TechRadar News

• Apple has just released the iOS 26 developer beta 3 update
• This adjusts the Liquid Glass design to make it less transparent
• It’s not the first time Apple has tweaked Liquid Glass in iOS 26

When Apple unveiled iOS 26 at its WWDC 2025 event in June, the thing on everyone’s lips was the Liquid Glass redesign. This has brought glassy effects to Apple’s operating systems and has divided opinion in a big way, but the latest iOS 26 beta looks to have dialed it back significantly – and I’m glad to see it.

Compared to previous betas, iOS 26 beta 3 has added a little more opacity to interface elements, reducing their transparency in the process. Toolbars and buttons are now a bit more solid, making it harder to see what lies beneath them.

That addresses one of the key criticisms of Liquid Glass so far: that it’s too difficult to read top-level elements when text or images are visible beneath them. By adding more opacity, Apple has gone some way to putting that right.

This is not the first time Apple has tweaked Liquid Glass. In iOS 26 beta 2, the company reduced the translucency of buttons and boxes in the Control Center, which were especially difficult to read in previous releases. There will no doubt be further adjustments before iOS 26 launches fully in the fall.

A little more legibleImage 1 of 2

Liquid Glass in the Apple Music app. The updated version in iOS 26 beta 3 is on the right. (Image credit: Future)Image 2 of 2

Liquid Glass in the Apple Books app. The updated version in iOS 26 beta 3 is on the right. (Image credit: Future)

I’m a fan of Liquid Glass, but I prefer it in macOS Tahoe than in iOS 26, simply because the larger screens you get on a Mac versus an iPhone mean there are fewer overlapping elements, That enables macOS to avoid some of the worst legibility issues that plague iOS 26.

Despite iOS 26 beta 3 making things a little more readable, not everyone is a fan of the change. For example, writing on X, Apple pundit Sam Kohl wrote that “iOS 26 beta 3 completely nerfs Liquid Glass,” adding that “it looks so much cheaper now and feels like Apple is backtracking on their original vision.”

With plenty of time until the full release of iOS 26, we can expect Apple to make more changes as the year progresses. Hopefully, that will give it time to get Liquid Glass right – or at least make it a little more legible.

You might also like

• New iOS 26 beta fixes the one thing everyone hated about Liquid Glass
• Ooh, shiny! I hate myself for being so excited about Liquid Glass in iOS 26
• Ignore the haters – Apple’s Liquid Glass theme is one of my favorite parts of macOS Tahoe

• Apple is rumored to be working on an AI-powered update for the Apple Support app
• Code hints at a 'Support Assistant' that will help users troubleshoot Apple products
• I used to work at the Genius Bar and think this idea could be excellent if done correctly

Apple could be about to add an AI assistant to the Apple Support app, and that would be excellent news for iPhone, iPad, and Mac users around the world.

First spotted by MacRumors contributor Aaron Perris, new code hints at an AI-powered 'Support Assistant' coming to the Apple Support app.

According to Perris, "The code states that the Support Assistant 'uses generative models,' and that it will provide answers 'related to certain Apple products and services' Apple warns that generative models can sometimes provide 'incorrect, misleading, incomplete, offensive, or harmful outputs,' and that customers should not rely on information from Support Assistant as a substitute for professional advice."

At the moment, the Apple Support app lets you talk to a real-life Genius Bar member about issues with your products, and allows you to receive troubleshooting support without the need of heading to your local Apple Store.

While there are no details on when this AI-powered assistant will launch, this could be a huge improvement in the way we access Apple Support, and as an ex-Apple Genius Bar employee, I'm going to explain why.

AI for the better

I worked at Apple's Genius Bar for nearly four years while studying journalism at university, so I've had many encounters with Apple Support behind the scenes and as a customer.

The Apple Support app is excellent, and is one of the main reasons I recommend Apple products to my family members who are looking to buy new tech. I truly believe the Genius Bar is one of Apple's best products, and AI is only going to make it better.

I can't count the number of times customers would travel long distances to come to the Apple Store, only for the issue they were experiencing to be an incredibly simple fix.

With an AI-powered assistant, Apple users could get pointed in the right direction every single time rather than relying on the customer to select the correct service path.

The Apple Support app already asks a few questions to make sure the customer gets the right support, whether that be online, at the store, or via support articles. However, adding AI chatbot capabilities would hopefully improve that experience even more, alleviating pressure on Genius Bar employees and improving the customer experience.

Adding AI chatbots to customer service might sound infuriating, but as long as Apple uses generative AI as a way to improve the customer experience, then I think this rumored feature would be genius.

You might also like

• Apple just expanded its child safety features with age ratings that could lessen the chance of an inappropriate download
• Best parental control app of 2025: tested, ranked and reviewed by the experts
• iOS 26: new features, a new design, and everything you need to know

• IBM Power11 servers promise 99.9999% uptime, and no planned downtime
• Quantum-safe cryptography prepares against future attacks
• Performance and efficiency are up across the board

IBM has unveiled its new Power11 servers – next-generation hardware designed to support artificial intelligence, hybrid cloud and automation applications with boosted performance and enhanced security.

The company says the Power11 servers now have an ultra-high uptime rate of 99.9999%, noting that autonomous patching, live updates and rolling upgrades ensure zero planned downtime throughout their lifecycles.

Power11 servers are also futureproofed against evolving cyberattacks with built-in quantum-safe cryptography and less than one-minute guaranteed ransomware threat detection.

IBM Power11 servers

Speaking about the "mission-critical, data-intensive workloads" that IBM Power servers support across banking, healthcare, retail and government, the company revealed high-end, mid-range and entry-level servers to cater to a variety of workloads, all available from launch.

"Power11 will also be the first IBM Power server to support the IBM Spyre Accelerator, IBM's system-on-a-chip available Q4 2025 that is purpose-built for today's AI-intensive inference workloads," the company added.

Besides futureproofing against emerging technologies, Power11 servers also represent a huge leap forward from previous generations, including 55% better core performance than Power9, up to 45% more capacity in entry/mid-range models compared with Power10 and 2x performance per watt compared with comparable x86 servers.

IBM also noted Energy Efficient Mode could improve server efficiency further, by up to 28%, when peak performance isn't required.

"We are taking advantage of the full IBM stack to deliver hybrid cloud, AI, and automation capabilities while building on our decades-long reputation as a trustworthy hybrid infrastructure for essential workloads," Tom McPherson, General Manager for Power Systems at IBM, explained.

Although Power11 servers are set for general availability later this month (July 25, 2025), the IBM Spyre Accelerator won't be added until a later date likely in the final three months of 2025.

You might also like

• We've listed the best cloud computing providers
• Fancy unlocking the power of your data? Consider using the best AI tools
• It's alive! IBM unveils its most powerful mainframe yet, which it says is fully engineered for the AI Age

• Gmail will now display how many times you've had emails from subscriptions
• The tool supports one-click unsubscriptions and sender blocking
• Google is also using AI to reduce scams

Gmail is rolling out a new 'Manage subscriptions' feature for mobile and web users to address all the old subscription emails they've gathered over the years in a bid to help declutter email inboxes at last.

The new tool will allow users to view and unsubscribe from all active email subscriptions in one place, from the navigation drawer of the app or website.

Initially tested earlier in 2025, the feature is now being widely rolled out across Android, iOS and web experiences, with full availability coming in the next two weeks or so.

Gmail wants to make it easier for you to unsubscribe from junk mail

Besides listing all active subscriptions from the likes of newspapers, subscriptions and shops, the popular email provider will also help you identify which subscriptions to cut by showing the number of emails you've received from each sender in recent weeks.

Senders who support one-click unsubscribe will be the easiest to get rid of, but Google has thought about ones that don't by building a sender blocking tool into the feature, too.

Separate research from EmailTooltester suggests that the average email user now receives more than 80 messages per day, nearly half of which (49%) are spam – the equivalent of 162 billion spam emails sent globally every day.

