The Sans Institute, one of the world’s pre-eminent cyber security certification and training bodies, is to play a key role in the annual Nato Cooperative Cyber Defence Centre of Excellence (CCDCOE) Locked Shields exercise, held in Tallinn, Estonia, through the provision of a fully functional power generation system that participating teams will attempt to defend during the game.
This year marks the 16th running of the Locked Shields live fire security defence exercise, which unites blue teams from across Nato’s 32 member states, as well as other allies and observers.
This year, however, Sans has been entrusted with the task of building a genuine, operational cyber range, as opposed to creating a simulation. It is using real industrial control systems (ICSs) and physical equipment that 16 teams of defenders will have to protect while under live cyber attack, with the decisions they make having an immediate physical impact on a national-scale power grid.
Nato and Sans said the aim of the game is to close the gap between sandboxed, classroom-based cyber security training and real-world operational readiness, which, amid the cyber dimension to the energy crisis precipitated by the war in Iran and spillover from the ongoing war in Ukraine, has never been more important.
“We are putting teams in an environment where cyber decisions directly impact physical operations,” said Felix Schallock, who leads the initiative at the Sans Institute. “If you lose visibility, if you lose control, the power generation can be affected. That’s the reality operators face every day. That’s what we’re training for.”
Nato CCDCOE director Tõnis Saar added: “Locked Shields is a technically advanced exercise that challenges participants to defend the critical infrastructure systems modern societies depend on. As much of this critical infrastructure is owned and operated by the private sector, strong public-private collaboration is essential. Industry partners such as Sans Institute play a vital role in making the exercise as realistic and impactful as possible.”
Hybrid architecture
The Sans Institute’s cyber range comprises close to 70 physical ICS devices, with programmable logic controllers (PLCs), human-machine interfaces (HMIs), operator and engineering workstations, 100 virtual machines (VMs) and interconnected systems within the wider CCDCOE environment, all supported by live network infrastructure, the whole forming a hybrid information and operational technology (IT/OT) architecture.
During the exercise, blue teamers will be set the task of defending the “energy provider” while coming under sustained attack from opposing red teams.
The goal is to effectively demonstrate how maintaining a reliable generation system isn’t some metric on a scorecard, but rather the core mission, so success will entail more than just spotting and arresting threats – it will also demand operational discipline, maintaining uninterrupted power generation, preserving comms between IT and OT networks, guaranteeing visibility and control of ICS technology, and avoiding any destabilising disruptions.
The people defending our critical infrastructure deserve training that takes the threat as seriously as they do James Lyne, Sans Institute
Actions will be visible, rippling through the systems in real time, so participants won’t just see alerts, they will see turbines being throttled, breakers being opened or closed, and generation capacity being affected. As such, failure will be immediate and visible – missteps will degrade system performance, disrupt or halt power generation, or simulate national-level consequences.
Tim Conway, Sans Institute fellow and ICS curriculum lead, explained: “We’re showing teams how to defend infrastructure that can’t simply be rebooted or patched on the fly. You have to think like an operator, not just a defender. That mindset shift is what makes this environment so powerful.”
Sans Institute CEO James Lyne expressed great pride in what the Sans team has built for Locked Shields this year. “The scenarios these critical initiatives prepare for are playing out in the world – national espionage, cyber integrated to kinetic attacks and warfare, and retaliation attacks,” he said.
“Throw in AI or machine speed attackers and the need for defenders to adapt, and you have the most disruptive period in cyber security in 20 years. We are privileged to help our allies be ready and continuously improving to secure the future. The people defending our critical infrastructure deserve training that takes the threat as seriously as they do,” he added.
Schallock said the exercise was about preparing teams for protecting the systems that matter most. “Cyber security training must reflect the environment defenders are protecting. We’re not just teaching cyber security, we’re showing how to defend a nation’s infrastructure when it counts.”
The Ember Smart Mug 2 is niche, but it has a loyal following. Even though we think there are better mug warmers on the market, Ember is like Apple AirPods or Kleenex. People want what they want. Right now, for Mother’s Day, the Ember Smart Mug 2 is on sale for just under $100, a 30 percent discount and a match of the very best price we’ve tracked. You can save at Amazon, Best Buy, and the manufacturer’s website.
