for a world where advanced vulnerability discovery tools become increasingly accessible worldwide.

FCC Strengthens Cybersecurity Rules for Emergency Alert Systems and Undersea Cable Networks

 

The Federal Communications Commission (FCC) has approved a series of new regulations aimed at strengthening the cybersecurity of the United States' emergency communication systems while modernizing security requirements for the country's undersea cable infrastructure.

The newly adopted rules introduce stronger safeguards for the nation's two primary public warning platforms—the Emergency Alert System (EAS) and Wireless Emergency Alerts (WEA)—to reduce the risk of cyberattacks and unauthorized access.

The EAS is widely used by federal, state and local authorities to broadcast emergency information, including severe weather warnings, AMBER Alerts and other public safety notifications through television and radio networks. Meanwhile, the WEA delivers similar alerts directly to mobile devices through text messages.

According to the FCC, a successful cyberattack on either platform by a foreign government, cybercriminal organization or malicious actor could spread misinformation, create public confusion or disrupt emergency response efforts during critical situations.

Any vulnerability in systems like the Emergency Alert System “can have serious consequences,” said FCC Commissioner Olivia Trusty in a statement after the vote.

“That is why it has been appropriate for the Commission to conduct a comprehensive review of the EAS framework by focusing on the security of the system itself,” Trusty continued. “As cybersecurity threats continue to evolve, EAS participants must take appropriate steps to safeguard the infrastructure that supports the delivery of life-saving alerts.”

As part of the new cybersecurity framework, organizations responsible for operating EAS and WEA systems will be required to adopt stronger cyber hygiene measures. These include implementing robust passwords, promptly installing vendor-issued security updates and patches, and deploying firewalls to restrict unauthorized access to critical systems.

The FCC has also introduced a new authentication identification system that will verify emergency alerts before they are transmitted, helping prevent duplicate, fake or unauthorized alerts from being distributed.

In a separate decision, the Commission also approved its first major overhaul of submarine cable regulations in several decades. The updated framework seeks to enhance cybersecurity oversight for undersea cable infrastructure while simplifying licensing procedures for trusted operators.

Under the revised rules, certain undersea cable providers will no longer be required to undergo the extensive national security licensing review conducted by "Team Telecom" before operating cables connected to U.S. territory.

Team Telecom is an interagency group led by the Department of Justice's Foreign Investment Review Section, along with other federal agencies that evaluate the national security implications of telecommunications infrastructure.

The updated policy allows submarine cable applicants to qualify for an exemption if they can self-certify that they meet high security standards designed to improve certainty, streamline reviews and shorten licensing timelines.

“Currently, all submarine cable applications get referred to Team Telecom…the changes adopted would exempt applications from applicants that have operated cables without incident, can certify to the highest national security standards, and agree to ongoing oversight and monitoring,” the FCC said in a release.

The new regulations also expand the FCC's oversight of key operational components within submarine cable systems. Companies responsible for submarine line terminal equipment, which connects undersea cables to U.S.-based terrestrial facilities, will now be required to obtain licenses.

Additionally, the Commission has introduced updated security measures to address risks associated with essential equipment, third-party vendors and vulnerabilities across the broader submarine cable supply chain, further strengthening the resilience of critical communications infrastructure.