Although Google claims that AI-based filters have helped reduce scam emails by 35%, that only addresses malicious emails. With many users now counting two or more decades of online life behind them, the number of inadvertent mailing lists plaguing Gmail inboxes is at an all-time high, with many stemming from before enhanced consumer protections like newsletter opt-in came in.

You might also like

• We've listed the best VPN services
• Gmail is adding a new Gemini AI tool to help smarten up your work emails
• Need to reach new audiences? Consider the best online marketing services

• Photos of a Pixel 10 prototype have appeared on a Chinese auction site
• They show the addition of a third rear camera and what looks to be a temperature sensor
• Previous leaks mention this camera, but this is the first we've seen of a temperature sensor

The Google Pixel 10 series has leaked quite a lot at this point, but so far, actual images of these phones have been few and far between. Now, though, some newly leaked photos have given us our best look yet at what the base model might look like.

Spotted by 9to5Google, these images were posted on Goofish (a Chinese auction site) as part of a listing for a Pixel 10 prototype motherboard – so, despite the whole phone being pictured, only the motherboard is actually for sale.

It’s an all-round strange listing, which – going by the auto-translated text – includes an extended rant about scammers, but the actual images look quite credible.

Image 1 of 2

(Image credit: Goofish)Image 2 of 2

(Image credit: Goofish)

You can see what’s apparently a Google Pixel 10 prototype from both the front and back, and it looks very similar to an earlier Pixel 10 Pro prototype leak.

You can see that there are three camera lenses on the back, which is one more than you get with the Google Pixel 9. But that’s in line with earlier leaks, which suggest the Pixel 10 will have a 5x telephoto camera along with its wide and ultra-wide snappers.

Interestingly, there’s also some sort of sensor under the flash, which is likely a temperature sensor, as that’s where this is housed on the Pixel 9 Pro, but it’s not something you get on the standard Pixel 9.

Could be a Pixel 10 Pro

Otherwise, this prototype looks very similar to the Pixel 9, with the same camera bar design, the same overall shape, and a punch-hole camera in the screen.

That said, it looks even more like a Pixel 9 Pro, so we can’t rule out the possibility that this is actually a mislabeled Google Pixel 10 Pro prototype.

We should find out for sure whether this is how the Google Pixel 10 looks soon, though, as the whole Pixel 10 series – including the base model, the Pixel 10 Pro, the Pixel 10 Pro XL, and the Pixel 10 Pro Fold – will reportedly launch on August 20.

You might also like

• 5 upgrades we want from the Google Pixel 10
• Google Pixel 10 series colors and storage capacities leaked, with some weird limitations on pairings
• The Google Pixel 10 Pro series might barely be an upgrade

• Being blamed or getting into trouble are workers' biggest worries when reporting cyberattacks
• UK workers understand and can identify cyberattacks pretty well
• This comes as cyberattacks become worryingly common

New data has claimed two in five (39%) office workers wouldn't even tell their company's cybersecurity teams if they thought they had been the victim of a cyberattack at work.

The findings from Cohesity come despite generally better understanding compared with other European nations – 43% of UK workers understand ransomware, compared with 28% in France and 30% in Germany.

As many as four in five (79%) British employees would go as far as saying they feel confident in identifying a cyberattack, yet many choose to stay silent.

Workers feel embarrassed about cyberattacks

Cohesity says workers are most embarrassed about being blamed (17%) or getting into trouble (17%), leading them to stay quiet in the event of attacks. A further 15% stated they wouldn't want to cause a fuss, with 11% admitting they'd rather attempt to fix the issue themselves rather than notify IT.

However, separate research from IBM reveals breaches lasting longer than 200 days cost around 34% more than those contained earlier (via Morgan Lewis). Moreover, silence delays incident response and increases vulnerability to threats like ransomware, malware spread and further phishing attempts.

Government data from 2024 reveals that half of all UK businesses and one-third of UK charities had experienced cyberattacks or breaches within the preceding year – a number that's even more pertinent among medium (70%) and larger (74%) businesses, and one that's likely to be even higher this year.

Cohesity GVP Olivier Savornin stressed: "Staying silent if they suspect a malicious cyberattack is quite possibly the worst thing an employee could do."

Savornin calls for a workplace culture that makers workers feel more comfortable about raising the alarm, backed by proper cybersecurity training.

Cohesity Global Head of Cyber Resiliency James Blake noted that companies should take a holistic approach to "planning, processes, people and technology."

You might also like

• Boost your skills with the best online learning platforms
• Many companies are still failing to budget for cybersecurity
• Protect your devices by installing the best endpoint protection software

• M&S chairman Archie Norman attributes recent ransomware attack to DragonForce
• Law enforcement is still involved, and we don't know any ransom details
• Norman is calling for greater transparency and cyberattack reporting

M&S is still refusing to confirm whether it paid a ransom following a recent major cyberattack, but at least we have an indication of its cause.

It's believed the attack was carried out by DragonForce, a ransomware operation believed to be based in Asia or Russia – a separate group from hacktivists at the similarly-named DragonForce Malaysia.

M&S chairman Archie Norman explained disclosing details of any ransom would not be in the public interest, given that law enforcement agencies are still involved with the case.

M&S shares more information on attack

"We’ve said that we are not discussing any of the details of our interaction with the threat actor," Norman, speaking at a UK Parliament heading on cyberattacks in the retail sector, stressed.

We now know the initial breach occurred via social engineering, with the attacker impersonating an M&S worker and tricking a third party into resetting an employee's password.

The Financial Times revealed just weeks after the cyberattack that Tata Consultancy Services, a third party that M&S uses to help manage help desk support could have been inadvertently tied up in the breach.

Attackers threatened to leak the acquired data, but they also encrypted it from M&S in what's known as a double extortion attack. In May, M&S confirmed that names, birth dates, addresses, phone numbers, household information and order histories were all included.

150GB of data was reportedly stolen before M&S shut down systems to prevent further spread, leading to delivery disruptions. Recovery efforts are still ongoing, with Norman expecting full recovery by October or November 2025.

DragonForce has not posted M&S data, possibly implying that a ransom could have been paid or that negotiations are ongoing.

Looking ahead, Norman is calling for more transparency around reporting cyberattacks: "We have reason to believe there've been two major cyberattacks on large British companies in the last four months which have gone unreported," he said.

Via Reuters

You might also like

• M&S online orders are back following cyberattack - here's what you need to know
• Enhance protection by using the best authenticator apps
• We've listed the bets firewall software

• UK Government and Google Cloud sign new partnership
• Google Cloud looks to help modernize aging UK Government tech stack
• 100,000 civil servants set to receive more training on AI and other tech

Google Cloud has announced a major partnership with the UK Government which will help the country rid itself of aging technology systems.

Announced at the company's Google Cloud Summit London, the agreement will look to help the UK Government update a host of legacy tech, some of which is decades old, to unlock up to $45 billion in efficiency savings.

The partnership will look to modernize commonly-used services from the NHS, along with local council tools, covering everything from bin collection to tax returns.

So long "ball and chain"

Speaking at the Summit, Technology Secretary Peter Kyle noted the deal will look to provide a major upgrade across public sector services in the UK, where more than one in four systems are estimated to run on legacy tech. This jumps to as high as 70% in some police forces and NHS trusts, sometimes on contracts signed decades ago.

He noted how in some areas, the technology being used is decades-old, leaving these organizations at risk of cyberattack or outages, and meaning workers lack the efficiency and productivity gains offered by newer tech.

Google Cloud hopes its assistance will help Government bodies ditch these "ball and chain" tech contracts, where providers have often made it too difficult to transfer data to modern systems, with some companies hiking the prices while the taxpayer is locked into contracts.

"With more hands-on support, I can't wait to see what our two teams deliver together," Kyle added.

