August 01, 2025
Kannan Subbiah
vCxO | IT Governance | Mutual Funds | Independent Director | C|CISO | CGEIT | CISA | FCA
The U.S. Environmental Protection Agency (EPA) identified 97 drinking water systems serving approximately 26.6 million users as having either critical or high-risk cybersecurity vulnerabilities. Water utility leaders are especially worried about ransomware, malware, and phishing attacks. American Water, the largest water and wastewater utility company in the US, experienced a cybersecurity incident that forced the company to shut down some of its systems. That came shortly after a similar incident forced Arkansas City’s water treatment facility to temporarily switch to manual operations. These attacks are not limited to the US. Recently, UK-based Southern Water admitted that criminals had breached its IT systems. In Denmark, hackers targeted the consumer data services of water provider Fanø Vand, resulting in data theft and operational hijack. These incidents show that this is a global risk, and authorities believe they may be the work of foreign actors. ... The EU is taking a serious approach to cybersecurity, with stricter enforcement and long-term investment in essential services. Through the NIS2 Directive, member states are required to follow security standards, report incidents, and coordinate national oversight. These steps are designed to help utilities strengthen their defenses and improve resilience.
Cheap, off-the-shelf language models are erasing the technical hurdles. FraudGPT and WormGPT subscriptions start at roughly $200 per month, promising ‘undetectable’ malware, flawless spear-phishing prose, and step-by-step exploit guidance. An aspiring criminal no longer needs the technical knowledge to tweak GitHub proof-of-concepts. They paste a prompt such as ‘Write a PowerShell loader that evades EDR’ and receive usable code in seconds. ... Researchers pushed the envelope further with ReaperAI and AutoAttacker, proof-of-concept ‘agentic’ systems that chain LLM reasoning with vulnerability scanners and exploit libraries. In controlled tests, they breached outdated Web servers, deployed ransomware, and negotiated payment over Tor, without human input once launched. Fully automated cyberattacks are just around the corner. ... Core defensive practice now revolves around four themes. First, reducing the attack surface through relentless automated patching. Second, assuming breach via Zero-Trust segmentation and immutable off-line backups that neuter double-extortion leverage. Third, hardening identity with universal multi-factor authentication (MFA) and phishing-resistant authentication. Finally, exercising incident-response plans with table-top and red-team drills that mirror AI-assisted adversaries.
NVIDIA Omniverse on Azure allows for building and seamlessly integrating advanced simulation and generative AI into existing 3D workflows. This cloud-based platform includes APIs and services enabling developers to easily integrate OpenUSD, as well as other sensor and rendering applications. OpenUSD’s capabilities accelerate workflows, teams, and projects when creating 3D assets and environments for large-scale, AI-enabled virtual worlds. The Omniverse Development Workstation on Azure accelerates the process of building Omniverse apps and tools, removing the time and complexity of configuring individual software packages and GPU drivers. With NVIDIA Omniverse on Azure and OpenUSD, marketing teams can create ultra-realistic 3D product previews and environments so that customers can explore a retailer’s products in an engaging and informative way. The platform also can deliver immersive augmented and virtual reality experiences for customers, such as virtually test-driving a car or seeing how new furniture pieces would look in an existing space. For retailers, NVIDIA Omniverse can help create digital twins of stores or in-store displays to simulate and evaluate different layouts to optimize how customers interact with them.
Emerging data privacy regulations, coupled with escalating cybersecurity risks, are flipping the script. Organisations can no longer afford to treat deletion as an afterthought. From compliance violations to breach fallout, retaining data beyond its lifecycle has a real downside. Many organisations still don’t have a reliable, scalable way to delete data. Policies may exist on paper, but consistent execution across environments, from cloud storage to aging legacy systems, is rare. That gap is no longer sustainable. In fact, failing to delete data when legally required is quickly becoming a regulatory, security, and reputational risk. ... From a cybersecurity perspective, every byte of retained data is a potential breach exposure. In many recent cases, post-incident investigations have uncovered massive amounts of sensitive data that should have been deleted, turning routine breaches into high-stakes regulatory events. But beyond the legal risks, excess data carries hidden operational costs. ... Most CISOs, privacy officers, and IT leaders understand the risks. But deletion is difficult to operationalise. Data lives across multiple systems, formats, and departments. Some repositories are outdated or no longer supported. Others are siloed or partially controlled by third parties. And in many cases, existing tools lack the integration or governance controls needed to automate deletion at scale.
IT teams need to look for flexible, agnostic workspace management solutions that can respond to whether endpoints are running Windows 11, MacOS, ChromeOS, virtual desktops, or cloud PCs. They want to future proof their endpoint investments, knowing that their workspace management must be highly adaptable as business requirements change. To support this disparate endpoint estate, DEX solutions have come to the forefront as they have evolved from a one-off tool for monitoring employee experience to an integrated platform by which administrators can manage endpoints, security tools, and performance remediation. ... In the composite environment IT has the challenge of securing workflows across the endpoint estate, regardless of delivery platform, and doing so without interfering with the employee experience. As the number of both installed and SaaS applications grows, IT teams can leverage automation to streamline patching and other security updates and to monitor SaaS credentials effectively. Automation becomes invaluable in operational efficiency across an increasingly complex application landscape. Another security challenge is the existence of ‘Shadow SaaS’ in which employees, like shadow IT/AI, use unsanctioned tools they believe will help productivity.
Effective identity investigations start with asking the right questions and not merely responding to alerts. Security teams need to look deeper: Is this login location normal for the user? Is the device consistent with their normal configuration? Is the action standard for their role? Are there anomalies between systems? These questions create necessary context, enabling defenders to differentiate between standard deviations and hostile activity. Without that investigative attitude, security teams might pursue false positives or overlook actual threats. By structuring identity events with focused, behavior-based questions, analysts can get to the heart of the activity and react with accuracy and confidence. ... Identity theft often hides in plain sight, flourishing in the ordinary gaps between expected and actual behavior. Its deception lies in normalcy, where activity at the surface appears authentic but deviates quietly from established patterns. That’s why trust in a multi-source approach to truth is essential. Connecting insights from network traffic, authentication logs, application access, email interactions, and external integrations can help teams build a context-aware, layered picture of every user. This blended view helps uncover subtle discrepancies, confirm anomalies, and shed light on threats that routine detection will otherwise overlook, minimizing false positives and revealing actual risks.