In the wake of a major series of new US and Israel-led attacks on Iran and subsequent retaliatory strikes on Gulf states including Bahrain, Kuwait and the UAE, the UK’s National Cyber Security Centre (NCSC) has reassured British organisations that there is likely no significant change in the direct cyber threat posed by Iranian actors.
But that despite the attacks, Iranian state threat actors likely retain some ability to conduct cyber attacks, and more widely, there is a risk of collateral impacts – such as distributed denial of service (DDoS) attacks – originating from hacktivist groups sympathetic to Iran.
And, as the spreading conflict threatens to draw in the UK, the GCHQ-backed cyber agency said it this assessment was subject to change at short notice, and there was almost certainly a heightened risk of indirect cyber threat for any UK organisations with a presence in the Middle East.
“In light of rapidly evolving events in the Middle East, it is critical that all UK organisations remain alert to the potential risk of cyber compromise, particularly those with assets or supply chains that are in areas of regional tensions,” said NCSC director for national resilience, Jonathon Ellison.
“Today, the National Cyber Security Centre has published an alert outlining the current cyber threat to the UK and the practical steps organisations should take in response.
“This includes engaging with our guidance to reduce the likelihood of falling victim to an attack where the cyber risk is heightened, and how critical national infrastructure organisations can prepare for and respond to severe cyber threats.
“Organisations are strongly encouraged to act now, following the recommended actions to prioritise and strengthen their cyber security posture,” said Ellison.
Global conflict
Although no European states have taken part in the initial strikes, Dennis Calderone, principal and chief technology officer (CTO) at Suzu Labs, said that European organisations still needed to pay attention.
“Iran’s cyber operations don’t stop at US borders, and the proxy groups operating on Iran’s behalf are even less predictable in their targeting,” said Calderone. “When the motivation is retaliation and the conventional military is gone, cyber operators cast a wide net.
“Since it appears that conventional military options are looking increasingly to be off the table, cyber is what Iran has left,” he added.
“And even with their own internet down, pre-positioned implants and operators based outside Iran can still execute. If you’re in energy, water, financial services, or defense, assume you’re a target. Start hunting for anomalous access in your environment now. Don’t wait for something to break.”
James Turgal, vice president of global cyber risk and board relations at Optiv, said that over the next 30 daysor so, there will likely be a surge of cyber activity linked to Iran, including website defacements, DDoS attacks, doxxing and leaks, and disruptive intrusions designed to create symbolic impact and public fear. This will likely include influence operations.
Threat actors will likely opportunistically exploit vulnerabilities in unpatched, internet-facing systems, and take advantage of other cyber weaknesses, such as exposed VPNs, and badly-secured operational technology (OT) or industrial control systems (ICS).
Within 72 hours, at-risk organisations should move to lock down internet-facing exposures, verify they are patched and up-to-date, have removed or limited unnecessary remote admin surfaces, rotated any exposed credentials, and validated multifactor authentication on any remote devices, said Turgal. CNI operators should also review their OT and ICS segmentation and monitoring.
More widely, security leaders should take steps to protect user identities against potential intrusion, and ensure their infrastructure is hardened against DDoS attacks.
Blended threat
Halcyon’s Cynthia Kaiser – who was previously deputy assistant director of the FBI’s cyber division, said she was already seeing increased activity in the Middle East, and calls to action from hacktivists, DDoS botnet operators, and ransomware gangs.
“Iran has a long track record of using cyber operations to retaliate against perceived political slights…. Tehran’s cyber playbook has been aggressive and evolving,” she said.
“Increasingly, ransomware is incorporated into these escalating operations. Last year, an Iranian national pleaded guilty to ransomware attacks that crippled Baltimore and other US municipalities, causing tens of millions in damages. Since at least 2017, Iranian operators have targeted US critical infrastructure … with ransomware campaigns that blur the line between criminal extortion and state-sponsored sabotage.”
In practice, Kaiser explained, Iranian cyber ops blend state sponsorship, personal profiteering, and outright criminal behaviour. For example, she said, financially-motivated hackers may attempt to monetise access gained through government-funded campaigns.
Like Moscow, she added, Tehran turns a blind – or at least indifferent – eye to criminal cyber ops against shared enemies such as the US, Israel and their regional allies.
“Having access to cyber criminals gives the government options. As Iran considers its response to US and Israeli military actions, it is likely to activate any of these cyber actors if it believes their operations can deliver a meaningful retaliatory impact,” said Kaiser.
It’s always pleasing to see an array of physical buttons, and you get sizable ones too. You’re not going to miss these wide flat ones even when picking the pace up. The silicone strap has a nice stretch to it and while the button clasp is a bit awkward to get into place, this watch does not budge.