Looking forward, Google Cloud will also help the UK Government explore the usage of technology such as quantum computing within the public sector, as well as investigating the development of a single platform to monitor and keep the public sector safe from the latest cybersecurity threats.

“Google Cloud is proud to be a strategic partner of the UK Government as they embark on this ambitious digital transformation," noted Tara Brady, President, Google Cloud EMEA.

"As the country evolves, the flexibility of Google Cloud will help the government lead the AI era."

Google Cloud will also be helping to boost workers within the UK Government, with a new training programme seeing 100,000 civil servants get extra help with AI and other new technology by 2030.

Elsewhere, Google Cloud is running a 12 week equity-free accelerator program for Seed to Series AI startups based in the UK, in partnership with Tech London Advocates.

This follows benefits announced earlier this year as part of the “Gemini for UK” initiative, with Google Cloud providing up to £280,000 in cloud credits for eligible UK-based AI startups.

The company sys that since 2023, over 60% of genAI UK startups are Google Cloud customers, and it is looking to help some of these firms even further, securing spaces for four top UK AI startups on the Europe-wide Google for Startups accelerator, who will be joining 15 top AI startups across Europe to get Google expertise to accelerate growth.

You might also like

• "AI is simplifying technology itself" - Google Cloud CEO outlines AI hopes
• “The gloves are off when it comes to innovation” - Google Workspace head
• These are the best cloud hosting options around today

With remote work here to stay, cloud tools becoming everyday essentials, and cyber threats constantly evolving, companies are rethinking how they keep their systems and data safe. It’s not just about locking the doors anymore, it's about making sure the right people get access to the right things, without leaving the whole network exposed.

Two of the most talked-about options? Virtual Private Networks (VPNs) and Software-Defined Perimeter (SDP). Both are designed to keep remote access safe, but they go about it in very different ways.

So, is SDP the better choice? Well, it’s not as easy as saying one is better than the other. It really depends on what your organization looks like. How big is your team? How complicated are your systems? And, what kind of security challenges are you facing? There’s no magic, one-size-fits-all answer but once you understand how VPNs and SDP work differently, it gets a whole lot easier to figure out what’s right for you.

VPNs vs. SDP – What’s the Difference?

Historically, the traditional approach has been VPN, which works by creating an encrypted tunnel between a user’s device and the network, essentially opening the door to the entire network once connected. It’s a simple, familiar setup - especially for IT teams. Which is, by the way, why VPNs are still a go-to for many small and mid-sized businesses.

The modern approach is SDP, which takes a different route. It’s built on the idea of Zero Trust, meaning it doesn’t automatically trust anyone. Instead, users have to prove who they are before getting in. And even then, they’re only allowed to access specific apps or services, not the whole network. This “only what you need” model reduces the risk of cyberattacks and gives businesses tighter control over access.

Key Advantages of SDP

1. Granular Access Control - Unlike traditional VPNs, which often grant broad access to a network, SDP limits users to just the resources they need. This minimizes risk and enforces stronger access policies.

2. Enhanced Security with Zero Trust - Modern SDP follows a "verify first, connect later" model. Every user and device must be authenticated before gaining access which is ideal for organizations focused on strengthening cybersecurity postures.

3. Scalability - SDP is built to handle a crowd. Whether you’ve got a few hundred users or a few thousand logging in at once, it keeps things running smoothly without slowing down. That makes it a great fit for bigger companies; or any organization that’s growing fast and needs remote access to keep up.

4. No Physical Hardware Required - No bulky hardware needed. SDP runs on software and plays nicely with the cloud. That means no racks of equipment to manage, no big upfront hardware investments, and a lot less hassle for IT teams. It’s a lighter, more flexible way to stay secure without being tied down to on-prem gear.

5. Reduced Latency - The best SDP solutions keep things snappy by cutting out the middleman. Instead of sending users through a central gateway, it connects them straight to the apps they need. That means faster performance, fewer slowdowns, and a smoother experience overall, especially when teams are spread out across different locations.

Considerations and Challenges

While SDP offers significant benefits, nothing’s perfect:

1. Learning Curve - Switching to SDP can take some getting used to, especially for teams who’ve been relying on traditional VPNs for years. It asks a bit more in terms of understanding how your network is built and how to fine-tune security policies. It’s not rocket science, but there is a bit of a learning curve at the start.

2. Upfront Cost - For smaller setups, SDP might come with a bigger price tag up front or require licensing that feels steeper than the off-the-shelf VPNs everyone’s used to. But many find that the long-term benefits are worth the early investment.

3. Interoperability - If you’re running older systems or legacy apps, getting SDP to play nicely with everything might take some extra effort. A little configuration and testing may be needed to make sure everything clicks.

When to Choose SDP Over VPNs, and Why

1. Cloud-first environments

If your team relies on cloud-native or SaaS apps, SDP’s app-focused security model is a natural fit. It lets users securely connect to just the specific cloud resources they need, without opening up your whole network to potential risks. This kind of targeted access works especially well in today’s fast-moving, spread-out cloud environments where flexibility and control are key.

2. IoT security

SDP allows highly specific, secure connections to IoT devices that typically require limited access. Rather than placing these often-vulnerable devices on the broader network, SDP ensures that only authorized users and systems can connect, reducing potential attack vectors.

3. High-security industries

Sectors like finance, government, and healthcare operate under strict regulatory and security requirements. SDP’s Zero Trust model—which authenticates and authorizes users before access is granted—offers the fine-grained control and robust protection needed to meet compliance and data security standards.

4. Large, distributed teams

SDP is built to grow with you. Whether you’ve got a handful of remote workers or thousands of employees logging in from around the world, it keeps things running smoothly. No slowdowns, no traffic jams, just fast, secure access to what your team needs, without the bottlenecks that can bog down traditional VPNs.

When VPNs Might Still Be the Right Fit

1. Small teams and simple needs - VPNs are easier to deploy and manage for straightforward use cases.

2. Familiar infrastructure - Many organizations already have VPNs baked into their firewall software or endpoint tools. For some, sticking with what’s familiar, and integrated, makes sense.

3. Budget Is the primary concern - VPNs remain a cost-effective option, especially where advanced access controls or Zero Trust frameworks aren’t priorities (yet).

Parting Thoughts

SDP isn’t necessarily better than VPNs, it’s just different and more modern, so to speak. For organizations seeking stronger security, granular access controls, and future-ready infrastructure, SDP offers clear advantages. But for others, especially those with smaller footprints or simpler requirements, VPNs may still do the job just fine.

Ultimately, the best solution depends on your organization’s size, security needs, infrastructure, and how much control and visibility you require over your network.

We list the best identity management software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Foundation season 3 will feature a Cleonic trio who are more familial than past groups
• This season's iterations of Dawn, Day, and Dusk respect and love each other
• The triumvirate will still fall out over what to do amid the Empire's diminishing influence on the galaxy

Foundation season 3 will show you a side of the Empire's three rulers that you haven't seen before.

That's the verdict of Lee Pace, Cassian Bilton, and Terrance Mann, who portray the aforementioned trio, i.e. Brother Day, Brother Dawn, and Brother Dusk, in Apple's space opera.

In Foundation's first two seasons, the three characters, who are all clones of the Imperium's first autocrat Cleon I, never saw eye-to-eye. Indeed, despite the fact they jointly lauded it over vast swathes of the galaxy, each clone was as self-serving as their fellow rulers were.

The Apple TV+ show's third installment, though, will depict a wildly different perspective on the weird granddad-father-son yet brotherly dynamic (hey, I did say it was weird!) that exists between this season's Cleonic trio. With each clone's genetic makeup becoming more unique with every generation that passes – read more about that in my Foundation season 1 episode 9 recap – there's a tenderness to their familial bond that wasn't there in prior seasons.