This smart mug is probably overkill. It has a smartphone app that notifies you when your coffee reaches the ideal temperature, and its onboard light also provides a visual indicator that your brew is ready. It intelligently adjusts power usage to keep your drink warm when you’re nearby, and turns off when you’re not around. The self-heating mug is on sale in a few variations—10 or 14 ounces, in blue, white, black, and purple.
The mug offers up to 80 minutes of powered heating time, or you can pop it on the included charging coaster to keep the battery going all day. And you don’t need the smartphone app unless you want to precisely dictate your coffee temperature—the mug defaults to 135 degrees Fahrenheit without your specific input.
Our main gripe is that this proprietary warming system is not dishwasher safe. You need to hand-wash each component, and ensure you do so carefully, because the items are not cheap to replace. But if Mom has been putzing around the house drinking perpetually microwaved coffee, perhaps an upgrade is in order. We have additional recommendations in our guide to the Best Coffee Warmers. You may also want to check our related stories on the Best Espresso Machines, Best Coffee Machines, and Best Pod Coffee Makers.
Google DeepMind’s AlphaFold has already revolutionized scientists’ understanding of proteins. Now, the ability of the platform to design safe and effective drugs is about to be put to the test.
Isomorphic Labs, the UK-based biotech spinoff of Google DeepMind, will soon begin human trials of drugs designed by its Nobel Prize–winning AI technology. “We’re gearing up to go into the clinic,” Isomorphic Labs president Max Jaderberg said on April 16 at WIRED Health in London. “It’s going to be a very exciting moment as we go into clinical trials and start seeing the efficacy of these molecules.”
Jaderberg did not elaborate on the timeline, but it’s later than the company had planned to initiate human studies. Last year, CEO Demis Hassabis said it would have AI-designed drugs in clinical trials by the end of 2025.
Isomorphic Labs was founded in 2021 as a spinoff from Alphabet’s AI research subsidiary, Google DeepMind. The company uses DeepMind’s AlphaFold, a groundbreaking AI platform that predicts protein structures, for drug discovery.
Built from 20 different amino acids, proteins are essential for all living organisms. Long strings of amino acids link together and fold up to make a protein’s three-dimensional structure, which dictates the protein’s function. Researchers had tried to predict protein structures since the 1970s, but this was a painstaking process given the astronomically high number of possible shapes a protein chain can take.
That changed in 2020, when DeepMind’s Hassabis and John Jumper presented stunning results from AlphaFold 2, which uses deep-learning techniques. A year later, the company released an open-source version of AlphaFold available to anyone.
In 2024, DeepMind and Isomorphic Labs released AlphaFold 3, which advanced scientists’ understanding of proteins even further. It moved beyond modeling proteins in isolation to predicting other important molecules, such as DNA and RNA, and their interactions with proteins.
“This is exactly what you need for drug discovery: You need to see how a small molecule is going to bind to a drug, how strongly, and also what else it might bind to,” Hassabis told WIRED at the time.
Since its release, the AlphaFold platform has been able to predict the structure of virtually all the 200 million proteins known to researchers and has been used by more than 2 million people from 190 countries. The breakthrough earned Hassabis and Jumper the Nobel Prize for chemistry in 2024, with the Nobel committee noting that AlphaFold has enabled a number of scientific applications, including a better understanding of antibiotic resistance and the creation of images of enzymes that can decompose plastic.
Earlier this year, Isomorphic Labs announced an even more powerful tool, what it calls IsoDDE, its proprietary drug-design engine. In a technical paper, the company touts that the platform more than doubles the accuracy of AlphaFold 3.
The startup has formed partnerships with Eli Lilly and Novartis to work together on AI drug discovery and is also advancing its own “broad and exciting pipeline of new medicines” in oncology and immunology, Jaderberg said.