Suunto has jumped on the flashlight trend, with an LED light strip sat on the front of the case. You can adjust brightness levels and there’s SOS and alert modes to emit a very noticeable pulsating light pattern. This is a light I found useful rooting around indoors as well as on nighttime outings.
The biggest change is the introduction of a 1.5-inch, 466 x 466 AMOLED display. This replaces the dull, albeit very visible, memory-in-pixel (MIP) display. Suunto also ditched the solar charging that did require spending a significant amount of time outside to reap its battery benefits.
Adding AMOLED screens to outdoor watches has been contentious. The older MIP displays are just more power-efficient. The Vertical 2 is down by about 10 days from the older Vertical for what Suunto calls daily use.
Still, even if you’re putting its tracking and mapping features to use, you’re not going to be reaching for the charger every few days. After two hours of tracking in optimal GPS mode, the battery only dropped by 2 to 3 percent. The battery drop outside of tracking is also small and the standby performance is excellent as well.
Software Updates
Photograph: Michael Sawh
A more streamlined set of smartwatch features helps reserve battery for when it really matters. Unfortunately, I probably got better battery life because you don’t get phone notifications or responses if it’s paired to an iPhone instead of an Android. There’s also no onboard music player, but you do get a pretty slick set of music playback controls that are accessible during tracking.
Over the past few years, edge artificial intelligence (AI) has quickly transformed from a niche technology to a vital and strategic necessity. This is mainly because it helps resolve or minimise some of the key bottlenecks of traditional cloud-based AI. These include data volume, latency, privacy and cost, among others, while allowing companies to make instant decisions to keep up with modern and increasingly automated operations.
As a result, the deployment of edge AI is no longer only a technical architecture choice, but one that is actively reshaping risk, cost, compliance and responsibility for enterprises. Businesses are increasingly choosing to store sensitive information mainly on local networks, instead of relying on cloud providers, which has further driven the growth of edge AI.
Rather than asking whether or not to adopt edge AI, the crucial question for most companies is how to do so without creating new security, cost and governance issues. As a relatively new technology still, several companies risk implementing edge AI simply to jump on the AI bandwagon, without being fully aware of which situations can most benefit from it.
“Edge AI attracts a lot of enthusiasm because it enables real-time, autonomous decisions. However, the real danger is a false sense of technological maturity,” notes Michaël Bikard, professor of strategy at the Insead business school. “Edge AI can work well locally while producing fragile outcomes at the system level. Historically, that’s when failures occur. Not because the technology fails, but because it is trusted too early, before institutions, organisations and governance are ready.”
As such, understanding the consequences of edge AI deployment is paramount to deciding long-term strategy.
Why businesses are moving from cloud-first to hybrid
Businesses are increasingly choosing a more hybrid AI approach over a cloud-first strategy, driven mainly by larger and more complex AI workloads. Many firms have also been disappointed by the savings achieved by adopting a full public cloud strategy, instead being faced with sharply surging operational costs.
These costs, exacerbated by data-heavy applications, mainly arose from moving large datasets to and from the cloud and between providers. Surprise fees and unpredictable bills have further strained IT budgets and complicated budgeting and forecasts.
Edge AI attracts a lot of enthusiasm because it enables real-time, autonomous decisions. However, the real danger is a false sense of technological maturity Michaël Bikard, Insead
On the other hand, with edge AI, companies can run stable and predictable workloads on-premise much cheaper than in the cloud.
Latency is another overarching concern. Edge AI can often be better than the cloud to minimise latency for applications which need real-time, high-speed processing. These include operational control systems and local analytics, among others.
In highly regulated industries such as finance and healthcare, some data may only be stored within certain jurisdictions, which has further driven the shift to edge AI or on-premise solutions.
Major, single cloud providers can also come with supplier lock-ins, while multicloud environments are increasingly complicated to manage, also leading to hybrid approaches.
A hybrid strategy lets companies use public cloud to train and update applications which need to scale fast, while keeping high-volume, sensitive or stable data on-premise. This allows organisations to balance agility, cost efficiency and operational resilience, especially in a global context where real-time intelligence is increasingly valuable.
Edge AI business drivers: What’s real and what’s noise
At present, most businesses using edge AI have adopted the technology due to practical operational needs. Successful deployments have focused on solving specific, cloud-only limitations, rather than trying to overhaul entire company tech infrastructures.
The need for real-time decision-making has primarily driven edge AI adoption, especially in sectors like infrastructure, logistics, manufacturing and transport. This is especially as latency can have far-reaching operational and financial consequences, which the technology can help significantly in cutting down.
Applying edge AI to these sectors helps companies process data closer to where it is generated, which enables them to react faster during times of lost central connectivity.
The technology also helps organisations dealing with sensitive data stay legally and financially compliant in jurisdictions with especially strict data storage laws.