Dawn (left), Day (center), and Dusk (right) have got a lot to think about in season 3 (Image credit: Apple TV+)

"It's entirely universal in that you have a shorthand with your family," Bilton told me of the trio's collective dynamic. "They understand you in a way that you're not otherwise understood.

"With the Cleons, they're going through something no one else understands. Maybe Demerzel [played by Laura Birn] understands it in a way that she sees it from a distance, but she's not going through the experience of being a clone. So, I think they have a deep love, more so than before, for each other.

"There's this gorgeous scene that we shot where the three of us sit together for the first time in season 3," Bilton continued. "I won't say why, but we convene to have a drink and a laugh. When it comes to the ease of that, we're very lucky as cast members that we get on so well off-camera. We just do it on camera this time."

The Cleonic trio's major domo Demerzel will continue attempting to maintain the peace between them (Image credit: Apple TV+)

"There's a rare sense of humanity," Mann added. "We're emperors but we're also clones, so we're constantly trying to grab and hold onto what we believe to be human to try and make us feel important [to someone] and more alive than just existing as the kings of this faltering empire."

That's not to say that Dawn, Day, and Dusk won't butt heads throughout one of the best Apple TV+ shows' third installment. Whether it's Brother Day's The Big Lebowski-inspired indifference to actually ruling the galaxy or another issue, this season's Cleons are still prone to making decisions for selfish means, even if it's to the detriment of their fellow clones.

"As different as they are persona-wise, they're still the same, which is the key to understanding them," Pace mused. "They don't have the intelligence of Hari Seldon or Gaal Dornick. They don't possess the cerebral capacity of Demerzel. What they have is a gut instinct that tells them 'this is how we or I survive', so they're very wily in that regard."

How do you think the Cleons' individual and collective stories will play out this season? Let me know in the comments. Ahead of its July 11 debut on one of the world's best streaming services, see what I thought of its first five episodes by reading my Foundation season 3 review, too.

You might also like

• 'She's ready to take this on': Foundation star Lou Llobell teases Gaal Dornick's all-consuming quest to stop The Mule in the Apple TV+ show's third season
• 'He needs to be a big threat': Foundation season 3 star Pilou Asbaek reveals how The Mule differs from his book series counterpart
• 'We're the last to find out': Foundation stars don't know if it'll return for season 4

The way we work has changed. But despite flexible working now being offered by the majority of UK employers, many businesses are burdened by fragmented tools. Employees are forced to juggle multiple apps and platforms to manage calls, messages, and meetings. This inefficiency stalls productivity and results in poor user experience, leaving 75% of businesses actively seeking to reduce the number of applications they use.

In today's fast-paced, hybrid work environment, businesses need collaboration tools that are secure, scalable, and able to work across any device and location. Unified Communications as a Service (UCaaS) is about making this a reality. Consolidating voice, video, messaging, and collaboration tools into a single, cloud-driven platform, it streamlines operations and creates a more efficient workflow. It has become a driver of the digital workforce, and the market is set to reach over 131 million global users by 2028, according to Cavell.

Mobility at the heart

Mobility is rapidly shaping the future of communications Today, 57% of workers say smartphones are essential to their jobs and 71% of Microsoft Teams users rely on mobile apps – with over 17 million users depending on the platform’s ‘phone’ feature every month.

In short, mobile integration is no longer a ‘nice to have’. For organizations looking to remain competitive and connected, UCaaS solutions that prioritize mobility are key. These platforms enable users to switch effortlessly between devices, whether they are at a desktop in the office or working remotely.

This is especially vital for industries with mobile workforces - such as healthcare, logistics, or retail - where seamless switching between mobile and desktop isn’t just convenient, it’s critical. Whether it’s a nurse updating electronic health records on the go or a delivery driver needing quick access to customer details, teams need to stay connected and productive, wherever their work takes them.

UCaaS success isn’t just about the software- it’s about the network. A strong, secure, and resilient connectivity foundation is essential. Whether it’s for high-quality voice calls or real-time messaging, everything depends on reliable infrastructure. Businesses need to partner with UCaaS providers who can deliver the robust network support required to enable a mobile, cloud-first workforce.

Keeping it simple

In the age of flexible working, it’s more important than ever that people have access to a simple and accessible communications platform. One which doesn’t require arduous dial-in processes and tenuous connections between multiple parties, or which only supports voice calling – so when you want to send an instant message, you’re back to square one.

UCaaS allows businesses to break down silos between teams and locations. Whether working on a presentation or responding to a customer query, it ensures all communications are accessible from one centralized platform. Being cloud-based means cloud documents are accessible across locations too. Employees with the right expertise can be involved at the right time, overcoming the challenges of disjointed communication channels.

While adopting a new IT or communications system can feel daunting for business leaders, UCaaS is much simpler. Many shy away from new systems because of the perceived complexity involved, but it is often designed with the user in mind, avoiding the friction that comes with traditional communication platforms.

For IT teams, ease of deployment and maintenance is just as important. With digital communication solutions, updates are often handled centrally in the cloud, reducing the need for costly on-site support or downtime. Employees don’t need hours of training to get up to speed either - most platforms mirror the simplicity of consumer apps, allowing teams to focus on their work, not the tools. This simplicity also shortens the time to value for organizations, helping them realize ROI faster and with fewer barriers. At a time when digital transformation fatigue is real, this simplicity can make all the difference.

Work smarter, not harder

Beyond video calls and file sharing, there are advanced features that bring big business benefits. Fraud prevention tools significantly improve security and customer interactions. AI-driven call analytics provide insights that allow businesses to improve decision-making, and capabilities like streamlined call management unlock seamless customer experience for businesses, too.

For example, call queues and interactive voice response services direct inbound calls efficiently, in turn reducing wait times and ensuring no customer inquiry goes unanswered. This efficiency can have a direct impact on a company’s bottom line. Customers who experience quick, responsive service are more likely to return – and to spend more. It’s a win-win.

Amidst rising economic pressures and the analogue switch-off, businesses need to increase their margins. UCaaS enables this by streamlining operations, cutting complexity, eliminating the need for redundant lines and multiple devices, and importantly, reducing costs.

As organizations race through periods of transition, seamless, integrated communication enables them to thrive. Ultimately, time is a business leader’s most valuable asset. The ability to adapt quickly, innovate continuously, and communicate seamlessly offers a competitive advantage – one that UCaaS provides.

We list the best business phone systems.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Looking for a different day?

A new NYT Strands puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Tuesday's puzzle instead then click here: NYT Strands hints and answers for Tuesday, July 8 (game #492).

Strands is the NYT's latest word game after the likes of Wordle, Spelling Bee and Connections – and it's great fun. It can be difficult, though, so read on for my Strands hints.

Want more word-based fun? Then check out my NYT Connections today and Quordle today pages for hints and answers for those games, and Marc's Wordle today page for the original viral word game.

SPOILER WARNING: Information about NYT Strands today is below, so don't read on if you don't want to know the answers.

NYT Strands today (game #493) - hint #1 - today's themeWhat is the theme of today's NYT Strands?

• Today's NYT Strands theme is… Party time!

NYT Strands today (game #493) - hint #2 - clue words

Play any of these words to unlock the in-game hints system.

• FINAL
• SONNET
• CLOSE 
• POET
• TOOL
• BURNT

NYT Strands today (game #493) - hint #3 - spangram lettersHow many letters are in today's spangram?

• Spangram has 11 letters

NYT Strands today (game #493) - hint #4 - spangram positionWhat are two sides of the board that today's spangram touches?

First side: top, 6th column

Last side: bottom, 1st column

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Strands today (game #493) - the answers

(Image credit: New York Times)

The answers to today's Strands, game #493, are…

• BALLOON
• BUNTING
• PENNANT
• CONFETTI
• STREAMER
• SPANGRAM: DECORATIONS

• My rating: Hard
• My score: 1 hint

Like many families, mine has a box in a cupboard filled with DECORATIONS that only see the light of day a few times a year, including BUNTING and banners.

