Critical infrastructure teams have spent years guarding industrial systems, but a different weak spot is now wide open. Everyday tools like SharePoint, Teams, Gmail, Slack, Google Drive, and file servers have quietly grown into massive, unmanaged spaces holding sensitive data.

How the sprawl happens
People create sites, folders, and chat channels without any real checks. Vendors get shared links. HR uploads forms. Engineers drop SCADA plans next to general documents. Over time, this creates petabytes of untracked content with no real monitoring or cleanup.

What attackers find inside
These platforms now hold designs, maps, contracts, payroll data, legal records, passwords, audit files, access details, and more. Nation-state groups, including Volt Typhoon, favor using the same systems employees use. They do not need to break OT first — they hunt through shared drives and chat logs to learn how everything works.

AI makes it worse
Attackers can now use AI tools to scan, sort, and exploit unstructured files faster than humans can react. What used to take weeks can take minutes.

Main message
If collaboration platforms stay unmanaged, even strong OT defenses will not stop a breach. Data sprawl is no longer background noise — it is a direct path to disruption.

Hospitals and clinics are facing cyber threats that now harm real patients, not just computer systems. A new report shows that most attacks slow or disrupt medical care, and in some cases, people die because of it.

Care Disrupted, Patients at Risk
Nearly three out of four healthcare groups hit by attacks like ransomware or email scams saw patient care interrupted. Many reported longer hospital stays and more problems during procedures. Some even saw higher death rates tied directly to cyber incidents.

Attacks Are Constant and Costly
Almost every organization surveyed was hit at least once last year, often dozens of times. The average cost of the worst attack still sits in the millions. Ransom payments alone are rising, even when fewer victims pay.

Supply Chain and Email Attacks Hit Hard
When suppliers are breached, hospitals often feel it fast. Most of those events led to delays in care. Business email scams caused many procedure setbacks. Ransomware and cloud breaches also led to longer stays and patient transfers.

Human Mistakes Keep Causing Damage
Sensitive data often leaks because staff ignore rules or make simple errors. Many groups had multiple loss incidents in the past two years, often affecting treatment and outcomes. Some progress is being made with training and phishing tests, but the problem remains serious.

Cloud and Mobile Tools Add Pressure
More patient systems are moving to the cloud. Messaging apps, video calls, and email are common targets. Weak mobile apps and personal devices add new entry points for attackers.

AI Helps but Brings New Risks
More than half of healthcare providers now use AI for security or care. Some use it to detect risky behavior or prevent data loss. Yet many struggle to protect the sensitive data used by these systems. Concerns about AI misuse are rising.

Leadership Gaps Slow Progress
Many groups lack skilled people or clear decision-makers for cybersecurity. Money is less of an issue now, with budgets growing, but staffing and strategy still lag.

The alleged data breach involving Salesforce-related integrations has raised significant concerns about the overall security of cloud and SaaS ecosystems. Hackers, reportedly the LAPSUS$ group, claim to have obtained sensitive data from 39 major companies, including McDonald’s, Disney, and Walgreens. The attackers allegedly exploited vulnerabilities in third-party integrations, such as Salesloft Drift, which operate tightly within Salesforce environments. While Salesforce has denied that its core platform infrastructure was compromised, this event shines a glaring spotlight on the inherent vulnerabilities of interconnected cloud systems.

This breach amplifies a growing unease in the industry. As businesses migrate more critical operations to SaaS providers, the risks of centralized, multitenant systems have increased significantly. A single breach could reverberate across dozens of organizations, putting customer trust, sensitive data, and even business continuity on the line. The incident is not just about stolen records—it’s about the fragility of cloud infrastructure in the face of increasingly sophisticated cyber threats. In short, this breach should serve as a harsh wake-up call for cloud providers to step up security and for enterprises to thoroughly evaluate and monitor their reliance on SaaS integrations. The stakes have never been higher, and complacency is no longer an option.

Many organizations think cyber risk is all about the tools they use, but the real problem often lies in how systems are set up and managed. Poor design and weak policies create gaps that attackers can exploit, no matter how advanced the technology is.

Architecture Over Tools
Focusing only on software or firewalls won’t stop breaches. Security depends on how networks, data flows, and access rules are organized. Complex systems with inconsistent policies leave blind spots that attackers can use to move undetected.

Human and Process Factors Matter
Even the best technology fails if people don’t follow procedures or teams aren’t aligned. Conflicting responsibilities, unclear ownership, and siloed departments make it easy for mistakes to happen and for attackers to succeed.

Shift From Reactive to Strategic
Many companies react to alerts rather than preventing issues. A strong architecture supports proactive defense, making it harder for attackers to find weaknesses and easier for security teams to monitor activity and respond quickly.

Key Takeaway
Cybersecurity is as much about design and governance as it is about technology. Solid structure and clear responsibilities reduce risk more than piling on new tools.

A new warning from cybersecurity experts highlights risks from AI tools like Gemini when used in email and calendar apps. While these tools can save time, they can also leak sensitive information if not handled carefully.

AI in Daily Tools
Employees use AI assistants to draft messages or manage schedules. These systems access personal, financial, and business data. If prompts include confidential information, it could be exposed to unintended recipients or stored insecurely.

How Threats Appear
Attackers can trick AI into revealing secrets or use flaws to access internal documents. Because AI is integrated into widely used platforms like Gmail, Outlook, and Google Calendar, small mistakes can have big consequences.

Mitigation Steps
Experts suggest limiting AI use for sensitive content, reviewing sharing settings, and training employees on safe practices. Monitoring AI interactions and separating critical data from AI access is also advised.

Key Takeaway
AI tools can improve efficiency but also create new security gaps. Careful use and oversight are essential to prevent leaks and protect organizational information.

Cybersecurity: A Growing Concern for UK Executives

A recent warning from the UK's National Cyber Security Centre (NCSC) highlights a significant gap in cyber-attack preparedness among senior executives.

Key Findings

Conclusion

The NCSC's warning serves as a critical reminder for senior executives to prioritize cybersecurity and take necessary actions to protect their organizations from evolving cyber threats.