Feed aggregator

The Trump administration has tied new requirements to election security grants. Some states told NPR they're passing on the grants as a result.

(Image credit: David Sharp)

High mortgage rates cooled home sales over the last few years. But data released this week shows signs that things may be thawing a bit.

(Image credit: Joe Raedle)

The Trump administration has moved to end temporary protected status for immigrants from Honduras and other countries. Among them are health care workers tending to older and disabled people.

(Image credit: Jackie Lay)

An expectant mom got a $750 bill for a blood test to check for genetic abnormalities in her baby. Then she tried to figure out why it was so high.

(Image credit: Halfpoint Images/MomentRF)

The Justice Department is expected to deliver files from its Jeffrey Epstein investigation to the House Oversight Committee starting Friday. The panel plans to release some of the files publicly.

(Image credit: Stephanie Keith)

In March, the US Agency for International Development (USAID) employees faced abrupt dismissal by the newly formed Department of Government Efficiency (DOGE). This agency-on-agency downsizing left many employees in security limbo – without jobs but with access to government-issued devices.

There was no immediate revocation of endpoint credentials, remote lockouts, or retrieval of the hardware and its crucial data. “The agency doesn’t even know how to turn off access to the systems for everyone on administrative leave,” said a former deputy administrator.

While unintended, these abrupt public service cuts created endpoint and cybersecurity holes. USAID manages sensitive geopolitical information and yet there was no reliable mechanism to de-provision devices.

This situation highlights a common weakness across federal agencies – device footprints are often large and poorly administered, thereby turning every endpoint into a potential backdoor.

This just isn’t good enough. Let’s look at what every government agency requires to better manage, monitor, and protect its endpoints.

Don’t let ghost devices haunt public sector networks

First, cuts without security planning exacerbate the problem of “ghost devices”: endpoints that disappear without proper offboarding end up as unknown and unseen attack vectors. These invisible laptops, phones, and tablets across government networks become much more likely when endpoints take a backseat to efficiency.

Unfortunately, agencies solely focused on the budget bottom line often fail to invest in systems that precisely show what devices are on the network, which are active, and who’s using them. Not having this kind of information creates a security headache and inefficiency in the race to efficiency.

When restructuring happens overnight, endpoint management strategies help agencies maintain control even when human resources processes are chaotic. The last thing admins want is to manually track down endpoints by relying on spreadsheets, email trails, or someone’s memory.

If efficiency is the goal, agencies should recognize that dealing with lost or compromised endpoints is ultimately more expensive and embarrassing than investing in proper mobile device management (MDM) from the start.

Don’t wait for trouble to call IT

Likewise, with no forcing function or endpoint system in place, response times suffer. The period between when devices go missing or when users leave their positions and admins step in is vital. But understaffed and under-resourced IT teams can create dangerous lags. In this window, bad actors can crack devices to copy files, exploit credentials, and intercept sensitive communications.

If a unified endpoint management solution had been in place at USAID, it would’ve been significantly easier and faster to account for each device even after the dismissals. Access could have been revoked remotely and the data wiped clean – a win for cybersecurity that sidestepped the ensuing bad press.

Another good way to avoid this scenario is by controlling who can access what data and when. This is possible with access and identity management platforms, and most effective when coupled with zero trust. This principle ensures that no device or user is inherently trusted and creates additional security layers that verify each access attempt. This way, even if a device falls through administrative cracks, these systems in concert limit the damage by preventing unauthorized access.

To be truly efficient, government networks need to shift from reactive to proactive postures. This means automated alerts when devices go offline in unusual circumstances, geolocation tracking, remote locking capabilities, and emergency wiping protocols. Whether devices are halfway around the world or down the hall, giving admins these powers goes a long way to nipping live threats in the bud.

Ironically, this approach actually maximizes the value of government technology investments throughout their lifecycle and helps achieve the stated desire for public sector efficiency.

Don’t let good tech die young

Government efficiency initiatives often focus on headcount when significant savings can be found in the total cost of tech ownership. The federal government spends almost four times more on technology per employee than other industries. Agencies can lower this figure by improving how they recondition endpoints and return them to the frontlines.

Effective endpoint management creates genuine efficiency by allowing agencies to remotely reset laptops and redeploy them with fresh policies. As a result, rather than premature retirement, admins and agencies can extend hardware lifecycles for substantial savings. This approach also advances sustainability goals and addresses equity gaps when properly wiped devices are redeployed to underserved agencies or programs.

Going forward, the public sector must think holistically about what it’s cutting. Decision-makers must consider both the human cost – thousands of careers disrupted and institutional knowledge lost – and the technical implications of such rapid workforce changes. Frank discussions with admins about how these decisions affect the broader ecosystem are therefore essential.

Letting people go while ignoring their device access and data security is unacceptable. Agencies need both protocols and platforms to ensure devices can be remotely managed and appropriately reassigned. Improved endpoint management won’t solve every challenge in the public sector, but it can help put agencies back in control of their devices and destiny.

We've featured the best endpoint protection software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Peacemaker season 2's premiere drops plenty of hints about Batman
• This season's first episode contains multiple references to The Dark Knight
• Other DCU projects confirmed The Caped Crusader already operates in this universe

Peacemaker season 2 has finally made its long-awaited debut – and the popular HBO Max show's latest installment wastes no time letting us know that Batman already exists in the DC Universe (DCU).

Admittedly, previous DCU projects have done that. Creature Commandos episode 6 revealed the DCU's Batman for the first time – albeit in silhouette form – while James Gunn's Superman movie contained a blink and you'll miss it reference to Gotham City via a road sign.

Nevertheless, the first episode of Peacemaker's sophomore season really drives home that Bruce Wayne has been operating as his vigilante alter-ego for some time – and six specific Easter eggs that prove it.

Full spoilers immediately follow for Peacemaker 2's inaugural chapter.

Krank Toys is a nationwide toy and model business that exists in the DC Universe (Image credit: HBO Max)

The first of those happen 12 minutes into this season's opener, titled 'The Ties That Grind'.

As Leota Adebayo and Chris Smith pull up to the place where the latter's Justice Gang interview is being held, said venue bears the name Krank Toys.

A business founded and run by Griffin Krank, and later taken over by his son Cosmo after his father's death, the Gotham City-based enterprise and the Krank family weren't created for DC Comics. Indeed, they were specifically made for 2004 animated series The Batman (NB: not to be confused with its 2022 Matt Reeves-directed movie namesake). In that show, the Kranks made futuristic but dangerous toys and, after Bruce Wayne used his considerable clout to shut it down, Griffin adopted the supervillain pseudonym Toymaker to enact revenge on Wayne.

Jaina Hudson, is that you? (Image credit: HBO Max)

The DCU TV Original's next Batman Easter egg appears moments later. As Smith approaches the building's entrance, one of its bodyguards opens the door and a visibly upset woman, who's dressed in a white rabbit costume, walks past Smith.