“The exciting thing about the molecules that we’re designing is because we have so much more of an understanding about how these molecules work, we’ve engineered them to be very, very potent,” Jaderberg told the audience at WIRED Health. “You can take them at a much lower dose, and they’ll have lower side effects, off target effects.”
Last year, Isomorphic appointed a chief medical officer and announced it had raised $600 million in its first funding round to gear up for clinical trials. Meanwhile, the company has been building a clinical development team. Its mission is to “solve all disease.”
“It’s a crazy mission,” Jaderberg said. “But we really mean it. We say it with a straight face, because we believe this should be possible.”
Security leaders should be turning offensive AI cyber tools on their own systems before threat actors do, exploiting the innate defenders’ advantage to attain the high ground and increase their chances of withstanding a cyber attack.
So says Yinon Costica, co-founder of Google-owned Wiz, who, speaking at Google Cloud Next in Las Vegas, argued that defenders can win against attackers by using AI to exploit an advantage that may not appear obvious at first glance, that of context.
“The same AI model can obviously produce very different results based on the context that we feed into it,” said Costica. “Now, attackers hopefully have much less context about us while as defenders we do have a lot of context about our environments that we can share with the model.
“If, as defenders, we take the first movers’ advantage and we use the AI against ourselves, with the context we have, we actually stand a chance to win…. But we need to act fast,” he said.
“We need to start using AI against ourselves as much as possible, whether it’s to scan attack surfaces, scan code, scan anything, in order to be the first one to see the results and not to wait for the bad guys to do it before us.”
As speed becomes ever more of the essence in cyber security, Costica conceded that this would be a challenge for defenders – but noted that the tools to do this are rapidly becoming available. To try to help, Wiz unveiled three new AI agents at Google Cloud Next – red, green and blue – which are named for the human cyber teams they are designed to help.
“What agents allow us to do is really to get to the next level of acceleration [and] automation of security work,” said Costica.
The red agent is designed to assist red team penetration testing work by probing deep into its owners’ IT estate, identifying potential exposures, such as application programming interfaces (APIs), end-of-life edge networking kit or operational technology (OT) assets, and runs penetration tests on them. The green agent follows on by automating the triage process, something that can take ages for humans. Finally, the blue agent acts as a detective, doing the investigative work that can also be a lengthy process for human teams.
“These three agents together form a layer that is autonomous and automated. Its not revolutionary in that it aligns closely to how security teams have been working for many years, but now it allows each team to automate their workflows,” said Costica.
“It’s like living in the future in the eyes of security teams because it means that from the moment they find a risk, they can automate the process to find who owns it and deliver the code fix to complete and redeploy to production.”
A little over a month on from the closure of the $32bn acquisition of Wiz – Google’s largest purchase to date – the two organisations reaffirmed their commitment to providing a unified security platform, retaining Wiz’s brand, that will enhance the speed with which customers detect, prevent and respond to threats, especially emerging ones created using AI.
They duo also claim their combined capability will accelerate adoption of multicloud security and spur more confidence in innovation around cloud and AI. Wiz’s products are also to continue to be made available across other platforms, including Amazon Web Services (AWS), Microsoft Azure and Oracle Cloud. It also announced support for Databricks and agent studios like AWS Agentcore, Microsoft Azure Copilot Studio, and Salesforce Agentforce, as well as Gemini Enterprise Agent Platform of course, and continues to support security ecosystems with integrations to the outer layer of the cloud, including Google Cloud Apigee, Cloudflare AI Security for Apps, and the Vercel platform.
Behind the scenes, Wiz has also updated how it integrates security detections from Wiz Defend with Google Security Operations and Mandiant Threat Defence to make life easier for human analysts.
And it announced new capabilities to secure the AI-native deployment cycle. These include scanning vibe coded applications for issues; AI-generated code scanning and vulnerability remediation; agent-based remediation allowing teams to automate remediation workflows; and an AI bill of materials (AI-BOM) to keep on top of the use of shadow AI for coding.
Fashion1 week ago
Tech1 week ago
Sports5 days ago
Sports1 week ago
Sports5 days ago
Tech1 week ago
Entertainment4 days ago