For companies working on critical operations, edge AI can greatly improve operational resilience by making sure that data and intelligence are distributed throughout a number of locations. This helps reduce dependence on centralised systems, which in turn decreases the impact of outages.
However, some business drivers are vastly overestimated when it comes to influencing the need to implement edge AI. The biggest of these is short-term cost savings. Edge AI can certainly cut down on transfer and cloud data consumption costs in the long-run.
However, it initially needs significant capital expenditure, mainly in the form of hardware device upgrades. There are also ongoing maintenance, monitoring and software update costs following implementation. In some cases, integration with legacy systems may be slower than expected and businesses may have to hire specialised labour as well. Edge AI systems also use considerable amounts of power, leading to higher energy bills.
These factors can all cause costs to be higher in the first few months, requiring businesses to have a long-term view when it comes to seeing strategic benefits from edge AI.
Another notion that is often overestimated is edge AI being able to deliver anything like “super-intelligence”, by running huge, complicated models like datacentre graphics processing units. However, given current computing and power restrictions in most cases, this scenario is highly unlikely at the moment.
Similarly, expectations of businesses being able to switch entirely to edge AI, instead of a hybrid approach, are also unrealistic, mainly because of practical deployment, integration and maintenance limitations across various locations.
How edge AI is changing security, governance and ownership
As edge AI becomes more embedded in hybrid business tech strategies, risk management, enterprise security and governance are also changing, moving away from centralised IT control. These areas are now being shaped by local operational teams taking increasingly autonomous decisions, factoring in the real-time conditions of critical physical infrastructure.
Rising edge AI usage could heighten security concerns as well, as it widens organisational attack surfaces through multiple distributed devices and infrastructure. These then need to be protected, monitored and updated equally, following a set of standard guidelines, despite each of them presenting their own unique limitations.
AI systems can perform exceptionally well under conditions similar to their training data, yet fail abruptly under rare, extreme, or novel scenarios – precisely the situations that matter most in critical infrastructure Florian Stahl, Mannheim Business School
“AI systems can perform exceptionally well under conditions similar to their training data, yet fail abruptly under rare, extreme, or novel scenarios – precisely the situations that matter most in critical infrastructure,” remarks Florian Stahl, chair of quantitative marketing and consumer analytics at Mannheim Business School.
Patch management can pose more issues with edge AI as well, with thousands of endpoints and vulnerabilities causing potential delays and discrepancies in maintenance.
With edge AI being all about local deployments, more questions around version control, oversight and audit issues can arise. This means that companies may need to maintain more in-depth and regular records about data inputs, decision-making processes and operational factors. Highly regulated industries may especially demand evidence trails and seek greater accountability, which can impact company reputations and licences.
“Real-time AI systems, particularly those based on machine learning, often operate as ‘black boxes’, making it difficult to explain or audit decisions when failures occur. This lack of transparency is problematic in infrastructures where accountability and post-incident analysis are essential,” Stahl adds.
As autonomous decisions taken locally can have very real financial, safety and compliance consequences, businesses may be compelled to take accountability far more seriously if they choose to use edge AI.
Senior leadership may also need to adapt centralised organisational and governance models to a more distributed intelligence strategy, all while keeping costs low.
These factors have led to edge AI becoming a structural change just as much as a technical one, impacting how and where decisions are taken, how risk is evaluated and overall accountability.
What leaders should consider before implementing edge AI
Given the considerable initial investment required by most edge AI models, leaders should prioritise long-term strategic impact, rather than the hype of the latest technology. This means that while evaluating company-readiness, apart from timing, the potential scope of the intended edge AI model is paramount.
The biggest factor to consider is which processes or systems are most likely to benefit from using edge AI first and which can wait for a few more months. Ideally, businesses should prioritise any processes where latency, operational risk and data locality are most critical. By doing this, organisations can spread out costs while testing new deployments in a relatively lower-risk manner.
“Importantly, organisations should evaluate AI deployments not only through efficiency metrics, but also through risk-adjusted performance indicators, recognising that marginal efficiency gains are rarely justified if they introduce disproportionate systemic or ethical risks,” Stahl advises.
The next question is: to scale or not to scale? In several cases, a pilot edge AI deployment is either enough for the short-term, does not deliver the expected results, or highlights many hidden costs and operational issues.
In these cases, decision-makers need to evaluate whether it is worth taking the risk to scale, which will need more investment, specialised skills and manpower.
However, knowing when not to use edge AI, and when it could cause more harm than good, is equally important for businesses. This is primarily in cases where data volumes are still low, latency is not crucial, or the company does not have the means to appropriately handle several distributed endpoints.