It’s odd how a birthday doesn’t feel like a birthday if we don’t put these out the night before the special day, regardless of whether anyone is having a party or not – if they are, then the BALLOONs come out, too.

Unlike Christmas with its 12th night deadline, there is no official time when you must take down birthday cards and decorations. For some families it may be the day after, others may leave them up to keep the spirit alive.

I think this may be why in our house people have birthdays but there’s also a loose agreement that they have a birthday week too. It’s a lovely thing, why not let it last a bit?

How did you do today? Let me know in the comments below.

Yesterday's NYT Strands answers (Tuesday, July 8, game #492)

• TIME
• CHANGE
• KEYS
• MOMENT
• BEDROOM
• HANDS
• PARTS
• TIRES
• SPANGRAM: SPARES

What is NYT Strands?

Strands is the NYT's not-so-new-any-more word game, following Wordle and Connections. It's now a fully fledged member of the NYT's games stable that has been running for a year and which can be played on the NYT Games site on desktop or mobile.

I've got a full guide to how to play NYT Strands, complete with tips for solving it, so check that out if you're struggling to beat it each day.

Looking for a different day?

A new Quordle puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Tuesday's puzzle instead then click here: Quordle hints and answers for Tuesday, July 8 (game #1261).

Quordle was one of the original Wordle alternatives and is still going strong now more than 1,100 games later. It offers a genuine challenge, though, so read on if you need some Quordle hints today – or scroll down further for the answers.

Enjoy playing word games? You can also check out my NYT Connections today and NYT Strands today pages for hints and answers for those puzzles, while Marc's Wordle today column covers the original viral word game.

SPOILER WARNING: Information about Quordle today is below, so don't read on if you don't want to know the answers.

Quordle today (game #1262) - hint #1 - VowelsHow many different vowels are in Quordle today?

• The number of different vowels in Quordle today is 3*.

* Note that by vowel we mean the five standard vowels (A, E, I, O, U), not Y (which is sometimes counted as a vowel too).

Quordle today (game #1262) - hint #2 - repeated lettersDo any of today's Quordle answers contain repeated letters?

• The number of Quordle answers containing a repeated letter today is 0.

Quordle today (game #1262) - hint #3 - uncommon lettersDo the letters Q, Z, X or J appear in Quordle today?

• Yes. One of Q, Z, X or J appears among today's Quordle answers.

Quordle today (game #1262) - hint #4 - starting letters (1)Do any of today's Quordle puzzles start with the same letter?

• The number of today's Quordle answers starting with the same letter is 3.

If you just want to know the answers at this stage, simply scroll down. If you're not ready yet then here's one more clue to make things a lot easier:

Quordle today (game #1262) - hint #5 - starting letters (2)What letters do today's Quordle answers start with?

• P

• P

• G

• O

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

Quordle today (game #1262) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle, game #1262, are…

• SHIRE
• SIXTH
• SINGE
• IMAGE

Having a starter word that begins S-I was hugely beneficial today as it meant that two words were already on their way: SIXTH and SINGE. 

The in the wrong place H and T convinced me that the word had to end TH and after getting that far there really was just one option. X marks the spot.

How did you do today? Let me know in the comments below.

Daily Sequence today (game #1262) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle Daily Sequence, game #1262, are…

• DRAPE
• DIMLY
• DINGY
• NAVAL

Quordle answers: The past 20

• Quordle #1261, Tuesday, 8 July: PLIED, PRANK, GAWKY, OXIDE
• Quordle #1260, Monday, 7 July: DROLL, TRUCE, TWIRL, SINCE
• Quordle #1259, Sunday, 6 July: AMPLY, SPAWN, EXTOL, RIDGE
• Quordle #1258, Saturday, 5 July: HAVEN, SNAKE, DREAM, TORUS
• Quordle #1257, Friday, 4 July: FAVOR, SKUNK, GAWKY, FLUFF
• Quordle #1256, Thursday, 3 July: DANCE, EYING, GLAZE, EGRET
• Quordle #1255, Wednesday, 2 July: INANE, SCOUR, ELITE, ULCER
• Quordle #1254, Tuesday, 1 July: REBAR, YEARN, FORTH, CROWD
• Quordle #1253, Monday, 30 June: INGOT, INFER, TAPIR, CLUED
• Quordle #1252, Sunday, 29 June: MIRTH, APTLY, SCRUB, SMACK
• Quordle #1251, Saturday, 28 June: AWOKE, SMOKY, DEVIL, SWING
• Quordle #1250, Friday, 27 June: SPEAK, EAGLE, AVERT, SUING
• Quordle #1249, Thursday, 26 June: SLUMP, REBUS, GUAVA, MONEY
• Quordle #1248, Wednesday, 25 June: SOGGY, CLASH, MODEM, SQUAD
• Quordle #1247, Tuesday, 24 June: QUALM, SQUIB, AXIAL, FLACK
• Quordle #1246, Monday, 23 June: PIXEL, FJORD, STEAL, EXIST
• Quordle #1245, Sunday, 22 June: WREST, CRAZE, PAPAL, SCION
• Quordle #1244, Saturday, 21 June: BUDDY, GROUT, BEGIN, MADAM
• Quordle #1243, Friday, 20 June: BRAID, DULLY, HASTE, LURID

• Experts observe a 19x quarter-over-quarter rise in .es usage for malicious campaigns
• 99% were credential phishing attacks, with 1% relating to remote access trojans
• Microsoft was by far the most commonly impersonated brand

Cybersecurity experts from Cofense have revealed a 19x increase in malicious campaigns using .es domains between Q4 2024 and Q5 2025, making it the third-most abused top-level domain (TLD) after .com and .ru.

Typically reserved for businesses and organizations in Spain, or Spanish-speaking audiences, researchers found nearly 1,400 malicious subdomains across nearly 450 .es base domains between January and May.

An overwhelming majority (99%) of the campaigns involved credential phishing, with most of the remaining 1% delivering remote access trojans (RATs) like ConnectWise RAT, Dark Crystal and XWorm.

.es domains are proving popular for phishing attacks

Although the rise of .es domains in cyberattacks is noteworthy, attack vectors remain unchanged. Malware was seen to be delivered by C2 nodes or spoofed emails, with most (95%) impersonating Microsoft (an attacker's favorite). Adobe, Google, Docusign and the Social Security Administration made up the top-five most commonly impersonated websites. Email lures often mimicked HR and document-related requests.

Interestingly, the malicious .es subdomains were randomly generated, not crafted manually, making them easier to identify as being fake. Examples include ag7sr[.]fjlabpkgcuo[.]es and gymi8[.]fwpzza[.]es.

Despite researchers suggesting that no similarities can be used to link attacks to a single group, 99% of the malicious .es domains were hosted on Cloudflare.

"If one threat actor or threat actor group were taking advantage of .es TLD domains then it is likely that the brands spoofed in .es TLD campaigns would indicate certain preferences by the threat actors," the researchers wrote.

Cofense explained that "significant restrictions" on the usage of .es TLDs were in place until 2005, adding that the recent rise in .es-related attacks could be a cause for concern, marking a new trend exploiting the authority that country-related TLDs unofficially carry.

You might also like

• We've listed the best identity theft protection services
• Keep yourself protected online by installing the best business VPN
• ChatGPT and other AI tools could be putting users at risk by getting company web addresses wrong

• Experts observe a 19x quarter-over-quarter rise in .es usage for malicious campaigns
• 99% were credential phishing attacks, with 1% relating to remote access trojans
• Microsoft was by far the most commonly impersonated brand

Cybersecurity experts from Cofense have revealed a 19x increase in malicious campaigns using .es domains between Q4 2024 and Q5 2025, making it the third-most abused top-level domain (TLD) after .com and .ru.