A criminal known as the White Rabbit – real name Jaina Hudson – exists in the comics. And, given Hudson's alias appears in episode 1's end credits sequence, it's clear this individual in 'The Ties That Grind' is the Gotham-based socialite who moonlights as a crook. So, it's another fun call-back to a member of the Caped Crusader's stacked rogues gallery.

Sasha Bordeaux's backstory has been altered for Peacemaker season 2 (Image credit: HBO Max)

15 minutes pass before the DCU Chapter One TV series drops its next Batman reference in the form of ARGUS agent Sasha Bordeaux, played here by Sol Rodríguez.

Created by Greg Rucka and Shawn Martinbrough, and debuting in 'Detective Comics #751' in December 2000, Bordeaux has big ties to The Dark Knight. I won't spoil anything about her comic book history here in case any of it has been adapted for her live-action take in the DCU. However, speaking to me ahead of the show's return, Rodríguez told me she's "really love" it if Bordeaux appears in the DCU's Batman film, which is currently titled The Brave and the Bold. We'll see if her wish is granted post-season 2.

It sounds like the general populace is growing increasingly concerned about metahumans... (Image credit: HBO Max)

Easter egg number four appears – or, rather, is heard – during the news report Rick Flag Sr is watching before Bordeaux enters his office to inform him of the "glitch" they've been keeping tabs on at Smith's home (i.e. Smith using the Quantum Unfolding Chamber to access another dimension).

In said news bulletin, the anchor says there have been three breakouts at Belle Rive Penitentiary and Arkham over the past two months. The latter is, unsurprisingly, a reference to Arkham Asylum, the psychiatric hospital that supervillains captured by Batman are sent to.

A blink and you'll miss it creature feature (Image credit: HBO Max)

The penultimate Easter egg can be glimpsed in the trophy room of the Smith household that exists in the alternate universe we'll see throughout season 2.

As the DCU's Chris Smith inspects some framed newspaper clippings of his family's heroic exploits in this parallel dimension, one such article reveals they thwarted something know as the Rainbow Creature. A powerful Abominable Snowman-type character, this monster first appeared in 'Batman Vol. 1 #134' in September 1960. Created by Bill Finger and Sheldon Moldoff, it hails from South America and has access to various superpowers, including pyrokinesis and the ability to vaporize objects, by way of its multi-colored fur.

Keith Smith namedrops the city patrolled by Nightwing in this season's premiere (Image credit: HBO Max)

The final reference in one of the best HBO Max shows' second season isn't specific to Batman. Given his ties to the hero it's related to, though, it still counts.

So, what is it? When the DCU's Smith stumbles outside and meets his brother Keith, who's alive and all grown up in this alternate reality, the latter says to the former "I thought you were in Bludhaven". That's the Gotham-adjacent city protected by Nightwing, aka Dick Grayson. He's one of many individuals to assume the superhero identity of Robin, i.e. Batman's sidekick, in DC Comics.

For more on Peacemaker's latest season, read my Peacemaker season 2 release schedule guide to find out when new episodes will be released. Then, check out my Peacemaker season 2 review, which contains clues about what might happen in episodes 2 through 5.

You might also like

• Peacemaker season 2 episode 1 solves a big mystery about the HBO Max show's first season – and it's all thanks to James Gunn's Superman
• Peacemaker season 2 cast tease what's next for the 11th Street Kids in the hit HBO Max show: 'it's something new'
• When is James Gunn's Superman movie coming to HBO Max and other streaming services?

Konami’s 2004 stealth classic Metal Gear Solid 3: Snake Eater is one of the best games ever made. Yet the idea of a remake didn’t exactly conjure the joy that one would usually get from hearing their favourite game is getting remade. After the fallout between Konami and series creator Hideo Kojima and the 10-year series hiatus that ensued (not counting the dreadful Metal Gear Survive), I had my doubts.

Review info

Platform reviewed: PS5 Pro
Available on: Xbox Series X, Xbox Series S, PS5, PC
Release date: August 29, 2025

And yet, Metal Gear Solid Delta: Snake Eater is fantastic; there are no awkward changes to the story or pacing like the Silent Hill 2 remake, or really any attempts to touch the game I love so much… because it is still that game.

Metal Gear Solid Delta is firmly in the Dead Rising Deluxe Remaster or The Legend of Zelda: Link’s Awakening camp of remakes as it is so beholden to the source material that it struggles to find an identity of its own outside of the fact that it looks pretty now.

Remember the Alamo

(Image credit: Konami)

Snake Eater represents the earliest point in the Metal Gear timeline, in which you play as Naked Snake before he goes on to become the legendary soldier Big Boss in the midst of the Cold War. A rescue mission gone wrong means he has to battle his mentor, The Boss, destroy the not-quite-a-Metal-Gear, Shagohod robot, and prevent the Cold War from becoming a hot one.

Naked Snake is by far the most compelling protagonist in the series, by the sheer virtue of being the most relatable. Both Solid Snake and Raiden were bred to be the greatest possible soldiers, while Naked Snake is just a guy.

Early on you see him pull a stupid grin because he realises he can drop a beehive on someone; he completely blanks out sleeper agent Eva’s advances because he’s so enamoured with the cool gun she gave him. These little touches make him a far more compelling character and allow for the finale to deliver an absolute gut punch at its emotional climax.

(Image credit: Konami)

Your main adversaries this time are the Cobra unit, a group of legendary soldiers like one who shoots bees out of his mouth or the sniper who is 100 years old and can die of old age if you save the game during his fight and come back later.

Then there’s the main antagonistic trio of Snake’s mentor, The Boss; series staple Revolver Ocelot in his awkward early years; and Volgin, a sadistic colonel who is as filled with pomp as he is an abhorrent human being.

There really isn’t a character in Snake Eater that feels underdeveloped. I’m not typically a big audio log person, but I found myself returning to the codec call screen to chat with Snake’s allies – even after beating the game many times before now – just because I love the banter between them.

There are even characters who appear for literally one scene – like the Soviet scientist Aleksandr Granin – and are unforgettable thanks to Kojima’s signature monologue and exposition sequences.

The mission, or your beliefs?

(Image credit: Konami)

Snake Eater moved the series away from its then-standard military base infiltrations – where stealth was more straightforward – and moved into the Russian jungles. Now that you’re dealing with foliage, caves, mountains, and the odd encampment, stealth is very freeform.

In Metal Gear Solid Delta, it’s all pretty much how you remember it, the only difference being that the game’s control scheme has been updated to be more in line with later entries in the series. It introduces the over-the-shoulder camera and crouch-walk from Metal Gear Solid 4 (which was implemented into the 3DS version of Snake Eater) and makes the controls more in line with a standard third-person shooter (triggers to aim and shoot, circle to crouch etc.). But you shouldn’t expect something revolutionary.

