Our Scans · (SFS.1.04) Data Security · Weekly Summary

• [New] The CNIL received 6,167 data breach notifications, with hacking accounting for around half of notified incidents, and said it will devote 50% of its controls and enforcement actions in 2026 to data security, including in sectors processing large volumes of sensitive or highly personal data. Gibson Dunn
• [New] Microsoft-heavy environments will need AI controls that integrate with identity, compliance, endpoint security, and productivity data rather than sitting in a separate dashboard. Windows Forum
• [New] The Australian Intelligence Security Organization (ASIO) has warned government officials to keep classified and sensitive information in an appropriate safe room, as concerns intensify over how much data can fall into the wrong hands. / Australia Medium
• [New] In the context of IoT and AI convergence, the U.S.-China Economic and Security Review Commission has explicitly flagged risks of unauthorized access to enterprise data systems a concern directly applicable to RPA bot credentials and privileged access management. Persistence Market Research
• Samsung SDS (the corporate IT security arm) has identified top 5 threats: AI-driven attacks, ransomware, cloud misconfigurations, phishing / account takeover, and data exfiltration. Risk Intelligence Service
• Increasing data privacy regulations and the need to reduce security breaches in rapidly industrializing economies are expected to keep Asia-Pacific's growth momentum as the highest CAGR region during the forecast period. Dimension Market Research
• Carnival said it has strengthened its security and monitoring controls and will continue to enhance its IT and data protection measures. / USA Insurance Journal
• 76% of UK employees acknowledge that using unapproved AI tools poses security or data privacy risks, yet nearly half continue to use them in the workplace. theHRDIRECTOR
• UK and EU data protection laws require insurers to put in place security measures that reflect current risks and available technology. www.hoganlovells.com
• The excessive concentration of assets - cloud storage and data centers - in the hands of a few key companies - Amazon, Google, Microsoft, SpaceX, and Meta - creates a scenario where a systemic technical failure could trigger a domino effect in global security. War on the Rocks
• At RSAC 2026, CrowdStrike announced new cloud security and data protection capabilities addressing how to prioritize cloud risks based on real attacker behaviour and how to protect sensitive data moving across endpoints, SaaS, cloud, and generative AI tools. AIMultiple
• The Yale study put it bluntly: Absent effective guardrails, a widespread security breach in standardized BCI systems could affect millions of users simultaneously, leading to mass manipulation of neural data. Medium
• European Union officials are negotiating a new border security framework with the United States that could give American authorities access to biometric data held in EU member states' national databases, placing visa free travel, data protection, and civil liberties into direct tension. BiometricUpdate.com
• As a relatively new threat, it's difficult to use raw data to quantify the degree to which UTS affects America's national security. The Washington Times
• Topic 7: Security While mega-constellations bring numerous benefits regarding global connectivity or improved data services, they also certainly increase the number of security threats at different space system design domains, potentially affecting critical services. IEEE Communications Society
• The strategic collaboration goals are to bolster the Philippines' struggle towards data security, provide a strong shield against potential cyberattacks, and prevent businesses from disruptions borne from human error and natural disasters. Precedence Research
• As cyber threats continue to evolve and data privacy regulations become stricter in 2026, businesses must ensure their communication systems include strong security measures such as encryption, multi-factor authentication, and compliance with standards like GDPR and HIPAA. Channel Insider
• New limits on data retention are undermining U.S. national security efforts to counter evolving drone threats. Lawfare
• Chinese manufacturers, above all DJI, have become central to global drone supply chains, even as Western governments have raised concerns about data security, procurement dependence and strategic vulnerability. Defence Matters - European Defence News

Last updated: 23 June 2026