Typically reserved for businesses and organizations in Spain, or Spanish-speaking audiences, researchers found nearly 1,400 malicious subdomains across nearly 450 .es base domains between January and May.

An overwhelming majority (99%) of the campaigns involved credential phishing, with most of the remaining 1% delivering remote access trojans (RATs) like ConnectWise RAT, Dark Crystal and XWorm.

.es domains are proving popular for phishing attacks

Although the rise of .es domains in cyberattacks is noteworthy, attack vectors remain unchanged. Malware was seen to be delivered by C2 nodes or spoofed emails, with most (95%) impersonating Microsoft (an attacker's favorite). Adobe, Google, Docusign and the Social Security Administration made up the top-five most commonly impersonated websites. Email lures often mimicked HR and document-related requests.

Interestingly, the malicious .es subdomains were randomly generated, not crafted manually, making them easier to identify as being fake. Examples include ag7sr[.]fjlabpkgcuo[.]es and gymi8[.]fwpzza[.]es.

Despite researchers suggesting that no similarities can be used to link attacks to a single group, 99% of the malicious .es domains were hosted on Cloudflare.

"If one threat actor or threat actor group were taking advantage of .es TLD domains then it is likely that the brands spoofed in .es TLD campaigns would indicate certain preferences by the threat actors," the researchers wrote.

Cofense explained that "significant restrictions" on the usage of .es TLDs were in place until 2005, adding that the recent rise in .es-related attacks could be a cause for concern, marking a new trend exploiting the authority that country-related TLDs unofficially carry.

You might also like

• We've listed the best identity theft protection services
• Keep yourself protected online by installing the best business VPN
• ChatGPT and other AI tools could be putting users at risk by getting company web addresses wrong

Spending time on the internet in 2025 is proving to be more difficult than ever before. After all, image generation tools are readily accessible in AI products like ChatGPT, and video generation software like Google's Veo 3 is available to the general public.

We're still at a point in the AI-powered internet journey where I'd argue it's still easy enough to tell what's real and what's not. That said, today's AI image and video tools are more powerful than ever, and the scary thing is: this is the worst they'll ever be.

The other day, while browsing Instagram, I stumbled across a new post from France and Real Madrid soccer superstar, Kylian Mbappé. Widely regarded as one of the best players in the world, the image showcased an incredible bicycle kick he had performed in the Club World Cup quarter-final the night before.

The thing is, while the image appeared normal at first glance, a closer inspection revealed some seriously bad editing, or quite possibly AI image generation.

You see, zoom into the crowd watching Mbappé's acrobatics and you'll see a Picasso-esque abstract work of art, people merging into each other, and something more akin to a horror movie than a soccer field. All of the faces blur together like a nightmare.

Initially, I couldn't quite believe that a social media admin for an Instagram account with over 124 million followers would use AI to enhance an image. But then I thought about it some more, and of course, AI has infiltrated the social profiles of public figures. It's everywhere.

A post shared by Kylian Mbappé (@k.mbappe)

A photo posted by on

What's real anymore?

You might be wondering why Kylian Mbappé's social media team used AI to edit this photo in the first place. After all, according to official reports, there were over 76,000 fans in MetLife Stadium for the game.

Since it started a few weeks ago, the FIFA Club World Cup has been plagued with stories of low attendance rates, with one report claiming the tournament had over 1 million empty seats in the group stage alone.

Now, 76,000 is closer to MetLife's 82,500 capacity than some of the other examples of low attendance in the tournament, but considering the terrible photo edits to the crowd, did Mbappé's incredible goal fall into the line of sight of empty seats?

Thinking about the context of the tournament and the badly edited photo, this is the conclusion that I'd feel most comfortable putting forward. After all, sometimes you have to call a spade a spade. Why would anyone play with the crowd capacity other than to fill gaps?

Whether Mbappe's photo was AI-edited or badly edited by a human, the world of photo editing on social media is nothing new. Since the inception of platforms like Facebook and Instagram, we've all had to adapt to the 21st-century way of living, which often includes curating your best angles and happiest moments online.

AI-generated instagram influencer (Image credit: @millasofiafin / Instagram)

In the past, influencers would slim down their waists using apps on their iPhones or by manually editing the photo. Now, AI can do it all with the press of a button. And that's not all, AI-edited photos are only the beginning.

Whether that's fully AI-generated influencers scoring brand deals, AI-generated YouTube channels garnering millions of views and subscribers, or AI beauty pageants, we no longer live in a world where it's easy to tell what's real on social media and what's not. The thing is, have we ever been able to? Or is AI just making it easier than ever before to bend reality to fit a narrative?

As someone who has used multiple AI photo editing tools for testing purposes, I'm fairly confident that Mbappé's terrible editing is the work of artificial intelligence, and most probably Apple's mediocre Clean Up tool.

This clear example of heavily-edited photography shines a light, not only on bad editing, but also on the fact that if bad edits slip through the cracks, there's a high chance most of the posts we see aren't actually rooted in real life.

You might also like

• Can an AI travel agent remove the stress of vacation booking? I tried three to find out
• I tried a ChatGPT prompt that 'unlocks 4o’s full power', and I don’t know why I didn’t try it sooner
• I asked AI to plan the perfect day in London – here’s what it got right and hilariously wrong

Spending time on the internet in 2025 is proving to be more difficult than ever before. After all, image generation tools are readily accessible in AI products like ChatGPT, and video generation software like Google's Veo 3 is available to the general public.

We're still at a point in the AI-powered internet journey where I'd argue it's still easy enough to tell what's real and what's not. That said, today's AI image and video tools are more powerful than ever, and the scary thing is: this is the worst they'll ever be.

The other day, while browsing Instagram, I stumbled across a new post from France and Real Madrid soccer superstar, Kylian Mbappé. Widely regarded as one of the best players in the world, the image showcased an incredible bicycle kick he had performed in the Club World Cup quarter-final the night before.

The thing is, while the image appeared normal at first glance, a closer inspection revealed some seriously bad editing, or quite possibly AI image generation.

You see, zoom into the crowd watching Mbappé's acrobatics and you'll see a Picasso-esque abstract work of art, people merging into each other, and something more akin to a horror movie than a soccer field. All of the faces blur together like a nightmare.

Initially, I couldn't quite believe that a social media admin for an Instagram account with over 124 million followers would use AI to enhance an image. But then I thought about it some more, and of course, AI has infiltrated the social profiles of public figures. It's everywhere.

A post shared by Kylian Mbappé (@k.mbappe)

A photo posted by on

What's real anymore?

You might be wondering why Kylian Mbappé's social media team used AI to edit this photo in the first place. After all, according to official reports, there were over 76,000 fans in MetLife Stadium for the game.

Since it started a few weeks ago, the FIFA Club World Cup has been plagued with stories of low attendance rates, with one report claiming the tournament had over 1 million empty seats in the group stage alone.

Now, 76,000 is closer to MetLife's 82,500 capacity than some of the other examples of low attendance in the tournament, but considering the terrible photo edits to the crowd, did Mbappé's incredible goal fall into the line of sight of empty seats?

Thinking about the context of the tournament and the badly edited photo, this is the conclusion that I'd feel most comfortable putting forward. After all, sometimes you have to call a spade a spade. Why would anyone play with the crowd capacity other than to fill gaps?

Whether Mbappe's photo was AI-edited or badly edited by a human, the world of photo editing on social media is nothing new. Since the inception of platforms like Facebook and Instagram, we've all had to adapt to the 21st-century way of living, which often includes curating your best angles and happiest moments online.

AI-generated instagram influencer (Image credit: @millasofiafin / Instagram)

In the past, influencers would slim down their waists using apps on their iPhones or by manually editing the photo. Now, AI can do it all with the press of a button. And that's not all, AI-edited photos are only the beginning.