“Edge AI should not be deployed in sectors where use cases are broad, stakes are high, and the consequences of errors are poorly understood,” Insead’s Bikard states. “That combination usually signals a timing problem rather than a technological one. In open, highly interconnected environments, even small mistakes can cascade before organisations have time to respond.”
In such cases, exercising strategic restraint is far more instrumental to long-term value.
From tech choice to organisational shift
Ultimately, implementing edge AI models should be primarily focused on delivering long-term, strategic value, rather than a trend-based decision. This is especially true if latency and real-time data analysis pose real risks. Businesses need to consider that edge AI use is likely to reshape everything from cost structures and decision-making to autonomy and risk, and prepare accordingly.
“There are real potential gains from using AI for predictive maintenance, but those gains rarely come from the technology alone. For AI to pay off, the surrounding organisation – its incentives, culture, structures and skills – must also adapt. Predictions only create value if people are empowered to act on them,” Bikard concludes.
Enterprises that treat edge AI as an entire operational shift, rather than an independent feature to be tacked onto legacy systems, will inevitably be able to take advantage of it better in the long run.
Police do not have to give a lawyer who was stopped, questioned and had his work mobile phone seized for forensic examination reasons for their actions, the UK’s high court has ruled.
The decision means that lawyers can be subject to counter-terrorism powers and have their privileged communications extracted and examined by the state, without having the right to know the case against them, said advocacy group Cage.
Fahad Ansari, who acts for Hamas in a legal appeal to have its proscribed status in the UK overturned, was stopped by police under Schedule 7 of the terrorist act while returning from holiday with his family last year.
The case is believed to be the first targeted use of Schedule 7 powers, which allow police to stop and question people and seize their electronic devices without the need for suspicion, against a practising solicitor.
The high court ruled on 4 March that police may present evidence about the reasons stopping Ansari in a closed court in front of a special advocate without Ansari or his lawyers being present – preventing Ansari or his legal team from learning the reasons why he was stopped.
Lawyers for Ansari argued the lawyer was entitled to be given a sufficient “gist” of the police’s case against him to enable him to disprove the police’s case, even if doing so would be damaging to national security.
Privileged material
Hugh Southey KC told the court in October 2025 that Ansari’s work phone contained data going back 15 years, including privileged material relating to his clients, and that any data extracted by the police should be deleted.
Ansari, an Irish citizen, argues that he was unlawfully stopped, detained and questioned under Schedule 7 of the Terrorism Act when he disembarked from a ferry with his family at Holyhead after visiting relatives in Ireland in August 2025.
The court was told last year that the phone contains details of at least 3,000 contacts, voice notes, memos, case papers, search terms and metadata, the overwhelming proportion of which is likely to be legally protected.
Justice Chamberlian found in a judgment published today the question was not whether any allegations made against Ansari by police in closed hearings were true, but whether police had a lawful basis for stopping and searching the lawyer at the time the search was carried out.
He found in a 15-page ruling that the use of Schedule 7 powers against Ansari to question him and seize his phone does not require any allegation to have been made against him, and that the seizure and retention of his personal information does not affect Ansari’s legal position.
The judge found that there were “substantial protections” in place to protect the integrity of legally privileged information, and that even if legally privileged material could be used against third parties, which it could not, they would enjoy the “full panoply of procedural rights”.
Ansari said he handed over the password to his phone after police warned him that to fail to do so would be an arrestable offence. He said that police also questioned him about Palestine Action, a direct action protest group that was proscribed under the Terrorism Act 2000, though Ansari has no connection with the group.
South Wales Police, which is responsible for counter-terrorism in Wales, has denied that Ansari was stopped because of his political views, and maintains that asking him questions about proscribed organisations is not unlawful.
Ansari, a registered freelance solicitor, became consultant at Duncan Lewis Solicitors, where he specialises in national security and complex human rights cases, after training at Fisher Meredith LLP and Birnberg Peirce.
Speaking after the judgement, Ansari said he would challenge the judge’s order that the police should not disclose their reasons for stopping him in open court.
“Seven months on, I remain in the dark about why counter-terrorism police detained and interrogated me and continue to examine the contents of my work phone,” he added. “I am exploring all options to challenge this dangerous precedent.”
Commenting on the case, Anas Mustapha, head of public advocacy at Cage, said that allowing secret evidence was a “thin end of the wedge” that could undermine justice. “Once courts accept that the state can accuse someone without revealing the accusation, the foundations of justice begin to collapse,” he added.
“The legal profession now faces a serious question: whether it will continue to accommodate secret courts through mechanisms like the special advocate system, or whether it will begin the difficult work of rolling back a process that has steadily eroded open justice for more than two decades,” said Mustapha.
Politics1 week ago
Fashion7 days ago
Fashion6 days ago
Sports6 days ago