Snake Eater’s other major addition was that of survival mechanics. You could change camo to help you blend into environments, eat food (including snakes, funnily enough) to keep your stamina up, and heal various injuries and ailments. In the original these were accessed through the pause menu, but while that’s still the case, this time it’s been streamlined somewhat.

Holding up on the d-pad will open up a camo menu for you, showing some combinations that you can switch to in an instant; when you’re injured, pressing up will take you straight to the cure screen too. Again, it’s nothing transformative, but it’s a nice quality of life update. You also get an autosave every time you enter a new area, which makes doing the hardest challenge run – Foxhound rank – less obnoxious.

Best bit

(Image credit: Konami)

Snake Eater is a game filled to the brim with memorable moments, but the updated visual fidelity and foliage really add to the intensity of the sniper battle with The End. What was already one of the best boss battles in the series gets a boost from it being even harder to find your opponent.

But Metal Gear Solid Delta isn’t really doing anything new. All of the level layouts, enemy placement and items are the exact same as they were on the PS2. It’s so strictly beholden to the original that you can interrogate guards, and they will still give you codes to use in the PSP’s Metal Gear Acid, which isn’t even a game you can buy officially anymore. Plus the opening and closing credits are ripped straight from the original (a lot of Hideo Kojima name drops), with you having to go into the extras menu to actually see the new development team.

Granted, it does bring back some of the things I would not expect, including things that were taken out of later re-releases like the Snake Vs Monkey mode, which isn’t as fantastic as the other half of that Metal Gear x Ape Escape crossover, but it’s a fun little distraction.

Plus, there’s a “Legacy Mode” option that lets you revert to the original control scheme complete with fixed cameras, a visual filter, and the old versions of the opening theme and main menu.

Kuwabara kuwabara

(Image credit: Konami)

The other major change with Metal Gear Solid Delta is how it looks, with the Russian jungle rendered beautifully in Unreal Engine 5, and I really can’t fault it on that front. The character models do present an issue, though. On paper they look great, and some characters really take to the new style – like Volgin, whose facial scarring looks much better and more identifiable with the new tech. But others like Ocelot and The Boss, look somewhat uncanny at points, with their faces feeling off at certain angles.

This is paired with Metal Gear Solid Delta using the original voice recordings from Metal Gear Solid 3 with only minor new lines recorded to cover for the different control scheme and a couple of easter eggs during codec calls. Metal Gear voice acting is always quite over the top, and as such feels a little weird coming out of the mouths of these hyper realistic character models.

Metal Gear Solid Delta is in a weird spot. I don’t think a massive overhaul like the Resident Evil remakes would have gone down well in a post-Kojima release, so I get why Konami remade it this way (and frankly it’s probably the way I wanted to see it remade). But, at the same time, I don’t really get a sense of what the series looks like going forward like I could with the Silent Hill 2 remake because it is so faithful.

But regardless, it’s still a remake that feels great to play and (mostly) looks fantastic. It doesn't do much to carve out its own unique identity, but as an entire package Metal Gear Solid Delta is as much of a masterpiece as the original Snake Eater was in 2004.

Should you play Metal Gear Solid Delta: Snake Eater?Play it if...

You haven’t played Snake Eater in a while
While Metal Gear Solid Delta: Snake Eater doesn’t have a whole lot to actually update the game, it’s a nice way to return to it. The updated controls – while not transformative – do streamline things somewhat, and the game looks fantastic.

You haven’t played a Metal Gear game
As much as the purist in me shudders at not starting with Metal Gear Solid (which you can get in the Master Collection), some just don’t vibe with older games. So out of the modern Metal Gear games available, it’s the best starting point for the story compared to 5.

You like a game with a good story
The original Metal Gear Solid 3 is one of my favourite stories in gaming, and it’s untouched here, and even after playing through it god knows how many times, the story still hits. It’s a far more personal story than your typical spy thriller but has the usual world-ending threat and camp silliness of your average Bond film.

Don't play it if...

You want a new experience from Snake Eater
Ultimately this is an incredibly faithful remake. Outside of updated visuals and the controls from the 3DS version, it’s almost literally the exact same game down to the smallest details. So if you don’t enjoy remakes akin to Link’s Awakening and Dead Rising Deluxe Remaster and prefer something transformative like the Resident Evil remakes, you’re not going to get your money’s worth.

Accessibility

Metal Gear Solid Delta: Snake Eater features a number of accessibility options.

The majority of these are control-based allowing you to swap held inputs into tap. For example, when dragging an enemy, you typically would have to hold the button the entire time, but you have the option now to tap once to grab and tap again to let go.

There are also in-depth subtitle options allowing you to choose sizes, backgrounds, and speaker names with separate options for gameplay and cutscenes. There are colourblind filters present, but these are specifically for the UI and don’t seem to have any effect in-game.

(Image credit: Konami)How I reviewed Metal Gear Solid Delta: Snake Eater

I played 30 hours of Metal Gear Solid Delta: Snake Eater on PS5 Pro on a Samsung Q60D TV and a Samsung HW-T450 soundbar.

During this time I completed a 16 hour run of the game on Normal in the New Style with the majority of hidden items and weapons collected, defeated every enemy and boss non-lethally, attained the Tsuchinoko rank, and learnt the parry timing of the final boss the hard way.

I also completed the Virtuous Mission in Legacy mode on Hard and completed the New Game+ on Extreme, attaining the Foxhound Rank which is the toughest challenge in the game - made a bit less extreme thanks to autosaves.

First reviewed August 2025

GenAI tools such as ChatGPT, Gemini, and Copilot have become essential components of modern workflows, significantly saving countless hours and revolutionizing various tasks. 42% of enterprises actively deployed AI, and 40% are experimenting with it and 59% of those using or exploring AI have accelerated their investments over the past two years.

Their widespread adoption across industries has demonstrably boosted efficiency and productivity, making them indispensable for many organizations across almost all industries.

However, the rapid integration and reliance on GenAI tools have inadvertently fostered a dangerous sense of complacency within organizations.

While these tools are easy to use and offer widespread benefits, ignoring the consequences of misuse and even malicious use has led to a serious underestimation of the inherent risks tied to their deployment and management, creating fertile ground for potential vulnerabilities.

When Innovation Hides Exposure

While typical users may not consider the vulnerabilities that GenAI tools bring, many CISOs and AI leaders are increasingly concerned about the misuse that’s unfolding quietly beneath the surface.

What often appears to be innovation and efficiency can, in reality, mask significant security blind spots. By 2027, it is estimated that over 40% of breaches will originate from the improper cross-border use of GenAI. For CISOs, this isn't a distant concern but an urgent and growing risk that demands immediate attention and action.

The exploitation of everyday AI users isn’t just a scary headline or a cautionary tale from IT—it’s a rapidly growing reality. These emerging attacks are sweeping across industries, catching many off guard. Just recently, researchers disclosed a Microsoft Copilot vulnerability that could have enabled sensitive data exfiltration via prompt injection attacks.

The ongoing underestimation of basic AI usage risks within organizations is a key driver of this emerging danger. The lack of awareness and robust policies surrounding the secure deployment and ongoing management of GenAI tools is creating critical blind spots that malicious actors are increasingly exploiting.

A New Security Mindset

The evolving landscape of GenAI presents a critical inflection point for cybersecurity leaders. It's imperative that CISOs and industry professionals move beyond the initial excitement and acknowledge that these tools have inherent risks that have been introduced by the widespread adoption of these powerful tools.

The current situation, marked by rapid integration and security oversight mixed with dangerous complacency, demands a fundamental shift in how organizations perceive and manage their digital defenses especially with AI.

The future of network security hinges on intelligent, comprehensive monitoring systems capable of understanding normal behavioral patterns and rapidly identifying deviations. This approach is not only crucial but paramount for detecting sophisticated threats that bypass traditional defenses.

Tools that can defend and protect against highly sophisticated threats need to include advanced capabilities at their core. Particularly, when considering scenarios where seemingly innocuous actions, like using a basic GenAI chatbot could lead to the silent exfiltration of sensitive corporate data, without user interaction or explicit warnings.

In these instances, traditional signature-based detection methods would likely prove ineffective. Therefore, it's imperative to begin leveraging advanced pattern recognition and behavioral analysis to combat threats specifically designed to evolve and evade detection.

Trust in AI Starts from Within

With the rise of increasingly sophisticated threats pressing closer to the enterprise perimeter, organizations must take decisive and actionable steps. This begins with addressing internal distrust of AI. Roughly three-quarters of AI experts think the technology will benefit them personally, however, only a quarter of the public says the same.

Fostering an environment where employees understand both the advantages and the risks associated with its use is essential to bridging this gap in perception. The promotion of responsible usage across the organization lays the groundwork for a more secure adoption of GenAI technologies.

While traditional human error remains a threat, the widespread adoption of GenAI has created a new, more subtle class of behavioral risks. Equipping employees with the knowledge to use GenAI tools securely is essential and should include comprehensive training, setting clear usage guidelines, and implementing robust policies tailored to defend against AI-driven attack vectors.

As the AI landscape adapts and changes, security frameworks must be continuously updated to keep pace with these evolving threats and to ensure appropriate safeguards are in place.

Real Security Starts with Behavior Change

Despite technological advancements, attackers continue to exploit human error. Today’s most significant data exposure isn't necessarily from a phishing link, while still a prime point of entry for threat actors; it's from an employee pasting proprietary source code, draft financial reports, or sensitive customer data into a public AI chatbot to work more efficiently.

In turn, companies must adopt strategies that address human behavior and decision-making. In an attempt to boost productivity they inadvertently externalize intellectual property.

This requires companies to evolve their approach beyond periodic training. It demands continuous engagement focused on GenAI-specific scenarios: teaching employees to recognize the difference between a safe, internal AI sandbox and a public tool.

It means creating a culture where asking "Can I put this data in this AI?" becomes as instinctual as locking your computer screen. Employees must be equipped to understand these new risks and feel accountable for using AI responsibly.

Demonizing AI usage, even basic use will never solve the problem at hand. Instead, embracing a secure approach to GenAI from a holistic point of view empowers employees to leverage these powerful tools with confidence to maximize their operational advantages while minimizing exposure to risk.

By leading with clear guidance, highlighting potential warning signs and operational risks, organizations can significantly reduce the chances of data breaches related to improper AI usage, ultimately protecting critical assets and preserving organizational integrity.

We feature the best firewall for small business.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

In 2025, enterprises are caught in an invisible battle between algorithms. Artificial Intelligence (AI) has emerged as a tool for both defenders and attackers. This duel between “Good AI” and “Bad AI” is reshaping how enterprises approach security in an increasingly connected and complex world.

While AI empowers organizations to detect, prevent, and counteract evolving threats, bad actors have weaponized the same technology to create more sophisticated and elusive attacks.

So, what defines Bad AI, and how does Good AI counter it? And more importantly, can enterprises embrace advanced cybersecurity strategies to remain resilient in the face of this evolving threat landscape?

AI – The Double-Edged Sword

The clash between Good AI and Bad AI is a battle of intelligence, adaptation, and creativity, driven by ever-evolving systems. Bad AI, embedded in malicious software, is advancing fast, allowing hackers to bypass defenses, infiltrate networks, and compromise sensitive data through behavior modification and imitation of legitimate system activities. For instance, malware like Emotet has leveraged AI to evolve, making it increasingly elusive and harder to neutralize.

In response, Good AI counters these threats by analysing massive datasets, identifying risks, and even predicting attacks before they occur, positioning itself as an enterprise’s strongest ally in staying one step ahead of attackers.

AI is not solely about the adversarial. Trust, transparency, and human alignment are the main goals of good AI. It is intended to preserve privacy, ethics, and security while also evolving responsibly.

Bad AI exploits its power - hiding behind layers of opacity, bias, and harmful intentions.

The cost of inaction: Why proactive defense is non-negotiable

According to research by the World Economic Forum, cybercrime costs are expected to reach $10.5 trillion annually by 2025, with the costs to British businesses amounting to £27 billion a year.

This not only reflects financial losses, but also broader consequences such as weakened trust, reputational damage, and operational disruptions caused by cyberattacks. And it doesn't end there. These attacks will increase in frequency and difficulty as the AI era progresses.

The rapid evolution of AI means that enterprises can no longer depend on traditional, reactive security measures. Cyberattacks are not only growing in volume but becoming increasingly tailored, adaptive, and intelligent. Attackers are leveraging AI to not only craft sophisticated phishing schemes but compromise privileged accounts and deploy evolving malware.

Without robust, proactive strategies, organizations risk falling behind and leave themselves vulnerable to breaches that can disrupt their operations.

To navigate this complex landscape, enterprises must embrace a resilience mindset - one that prioritizes not just protection but also adaptability, foresight, and innovation. Here are five key strategies enterprises can adopt to build proactive, AI-driven defenses:

1. AI-powered threat detection and response

Traditional defense mechanisms are no longer sufficient, as enterprises now require predictive AI-powered threat intelligence platforms that analyze vast datasets, detect anomalies, and identify attack vectors before they occur.

Operating autonomously, these platforms neutralize threats in real time, reducing human error and enabling faster, data-driven responses. AI systems can anticipate phishing attempts by analysing user behaviors and patterns, flagging suspicious activity early to prevent breaches.

This real-time protection, combined with continuous evolution, ensures defenses stay effective against ever-changing threats.

2. Zero Trust enhanced by AI

The Zero Trust model is a cornerstone of modern cybersecurity, and its effectiveness increases exponentially when combined with AI. AI-powered Identity and Access Management (IAM) systems evaluate risks in real time by analysing factors like user behaviors, geolocation, and device health.

Through continuous monitoring of access points, AI ensures only authorized individuals access sensitive data, significantly reducing the risk of both insider threats and external breaches.

3. Self-healing networks

AI-powered self-healing networks will redefine resilience by automatically identifying security breaches, isolating compromised components, and restoring them to a secure state without human intervention.

By leveraging AI-enabled automation, these networks ensure business continuity during sophisticated attacks, mitigating risks, reducing operational downtime, and keeping enterprises functional and efficient amid evolving threats.

4. Blockchain-integrated data integrity

As AI becomes pivotal in cybersecurity, ensuring data integrity is essential, and blockchain technology offers a robust solution by providing an unchanging ledger that guarantees authenticity and prevents tampering.

By leveraging blockchain-enabled frameworks, organizations can secure transactions in real time, flag anomalies, and enhance transparency, ensuring data remains trustworthy even in highly targeted attack environments.

5. Collaborative Threat Intelligence

AI-driven threat intelligence platforms enable organizations to share information on attack vectors, vulnerabilities, and tactics globally, fostering a collaborative approach to cybersecurity.

This strengthens industry resilience and enhances defenses against sophisticated adversaries, ultimately helping organizations stay ahead of emerging threats.

Security frameworks

For CIOs, CISOs, and business leaders, the challenge is no longer whether to adopt AI in cybersecurity frameworks, but how to do so effectively. The key lies in understanding AI’s full potential, not just as a protective force but as a dynamic, evolving capability that requires continuous refinement, training, and alignment with strategic objectives.

Organizations must invest in equipping their teams with the knowledge and skills to work with AI systems effectively. Technical training, adaptive defenses, proactive monitoring, and an understanding of both the capabilities and limitations of AI will define the businesses that thrive in an AI-powered future.

Successful defense with smarter AI

The battle between Good AI and Bad AI is far from over - and it’s one that will continue to shape the cybersecurity landscape for years to come. However, the enterprises that lead this fight will be those that not only deploy AI for defense but also foster a deep understanding of how it works, how it evolves, and how it can fail.

By transitioning from reactive to proactive AI-driven strategies, businesses can ensure long-term digital resilience. Equipping AI with moral and ethical guardrails, aligning it to the greater good, and investing in continuous innovation will be critical for building smarter, stronger defenses.

We feature the best endpoint protection software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

From cutscene tips to early item grabs, here's my advice for getting started with the remake of one of my personal favorite Metal Gear games.

Quantum computing has long occupied the edges of our collective imagination – frequently mentioned, rarely understood. For many, it remains a distant prospect rather than an immediate concern. But that mindset is fast becoming a risk in itself.

While understanding may be limited today, that must quickly change. Quantum computing has long been viewed as a technology several decades away, but recent breakthroughs suggest it could arrive far sooner.

Google’s Willow and Microsoft’s Majorana chips signal rapid technical acceleration, and the UK Government’s £500 million investment in quantum innovation confirms that global leaders are no longer treating this as speculative, but as a strategic priority.

Despite this, only 35% of professionals surveyed by ISACA believe quantum will enter the mainstream within years rather than decades, highlighting just how much industry perception is lagging behind reality.

That disconnect extends beyond expectations – it’s impacting readiness. Most organizations have yet to factor quantum into their cybersecurity planning, even though the technology is set to fundamentally reshape how vast sectors of society operate online.

This isn’t just about adopting a new form of computing – it’s about protecting the systems, economies and infrastructures that underpin our digital lives. And that starts with truly understanding what quantum is, and how it could both redefine and disrupt the cybersecurity landscape.

The Fundamentals: A Primer on Quantum Computing

If classical computers are powerful calculators, quantum computers are like probability engines, processing information in ways that allow them to explore many possibilities simultaneously.

Classical computing relies on bits, which are binary units of information that can either be 0 or 1. Quantum computers, by contrast, use qubits (quantum bits), which can be both 0 and 1 at the same time – a phenomenon known as superposition. Qubits can also be entangled, meaning the state of one can instantly influence another, even at a distance.

This means quantum computers can perform complex calculations by exploring multiple paths at once, rather than one-by-one. Where a classical computer might take thousands of years to crack encryption software or simulate a protein structure, a quantum computer could, in theory, complete the task in seconds.

But this is not about speed alone – it’s about capability. Quantum computing makes it possible to solve problems previously considered intractable: from modelling complex chemical reactions at the atomic level, optimizing vast and variable systems like global logistics, to breaking the mathematical problems that make today’s encryption secure.

When it comes to AI the effect is expected to be hugely transformational as the capability of Quantum will lead AI to a new era, both in terms of its level of intelligence and value but also in terms of the risks that come along with AI. These breakthroughs will have profound implications for the systems that underpin daily life, including cybersecurity, healthcare, and finance.

Why Quantum Matters: Revolutionary Potential Across Sectors

Quantum computers won’t replace classical machines, but they will be used to solve problems that today’s systems simply can’t at exponentially faster speeds. Their ability to handle complexity at scale means quantum computing will unlock solutions that were previously impossible or impractical, with major implications across a range of sectors.

This potential is already being recognized by many in the industry. ISACA’s Quantum Pulse Poll found that a majority (56%) of European IT professionals welcome the arrival of quantum computing, with the same number predicting that it will create significant business opportunities.

In healthcare, quantum systems could accelerate drug discovery by modelling molecules and protein folding far more accurately than classical machines allow. In business and finance, they could transform how organizations optimize supply chains, manage risk, and harness artificial intelligence to process and learn from vast datasets.

In cybersecurity, quantum has the power to redefine how we protect systems and data. Quantum Key Distribution could enable theoretically unbreakable encryption. AI-driven threat detection could become faster and more effective. And quantum-secure digital identity systems could help prevent fraud and impersonation.

But while these developments hold huge promise, they also introduce one of the most serious challenges facing cybersecurity today.

Quantum and Cybersecurity: A Looming Disruption

This isn’t a distant concern. Over two-thirds (67%) of cybersecurity professionals surveyed by ISACA believe that quantum computing will increase or shift cyber risk over the next decade, and it’s not hard to see why.

At the center of concern is encryption. Today’s most common cryptographic methods, like RSA and ECC, are built on mathematical problems that classical computers can’t solve in practical timeframes. But quantum machines could crack these with relative ease, putting the security of data at serious risk.

This raises the very real threat of “harvest now, decrypt later” where malicious actors steal encrypted data today, intending to unlock it once quantum capabilities arrive. Sensitive information considered secure now, such as financial records, personal data, and classified communications could be exposed overnight.

The implications are vast. If these foundational algorithms are broken, the ripple effect would be felt across every sector. Cryptography underpins not just cybersecurity systems, but digital infrastructure itself, from banking and healthcare to identity verification and cloud computing.

As quantum advances, preparing for this threat is no longer optional. It’s a critical step toward protecting the digital systems we all rely on.

The Reality Check: How ready are we for quantum?

While the pace of quantum innovation accelerates, organizational readiness is not keeping up.

Few organizations have started preparations. Just 4% of IT professionals say their organization has a defined quantum computing strategy in place. In many cases, quantum is still entirely off the radar. More than half of respondents (52%) report that the technology isn’t part of their roadmap, with no plans to include it.

Even when it comes to mitigation, most have yet to take basic steps. Despite the risks posed to current encryption standards, 40% of professionals say their organization hasn’t considered implementing post-quantum cryptography, creating worrying potential for disruption.

Part of the challenge lies in awareness. Quantum remains unfamiliar territory for most professionals, with only 2% describing themselves as extremely familiar with the technology. And while the U.S. National Institute of Standards and Technology (NIST) has spent more than a decade developing post-quantum encryption standards, just 5% of respondents say they have a strong understanding of them.

Meanwhile, global progress on quantum development continues to accelerate. Commercial applications are likely to arrive sooner than many expect, yet they may do so in a digital ecosystem unfit to cope. If encryption breaks before defenses are in place, the consequences could be severe, with widespread operational disruption, reputational harm, and regulatory fallout.

Preparing for quantum is no longer a theoretical exercise. The risk is real, and the window for proactive action is closing.

Preparing for the Post-Quantum Future

Preparing for quantum computing isn’t just a technical upgrade – it’s a strategic imperative. Yet most professionals still lack the awareness and skills needed to navigate what’s coming. Quantum education must now be a priority, not just for security teams, but across leadership, risk, and governance functions.

Governments have a role to play too. The UK’s £60 million investment in quantum skills is a strong start, but long-term readiness will depend on sustained collaboration between public and private sectors.

For organizations, action is needed now. That means identifying where quantum could pose a risk, assessing encryption dependencies, and beginning the shift to quantum-safe systems. Crucially, none of this will be possible without the right expertise.

Developing a holistically trained workforce on quantum (whilst continuing to do this for AI) will enable organizations to apply new technologies effectively and securely before the threats materialize.

Quantum brings extraordinary potential, but it also demands urgent preparation. Those who act early will be far better positioned to secure their systems and lead confidently in a post-quantum world.

We've featured the best cloud firewall.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Microsoft’s decision to extend security updates for Windows 10 offers welcome breathing room for businesses still navigating complex migration paths. The move aligns with the tech giant’s long-standing pattern of accommodating the slower pace of enterprise IT change, giving organizations time to budget, plan and maintain operational continuity.

For many IT teams, this extension helps manage short-term risk and avoid disruption, particularly for those still reliant on existing infrastructure or specialist applications. But while this reprieve buys time, it does also delay the inevitable, potentially compounding the challenge.

As we’ve seen with previous extensions, each delay risks the loss of critical internal knowledge, as the people and vendors who originally managed these systems move on.

Over time, what could have been a straightforward application and data migration becomes a complex, costly rescue mission. The longer businesses wait, the more they risk accumulating technical debt, becoming dependent on expensive external partners and missing out on innovation. As such, organizations must treat the extension as a final window to take action before the real cliff edge arrives.

Here I explore the pros and cons of the recent Windows 10 security update extension and what considerations businesses should be contemplating over the forthcoming months.

The pros

Let’s start with the obvious. An extension provides extended breathing room and gives organizations more time to plan and execute a migration strategy without immediate pressure. Concurrently, this reduces short-term risk, as continued security updates help mitigate vulnerabilities while businesses remain on Windows 10.

This provides operational continuity and avoids any disruption for businesses still dependent on existing, well-established applications or IT infrastructure.

More broadly, the extension offers budget flexibility. IT departments can spread out migration costs over a longer period, which can help with financial planning, especially in a climate of ongoing budget pressures.

It also provides alignment with past practices, keeping consistent with Microsoft’s historical approach of offering extended support to accommodate slow-moving enterprise migrations.

The cons (and the real risks)

An extension may provide breathing room, but this also creates a false sense of security. More time can encourage complacency, delaying necessary upgrades and strategic planning.

Even more importantly, it can contribute to a loss of internal knowledge. As time passes, key personnel with migration experience may leave, and vendor support may disappear - this makes future transitions harder and riskier.

What’s more, while short-term savings might be gained, there can be increased long-term costs. Maintaining older infrastructure often becomes more expensive than upgrading it, especially when emergency migrations are needed.

Crucially, delays mean companies accumulate technical debt; by not performing migrations, organizations can end up with a backlog of compatibility issues, unsupported applications and outdated hardware.

The combination of losing internal knowledge and maintaining unsupported systems means businesses can become increasingly reliant on expensive external partners to manage complex migrations and increases the chance of vendor lock-in and dependency.

Ultimately, staying on older systems can prevent organizations from leveraging new features, performance improvements, and security enhancements in Windows 11 or alternative operating systems.

A mindset of continuous modernization

The issue with deadlines and extension periods is that they signify an eventual point of completion. In this case, a completed migration project. While they are of course necessary for encouraging organizations to update their Windows applications, they also create the mindset that the process is then a done deal.

But technology quickly evolves and IT infrastructure requires continuous modernization. Having this mentality also avoids companies delaying projects when extensions are provided.

At the same time, existing Windows applications can be critical to operations and not modernizing them before the deadline will bring serious risks. So, how can organizations maintain operational continuity but also modernize over the coming months?

The ‘Rs’ approach – including AWS’ ‘7Rs’ and Gartner’s ‘5Rs’ – presents several strategies. This industry standard process is used by cloud providers and encompasses different ways for companies to carry out migrations for unsupported applications. ‘Retiring’, for instance, involves identifying applications that are no longer useful and can be turned off. Each method has its purpose for various contexts.

But large IT estates can be too unique or complex to use such methods alone. In these cases, external cloud specialists can provide companies with vendor-neutral platforms that allow them to maintain their existing Windows 10 applications but redeploy them onto managed operating systems or cloud environments.

This means applications remain fully operational and secure but can continue to receive security patches, support and software updates. It acts as a smarter alternative to complex migration strategies or the costly redevelopment of applications.

Managing, not delaying, the inevitable

This extension is not a solution, but a grace period. It gives IT teams more time to manage short-term risk. But all an extension really does is delay the same situation repeating itself.

Time and time again we have seen this occurrence take place: a business delays its migration for a year, and then another year, and then - all of a sudden - Microsoft stops the extension of the extension.

The pattern often ends with a scramble when the final deadline hits - by which time the cost, complexity and risk have all increased, internal knowledge to migrate quickly and safely has disappeared, and vendors no longer exist.

So while there are pros to the extension, the cons present very real risks - and they emphasize why businesses need to adopt a mindset of continuous modernization.

The technology and providers are available to help companies maintain their existing Windows 10 applications but move them onto supported operating environments.

In the coming months, rather than delaying the inevitable scramble, IT teams can build ongoing modernization.

We've featured the best IT management tools.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Few technological shifts have generated as much excitement and anxiety as the introduction of artificial intelligence in the workplace.

We’re seeing a marked step forward in the innovation and wider integration of AI tools as standard across all sectors and industries, driven by promises of streamlining, productivity gain, and growth opportunities.

This transformation is marked by both decision-makers’ eagerness to harness the full potential of AI and employees’ fears about job security.

Gradual, deliberate integration

Despite the demonstrable potential of enterprise AI tools, it’s important that companies deploy them incrementally, rather than actioning disruptive overhauls. A “rip and replace” mindset could result in internal resistance and operational disruption. Gradual integration will enable greater flexibility and alignment with strategic and technical goals.

We’ve seen first-hand how companies have failed to properly implement AI tools, for instance with Klarna in early 2024. Klarna aggressively automated customer support, introducing AI agents to handle huge workloads in place of humans. This led to poor customer experiences, and a public admission that overreliance on cost-cutting was a mistake. The human touch proved irreplaceable for complex human queries.

Similarly, there’s the risk of businesses falling into the trap of viewing AI as a one-size-fits-all solution, lured by the prospects of increased efficiency and decreased costs. Without a clear assessment of foundational challenges, like fragmented data and how to integrate with legacy systems, AI initiatives can hinder rather than deliver results.

Instead, organizations should turn their focus to integrating AI deliberately with existing IT infrastructure, at points where it’s truly able to add value. Targeted, measured deployments will unlock efficiencies that mesh with existing operational strategy and mitigate the chances of disruption.

Human-Machine collaboration

There’s one key thing that’s overlooked in much of the discourse suggesting AI is replacing jobs: the simple fact that AI success depends on the humans that shape, supervise and steer AI output.

Think of it not as a substitute for human intelligence, but as an augmentor capable of transforming ideas into actionable results. To this end, the more that AI is implemented, the greater the potential productivity benefit, but the greater the need for accountability as well.

Accountability — and demonstrated adherence to ethical and legal guidelines — requires human oversight and judgement. Far from making human employees obsolete, widespread AI rollout is creating new demands for human expertise and a whole cache of professions.

Technological accessibility

This will only become the case by way of mass AI adoption. Which itself can only happen with the emergence of zero- and low-code platforms. The goal is to make powerful IT automation tools accessible to non-technical teams.

This way, employees with specific domain expertise can devise tailored AI systems, and become active shapers of AI-infused business innovation.

This level of collaboration will reveal insights that otherwise might stay hidden in siloed processes, combining automation with deep and involved operational understanding.

It’s not about replacing talent: it’s about identifying it and finding ways of amplifying it to unlock smarter, more adaptive ways of working.

Recognizing value is value in itself

There’s a lot of talk about AI freeing up employees for high-value tasks, but what qualifies as “high value” is far from universal. A task deemed critical in healthcare might be routine in retail.

Precision might matter most in one industry, where creativity may trump it in others. The reality is: value is subjective and sector-specific, which is why one-size-fits-all actually fits none.

The companies that treat this question strategically, rather than a bolt-on, are the ones that will gain a competitive edge and extract the most value from their AI deployments.

It’s no longer about what AI can take over, but what it should.

Eking out a definition should sit beside broader business priorities: deciding where human focus belongs will be imperative to business success. In an AI-enabled future, the ability to evaluate what matters most will become one of the highest-value capabilities of all.

In short, AI won’t kill jobs, but lazy thinking might. The real threat isn’t the tech itself, but how it’s deployed. Businesses that chase efficiency at the expense of human insight risk shedding expertise. The message for decision makers is clear: equip people, don’t replace them — and you don’t just keep up, you lead.

We list the best IT management tools.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

The cyber-attack on Marks & Spencer is the kind of event that makes business leaders sit up and ponder whether their own organization could be next. While its services may now be up and running, the incident has still cost the brand over £300 million in lost profits, along with potential damage to its customer relationships.

The brand is not alone either, since attackers also hit the specialist food distributor Peter Green Chilled, integral to several supermarket supply chains, along with Coop, North Face and Cartier recently as well. The lasting impacts of these cybersecurity breaches have revealed how quickly a single compromise can affect revenue, logistics and brand trust, even if organizations have well-rehearsed contingency plans.

Cyber criminals love retail data

The UK’s appetite for online shopping has grown from 18.1 per cent of total sales in September 2019 to around 26 per cent today. This growth brings increased volumes of payment credentials, loyalty data and personal profiles that retailers and their partners must store and access for the whole system to operate effectively.

As every part of the retail supply chain process, from stock control to fulfilment, is now digitally integrated in the battle for streamlined, multi-channel efficiency, it has become almost impossible to guarantee total security.

Criminals want that data for ransom, resale or misuse, and incessantly seek it out. They have learned that the easiest way past expensive perimeter tools starts inside each business. A seasonal employee’s click on an email, a misconfiguration in a loyalty-app update, or slack use of recycled passwords by a manager working from home are all weaknesses that criminals exploit.

The addition of hybrid working has also opened up many more potential entry points for criminals and complicates security vigilance.

The complex pipework of supply chain partner relationships makes continuous monitoring much harder. Retailers rely on third-party ecommerce software, CRM suites, point-of-sale systems and supply-chain tools. Vulnerabilities from even a single vendor or partner is enough to let criminals inside.

Artificial intelligence, meanwhile, has automated phishing lures and vulnerability scanning. The development of off-the-shelf ransomware kits also means criminals need less technical expertise to be effective. They can deliver cyberattacks at greater frequency and speed with superior precision.

Building defenses that contain attacks

Removing all cyber risk is impossible, so organizations must switch focus to damage limitation and maintenance of legitimate trade, using layered security instead of relying totally on a single gatekeeper.

High on the shopping list for retailers should be real-time endpoint detection and response (EDR) or extended detection and response (XDR) platforms. These solutions monitor devices, networks and cloud workloads for anomalous behavior, then isolate infected assets before malware spreads.

Strict network segmentation limits an intruder’s freedom of movement in systems. A zero-trust model will make life harder for them by demanding authentication for every access request.

Sometimes, the most effective containment measure is a deliberate shutdown to allow individual branches to keep trading on local platforms. This prevents attackers from scuttling through systems and enables investigators to get on with their work.

Layering defense

Layered defense must involve employees as well as technology. Multi-factor authentication cuts down the threat from stolen passwords, while least-privilege principles ensure staff only access what is required for the task in-hand. Regular penetration tests expose weak spots before adversaries find them, and supply-chain audits encourage vendors to improve standards.

Preparation is essential. Immutable off-site backups provide clean copies of critical data, but only if recovery time and recovery point objectives are realistic and regularly rehearsed. Full fail-over, forensic hand-off and customer communications must all be rehearsed.

It is also important to diversify infrastructure, avoiding reliance on what becomes a single fault domain through the mistake of running production, back-up and disaster-recovery environments on the same platform. What retailers need is a hybrid or multi-cloud approach to spread risk and improve flexibility.

Instilling new confidence

After the immediate threat is contained and systems are restored, rebuilding confidence is tough when customers, staff and investors are wanting details of what happened, the data exposed and how the company will prevent it from happening again.

A timetable of transparent updates shows respect and reduces speculation. Each cyber event or breach should trigger policy changes and fresh internal training, reinforcing the message that security is a collective responsibility shared by everyone in every department.

Many retailers use managed service providers (MSPs) to accelerate all these steps, bringing access to wider experience and expertise, round-the-clock monitoring and economies of scale. Retailers have the strategic oversight and sector knowledge, while the MSP supplies a deeper level of technical insight and a commitment to continuous improvement.

With the right partnerships, layered defenses, crisis response and security awareness, retailers can absorb attacks without day-to-day business grinding to a halt. They can continue to maintain the vital trust that is behind each customer transaction. There is certainly no reason to despair if organizations follow this multi-layered approach.

We list the best endpoint protection software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• UK proxy use has grown as VPNs face potentially tighter rules and restrictions
• Specialist proxies give businesses flexibility, location accuracy, and resilience compared with VPNs
• British firms are adopting proxies across eCommerce, finance, and marketing

Many UK firms are worrying further VPN regulation could be on the cards, after the divisive Online Safety Act led to explosive interest in the tools, driving regulators to take notice and businesses to explore alternatives.

This is not about traditional business VPNs (such as SonicWall, Cisco AnyConnect, or Fortinet) that secure employee access to internal networks, but rather about specialist VPN services used for external online operations.

As a result of growing uncertainty, companies are increasingly turning to proxy services, which offer greater flexibility and fewer compliance concerns than VPNs.

UK interest increasing

Proxies, unlike VPNs which encrypt traffic and direct it through a single tunnel, offer more granular routing and customizable access, allowing organizations to conduct location-specific data collection, navigate geo-restrictions, and monitor competitors with reduced risk of detection or blocking.

Data from Decodo shows proxy users from the UK increased by 65% following the launch of the Online Safety Act, while proxy traffic rose by 88%.

That points to growing reliance on proxies as a standard part of digital infrastructure rather than a niche tool.

“Companies around the globe are getting smarter about how they operate in highly competitive landscapes. Instead of just picking the most popular tools, they’re choosing what actually works best for them, whether that’s faster, easier to use, or works better with region-specific restrictions. It shows that people are thinking more critically about their options,” said Vytautas Savickas, CEO at Decodo.

One reason proxies are expanding so fast is their technical maturity, Decodo says. Providers now bundle enterprise-grade security features with user-friendly designs, which makes them suitable for global enterprises as well as smaller firms.

At the same time, more UK businesses are learning how to differentiate between VPNs and proxies and are matching tools to their goals.

“More organizations in the UK are investing time in understanding the tools that power secure and efficient online operations. Most companies test out different solutions, providers, and do their research on proxies and VPNs, and they’re also making more informed, strategic choices,” said Gabriele Verbickaitė, Product Marketing Manager at Decodo.

Proxies are proving especially valuable in sectors such as eCommerce, finance, and digital marketing, with firms using them for tasks like ad verification, price tracking, SEO monitoring, and fraud prevention.

Options such as residential, mobile, and ISP proxies allow for greater stability and location accuracy compared with older methods.

“UK businesses are quickly adopting proxy services, moving beyond simple VPNs to more advanced setups that offer greater control over their online activity. It’s no longer just about staying private – performance and reliability are now just as important,” said Vaidotas Juknys, Head of Commerce at Decodo.

You might also like

• These are the best VPNs that you can trust right now
• And these are the best VPNs with antivirus to choose
• The VPN trap: how criminal ecosystems exploit our need for privacy

A federal judge issued a preliminary injunction Thursday halting further expansion and ordering the winding down of an immigration detention center built in the middle of the Florida Everglades.

(Image credit: Evan Vucci)

Here are the answers for The New York Times Mini Crossword for Aug. 22. It's an odd one, shaped like a domino to mark the new NYT dominos game, Pips.

Snake Eater never looked better.

• Grok conversations shared by users have been found indexed by Google
• The interactions, no matter how private, became searchable by anyone online
• The problem arose because Grok's share button didn't add noindex tags to prevent search engine discovery

If you’ve been spending time talking to Grok, your conversations might be visible with a simple Google search, as first uncovered in a report from Forbes. More than 370,000 Grok chats became indexed and searchable on Google without users' knowledge or permission when they used Grok's share button.

The unique URL created by the button didn't mark the page as something for Google to ignore, making it publicly visible with a little effort.

Passwords, private health issues, and relationship drama fill the conversations now publicly available. Even more troubling questions for Grok about making drugs and planning murders appear as well. Grok transcripts are technically anonymized, but if there are identifiers, people could work out who was raising the petty complaints or criminal schemes. These are not exactly the kind of topics you want tied to your name.

Unlike a screenshot or a private message, these links have no built-in expiration or access control. Once they’re live, they’re live. It's more than a technical glitch; it makes it hard to trust the AI. If people are using AI chatbots as ersatz therapy or romantic roleplaying, they don't want what the conversation leaks. Finding your deepest thoughts alongside recipe blogs in search results might drive you away from the technology forever.

No privacy with AI chats

So how do you protect yourself? First, stop using the “share” function unless you’re completely comfortable with the conversation going public. If you’ve already shared a chat and regret it, you can try to find the link again and request its removal from Google using their Content Removal Tool. But that’s a cumbersome process, and there’s no guarantee it will disappear immediately.

If you talk to Grok through the X platform, you should also adjust your privacy settings. If you disable allowing your posts to be used for training the model, you might have more protection. That's less certain, but the rush to deploy AI products has made a lot of the privacy protections fuzzier than you might think.

If this issue sounds familiar, that's because it's only the latest example of AI chatbot platforms fumbling user privacy while encouraging individual sharing of conversations. OpenAI recently had to walk back an “experiment” where shared ChatGPT conversations began showing up in Google results. Meta faced backlash of its own this summer when people found out that their discussions with the Meta AI chatbot could pop up in the app's discover feed.

Conversations with chatbots can read more like diary entries than like social media posts. And if the default behavior of an app turns those into searchable content, users are going to push back, at least until the next time. As with Gmail ads scanning your inbox or Facebook apps scraping your friends list, the impulse is always to apologize after a privacy violation.

The best-case scenario is that Grok and others patch this quickly. But AI chatbot users should probably assume that anything shared could be read by someone else eventually. As with so many other supposedly private digital spaces, there are a lot more holes than anyone can see. And maybe don't treat Grok like a trustworthy therapist.

You might also like

• ChatGPT is no match for a 40-year-old digital Pocket Chess game, and I bet Garry Kasparov would be pleased
• Grok may start remembering everything you ask it to do, according to new reports
• I tried Grok’s new AI image editing features – they’re fun but won’t replace Photoshop any time soon
• Grok 3’s voice mode is unhinged, and that’s the point