Whether that's fully AI-generated influencers scoring brand deals, AI-generated YouTube channels garnering millions of views and subscribers, or AI beauty pageants, we no longer live in a world where it's easy to tell what's real on social media and what's not. The thing is, have we ever been able to? Or is AI just making it easier than ever before to bend reality to fit a narrative?

As someone who has used multiple AI photo editing tools for testing purposes, I'm fairly confident that Mbappé's terrible editing is the work of artificial intelligence, and most probably Apple's mediocre Clean Up tool.

This clear example of heavily-edited photography shines a light, not only on bad editing, but also on the fact that if bad edits slip through the cracks, there's a high chance most of the posts we see aren't actually rooted in real life.

You might also like

• Can an AI travel agent remove the stress of vacation booking? I tried three to find out
• I tried a ChatGPT prompt that 'unlocks 4o’s full power', and I don’t know why I didn’t try it sooner
• I asked AI to plan the perfect day in London – here’s what it got right and hilariously wrong

The UK Public Accounts Committee’s recent report sends a clear and urgent message: cyber threats are evolving faster than defenses can keep up. The digital infrastructure underpinning our critical infrastructure is increasingly exposed—not only due to external threats but because of internal gaps in strategy, capability, and legacy system management.

Replacing outdated technology may be part of the solution, but it’s far from the full picture. We need a fundamental shift in mindset—toward continuous assurance, smarter system design, and a dynamic approach to skills development that anticipates the challenges of tomorrow, not just today.

Beyond ‘build and forget’: cybersecurity as an ongoing commitment

For too long, cybersecurity has followed a static, compliance-driven model—deploy once, tick the box, and move on. In today’s evolving threat landscape, this ‘build and forget’ mentality is no longer viable, if it ever was.

Security must be woven into every stage of design, development, and operations through a Secure by Design approach. With Cyber Physical Systems and enterprise IT environments in constant flux, reassessing security posture regularly ensures defenses remain adaptive and effective.

The UK government has rightly prioritized Secure by Design in its Defending the UK in a Digital World: Cyber Security Strategy 2022–25. Yet, despite this ambition, adoption across sectors remains uneven, with many organizations still relying on outdated risk frameworks and reactive measures—essentially attempting to counter modern threats with legacy solutions.

Cybersecurity must evolve beyond static processes. It requires continuous evaluation, proactive defense, and resilient security strategies to stay ahead of emerging risks.

Legacy systems: balancing risk and progress

Few areas illustrate the tension between innovation and practicality more clearly than legacy systems. Originally built for a different technological landscape, many were air-gapped, manually operated, and completely isolated from external networks—never designed to withstand the level of connectivity and cyber threats seen today.

In pursuit of efficiency and cost reduction, organizations have increasingly networked and remotely managed these systems, often without implementing adequate security safeguards. While this enhances operational flexibility, it also exposes critical infrastructure to new vulnerabilities, opening doors to sophisticated cyber threats.

The solution isn't as simple as replacing old systems outright. The decision to upgrade or extend the life of legacy platforms requires careful cyber risk evaluation, ensuring the right balance of mitigation strategies, isolation measures, and continuous monitoring to maintain security. Organizations must also weigh financial constraints, applying appropriate risk controls to optimize security investments without excessive costs.

Secure by design: a strategic imperative

Secure by Design isn’t just a cybersecurity buzzword—it’s an essential principle for building resilient digital infrastructure. It ensures that an appropriate level of security is built in from the ground up, integrated at every design, development, and operational phase to create adaptable, auditable, and testable systems.

Yet, despite its inclusion in policy frameworks and industry guidelines, implementation is often incomplete or superficial. Many organizations pay lip service to security but fail to embed it across teams and processes, treating it as an isolated function rather than an organizational priority – much like organizations approach health and safety.

Regulation will play a vital role in closing this gap. The upcoming Cyber Security and Resilience Bill is set to improve oversight, enforce stronger standards, and introduce mandatory incident reporting for high-risk sectors. Coupled with enhanced threat intelligence sharing, this legislation could shift cybersecurity strategies from reactive defense to proactive resilience.

Cyber talent: securing the future workforce

Another major challenge in cybersecurity is building a workforce capable of responding to evolving threats. As technology advances, skills become obsolete faster than ever, requiring ongoing investment in cyber capability development.

While direct government hiring plays a role—especially in sensitive security domains—industry partnerships offer a scalable alternative. Specialist organizations, like Thales, are well-positioned to train and upskill professionals through apprenticeships, immersive simulations, and diverse sector exposure, which traditional public-sector roles often lack.

This model provides dual benefits: it equips trainees with experience across various threat scenarios, while also fostering an agile workforce that can quickly adapt to emerging technologies like artificial intelligence and quantum computing. Cybersecurity isn't just about fixing vulnerabilities of the past—it's about anticipating and securing against the threats of the future.

Transparency and collaboration: strengthening cyber resilience

Cybersecurity can no longer be viewed as a standalone issue—threats don’t respect organizational boundaries, and weaknesses in one system can expose an entire network. Transparency, collaboration, and mandatory incident reporting are essential for national security, ensuring vulnerabilities are addressed before they escalate into widespread risks.

Reporting cyber incidents, much like the practice of reporting near misses and accidents in health and safety, strengthens overall resilience. Just as greater visibility has helped organizations reduce safety incidents, increased cyber reporting makes it harder for hackers to exploit gaps, reinforcing defenses before real damage occurs.

The Thales Data Threat Report underscores the growing risks to Critical National Infrastructure (CNI) and highlights the value of compliance—organisations that passed cybersecurity audits had significantly fewer breaches than those that failed. With the Cyber Security and Resilience Bill raising standards, stronger protections for essential infrastructure, including data centers that support AI innovation and national healthcare, will become the norm.

Each unreported cyber-attack is a missed opportunity to refine security strategies. Enhanced visibility into cyber threats improves collective intelligence, allowing organizations to make faster, smarter decisions in the face of emerging risks.

Conclusion: building security for the future

Modern cybersecurity requires more than patching vulnerabilities or checking compliance boxes—it demands a strategic rethink of how systems are designed, maintained, and safeguarded. Understanding how legacy and modern environments interact is key, alongside developing cyber talent that can anticipate and mitigate future risks.

Secure by Design must be the standard, not the exception. With the right balance of policy, proactive security measures, and skilled professionals, organizations can shift from reactive defense to sustainable resilience, ensuring they are prepared for the threats ahead, not just responding to the ones they see today.

We've featured the best endpoint protection software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

The UK Public Accounts Committee’s recent report sends a clear and urgent message: cyber threats are evolving faster than defenses can keep up. The digital infrastructure underpinning our critical infrastructure is increasingly exposed—not only due to external threats but because of internal gaps in strategy, capability, and legacy system management.

Replacing outdated technology may be part of the solution, but it’s far from the full picture. We need a fundamental shift in mindset—toward continuous assurance, smarter system design, and a dynamic approach to skills development that anticipates the challenges of tomorrow, not just today.

Beyond ‘build and forget’: cybersecurity as an ongoing commitment

For too long, cybersecurity has followed a static, compliance-driven model—deploy once, tick the box, and move on. In today’s evolving threat landscape, this ‘build and forget’ mentality is no longer viable, if it ever was.

Security must be woven into every stage of design, development, and operations through a Secure by Design approach. With Cyber Physical Systems and enterprise IT environments in constant flux, reassessing security posture regularly ensures defenses remain adaptive and effective.

The UK government has rightly prioritized Secure by Design in its Defending the UK in a Digital World: Cyber Security Strategy 2022–25. Yet, despite this ambition, adoption across sectors remains uneven, with many organizations still relying on outdated risk frameworks and reactive measures—essentially attempting to counter modern threats with legacy solutions.

Cybersecurity must evolve beyond static processes. It requires continuous evaluation, proactive defense, and resilient security strategies to stay ahead of emerging risks.

Legacy systems: balancing risk and progress

Few areas illustrate the tension between innovation and practicality more clearly than legacy systems. Originally built for a different technological landscape, many were air-gapped, manually operated, and completely isolated from external networks—never designed to withstand the level of connectivity and cyber threats seen today.

In pursuit of efficiency and cost reduction, organizations have increasingly networked and remotely managed these systems, often without implementing adequate security safeguards. While this enhances operational flexibility, it also exposes critical infrastructure to new vulnerabilities, opening doors to sophisticated cyber threats.

The solution isn't as simple as replacing old systems outright. The decision to upgrade or extend the life of legacy platforms requires careful cyber risk evaluation, ensuring the right balance of mitigation strategies, isolation measures, and continuous monitoring to maintain security. Organizations must also weigh financial constraints, applying appropriate risk controls to optimize security investments without excessive costs.

Secure by design: a strategic imperative

Secure by Design isn’t just a cybersecurity buzzword—it’s an essential principle for building resilient digital infrastructure. It ensures that an appropriate level of security is built in from the ground up, integrated at every design, development, and operational phase to create adaptable, auditable, and testable systems.

Yet, despite its inclusion in policy frameworks and industry guidelines, implementation is often incomplete or superficial. Many organizations pay lip service to security but fail to embed it across teams and processes, treating it as an isolated function rather than an organizational priority – much like organizations approach health and safety.

Regulation will play a vital role in closing this gap. The upcoming Cyber Security and Resilience Bill is set to improve oversight, enforce stronger standards, and introduce mandatory incident reporting for high-risk sectors. Coupled with enhanced threat intelligence sharing, this legislation could shift cybersecurity strategies from reactive defense to proactive resilience.

Cyber talent: securing the future workforce

Another major challenge in cybersecurity is building a workforce capable of responding to evolving threats. As technology advances, skills become obsolete faster than ever, requiring ongoing investment in cyber capability development.

While direct government hiring plays a role—especially in sensitive security domains—industry partnerships offer a scalable alternative. Specialist organizations, like Thales, are well-positioned to train and upskill professionals through apprenticeships, immersive simulations, and diverse sector exposure, which traditional public-sector roles often lack.

This model provides dual benefits: it equips trainees with experience across various threat scenarios, while also fostering an agile workforce that can quickly adapt to emerging technologies like artificial intelligence and quantum computing. Cybersecurity isn't just about fixing vulnerabilities of the past—it's about anticipating and securing against the threats of the future.

Transparency and collaboration: strengthening cyber resilience

Cybersecurity can no longer be viewed as a standalone issue—threats don’t respect organizational boundaries, and weaknesses in one system can expose an entire network. Transparency, collaboration, and mandatory incident reporting are essential for national security, ensuring vulnerabilities are addressed before they escalate into widespread risks.

Reporting cyber incidents, much like the practice of reporting near misses and accidents in health and safety, strengthens overall resilience. Just as greater visibility has helped organizations reduce safety incidents, increased cyber reporting makes it harder for hackers to exploit gaps, reinforcing defenses before real damage occurs.

The Thales Data Threat Report underscores the growing risks to Critical National Infrastructure (CNI) and highlights the value of compliance—organisations that passed cybersecurity audits had significantly fewer breaches than those that failed. With the Cyber Security and Resilience Bill raising standards, stronger protections for essential infrastructure, including data centers that support AI innovation and national healthcare, will become the norm.

Each unreported cyber-attack is a missed opportunity to refine security strategies. Enhanced visibility into cyber threats improves collective intelligence, allowing organizations to make faster, smarter decisions in the face of emerging risks.

Conclusion: building security for the future

Modern cybersecurity requires more than patching vulnerabilities or checking compliance boxes—it demands a strategic rethink of how systems are designed, maintained, and safeguarded. Understanding how legacy and modern environments interact is key, alongside developing cyber talent that can anticipate and mitigate future risks.

Secure by Design must be the standard, not the exception. With the right balance of policy, proactive security measures, and skilled professionals, organizations can shift from reactive defense to sustainable resilience, ensuring they are prepared for the threats ahead, not just responding to the ones they see today.

We've featured the best endpoint protection software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

In the world of technology, open source refers to software which is made publicly available, and is free for anyone to use or modify. It is a very popular approach to software development, enabling an open and community engagement to building software projects.

One of the main advantages of open source is transparency, a property that is widely embraced by tech enthusiasts. Open source code means that anyone can inspect the code before usage, meaning that anyone could spot malicious, or broken, code. This is a perfect example of the mantra “Don't trust, verify”, which is popular in various technology spaces.

One of the main drawbacks of open source is considered to be lack of interested involvement from external developers. Many projects typically start with one, or a few, developers – and this base can struggle to grow, leading to a low “bus-factor” (dependency on too few developers) for the majority of open source projects.

This can lead to developer burnout or exhaustion, and can eventually cause the ultimate abandonment of projects. Alongside this, funding can also play a crucial role; many of the most successful projects are backed by some degree of funding from organizations and/or non-profits, effectively supporting developers throughout the time required to maintain the project.

Thankfully, while these issues are very much real there are several examples of successful and pioneering projects in the open source space which have overcome these obstacles. The Linux Foundation is the most prominent example, and there are also some interesting ones in the cryptography space, a field that can particularly benefit from adapting the open source approach. Let’s take a look at some of them individually below.

The Linux Foundation

The most notable example of a successful open source project is the open source development of the Linux Kernel. Originally published in 1991 under a custom license which did not allow commercial usage, this was quickly shifted to an open source-friendly license (GPL), to enable developers to collaborate on the code and ensure wide and free availability of the software.

The open source version which can now be found on Github, is one of the most contributed projects in the history of open source. With over 15,000 contributors, this project has clearly been a huge success. Whilst only ~4% of Desktop computers worldwide are now running Linux, it is still the platform of choice for many computer scientists and cryptographers.

Let’s encrypt

In the cryptography space, a popular example is Let’s Encrypt. Let’s Encrypt is an influential open source certificate authority (CA) which helps enable secure communication via HTTPS over the web. This project was started by the Internet Security Research Group (ISG), which is a small non-profit launched in 2015 and backed by various industry players.

Since their launch in 2015, HTTPS usage on the internet has risen from ~40% to ~90%+ today. This, of course, is not down solely to Let’s encrypt, but their mission to “democratize HTTPS by making SSL/TLS certificates free, automated, and easy to obtain” has clearly had a major impact on this. Today, Let’s Encrypt powers secure communications for millions of sites, APIs, and services and is viewed as a major success in the cryptography space.

Open science

Open science is a similar idea which draws influence from open source. The goal of open science is to make academic publications (as well as any associated source code, data, etc) public and free for anyone to view or build on. Particularly in the cryptography space, this is something that academics tend to view as a must-have for their work: all experiments should be reproducible with available code. The website https://paperswithcode.com/ collects works which open-source their code in the Machine Learning space.

Such an approach can be critical for successful outcomes in science and research. Attempting to build on something “closed” is almost impossible, which may lead researchers to either completely rebuild something from scratch, or giving up entirely.

An additional element that can help promote this collaborative approach is the promotion of platforms like events and conferences that aim to gather experts and researchers and foster exchange. In the world of cryptography - and of Fully Homomorphic Encryption in particular - FHE.org is one such community, hosting regular online meetups and an annual conference to bring together the best and brightest minds.

Looking forward

The next frontier in this space, in my view, is AI. AI is an area showing immense growth over the past few years; there is a tangible improvement in models. OpenAI recently closed the largest funding round in history (40b at a 300b valuation). There is currently an AI-arms race between big-tech firms, and specialized start-ups who are vying to release the best model (Polymarket is currently backing Google, at the time of writing).

Clearly, this is a sector where open source principles could be applied well, with collaboration encouraged to ensure correct management of ethics, as opposed to control by a single organization or board.

We've featured the best encryption software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro