by Cybersecurity continues to transform rapidly as quantum computing, artificial intelligence, and cloud dependence reshape how nations secure their digital ecosystems. Around the world, governments and organizations are rolling out new frameworks, updating regulations, and responding to a surge in cyber incidents. This month’s developments highlight how countries are preparing for long-term threats while also managing immediate risks.
Below is a clear, readable summary of the latest cybersecurity news from Singapore, the UAE, the UK, and major international institutions.
1. Singapore Releases New Quantum-Readiness Tools
Singapore has taken an important step toward preparing the country for the future of quantum technology. The Cyber Security Agency of Singapore (CSA) introduced two major resources designed to help organizations prepare for the day when quantum computers can break today’s encryption standards.
Quantum-Safe Handbook
The handbook explains the core risk: once quantum computers become powerful enough, they could crack the encryption tools currently protecting passwords, online banking, secure messages, and national infrastructure. While experts cannot predict the exact timeline, the threat makes long-term planning essential.
The handbook outlines what organizations need to consider as they prepare, such as:
-
identifying systems that rely on vulnerable cryptography
-
planning gradual upgrades
-
understanding how hardware, software, and certificates must evolve
-
training teams to manage the transition
Because many digital systems operate for years or even decades, Singapore stresses that the shift to quantum-safe solutions is a multi-year transformation, not a simple technology upgrade.
Quantum Readiness Index
The second tool, the Quantum Readiness Index, provides a self-assessment questionnaire. It allows organizations to measure how prepared they are, see what gaps exist, and understand which steps to prioritize. It also encourages businesses to begin early planning rather than waiting for quantum threats to become urgent.
Both documents are aligned with the World Economic Forum’s Quantum Readiness Toolkit (2023), which recommends international cooperation and shared frameworks for managing quantum risks.
The tools are currently open for public consultation until 31 December 2025, giving industry leaders and technology partners the opportunity to provide input.
2. UAE Approves National Encryption Policy
The United Arab Emirates has announced a major move to strengthen long-term cybersecurity. The government has officially approved a National Encryption Policy and an executive regulation outlining how sensitive data should be protected across government systems.
The policy introduces:
-
a unified framework for data protection
-
clear rules on how cryptography should be implemented
-
a roadmap for adopting post-quantum cryptography across national systems
This shift reflects growing concern about evolving cyber threats, especially with rapid advances in artificial intelligence and quantum computing. The UAE wants to ensure that its critical services remain secure even as technology changes.
To support this strategy, the UAE Cybersecurity Council has established new specialized groups, including an AI and Emerging Tech Taskforce led by H.E. Dr. Al Kuwaiti. These teams examine vulnerabilities related to next-generation technologies and help guide national cybersecurity planning.
Together, these developments show the UAE’s long-term commitment to strengthening national resilience, protecting government data, and preparing for future digital risks.
3. UK Introduces New Cybersecurity and Resilience Bill
The United Kingdom has proposed new legislation designed to protect essential public services from disruptive cyberattacks. The Cybersecurity and Resilience Bill, introduced on 12 November, focuses on strengthening cyber defences across major national infrastructure sectors:
-
energy
-
healthcare
-
water
-
transportation
Why the UK is updating its laws
Cyber incidents have become increasingly expensive and damaging. On average, a significant cyberattack costs UK organizations more than £190,000 (US$250,000). Across the entire economy, cyber incidents cost the UK an estimated $19.4 billion per year, equal to 0.5% of national GDP.
Recent events show just how serious the problem has become. In 2025, a cyberattack on Jaguar Land Rover (JLR) forced several factories to halt operations for nearly six weeks. The cyber-related damage alone cost the company £196 million ($259 million). As a result, JLR posted a quarterly loss of £485 million ($640 million), a sharp contrast to its profit the previous year.
What the new bill will change
The proposed legislation would expand oversight to include medium and large companies that provide essential digital services such as:
-
cybersecurity support
-
IT management
-
help desk services
For the first time, companies offering these services to organizations like the NHS may be designated as critical suppliers. This would give regulators the power to require stronger security measures, close supply-chain weaknesses, and ensure consistent cyber standards across key sectors.
The bill also follows findings from the UK’s Cybersecurity Breaches Survey (June 2025), which revealed:
-
only one-third of surveyed businesses and charities had cybersecurity policies
-
even fewer had business continuity plans
The new legislation aims to improve preparedness across organizations of all sizes.
4. Other Major Cybersecurity Stories This Month
EU identifies 19 critical technology vendors
The European Union has officially designated 19 technology companies—including Microsoft, Google Cloud, and Amazon Web Services—as critical third-party service providers under the Digital Operational Resilience Act (DORA).
This move acknowledges the financial sector’s heavy reliance on a small number of cloud companies. The designation aims to reduce systemic risks caused by outages or cyber incidents affecting core banking services.
US Congressional Budget Office targeted in cyberattack
The U.S. Congressional Budget Office confirmed it was hacked by foreign actors. Officials fear the attackers may have accessed internal communications, including emails and chat logs exchanged between analysts and lawmakers. This incident highlights the vulnerability of even highly secure federal agencies.
Operation Endgame disrupts global cybercrime infrastructure
In a major coordinated action, Europol and Eurojust carried out a new phase of Operation Endgame from 10–13 November. Authorities:
-
dismantled 1,025 servers
-
seized 20 domains
-
arrested the suspected operator of the VenomRAT malware in Greece
This operation represents one of the largest cybercrime takedowns of the year.
Cloudflare outage disrupts major online services
On 18 November, a large outage at Cloudflare impacted platforms such as X, OpenAI, and Anthropic. The issue was not a cyberattack. Instead, it was caused by a configuration error in Cloudflare’s Bot Management system. A database permissions change caused a file to double in size, exceeding software limits and disrupting network routing.
5. Rising Demand for Cybersecurity Talent and the Role of AI
As cyber threats increase, so does the need for skilled cybersecurity professionals. Experts warn that the global talent gap is one of the biggest challenges facing organizations today.
India is among the hardest hit, with a shortage estimated between 1 million and 1.5 million professionals. Small and medium-sized enterprises, which often lack specialized teams, face the greatest risks.
Organizations like the World Economic Forum emphasize the importance of building long-term training programs and encouraging new talent to enter the field. AI is also beginning to assist with defensive tasks, automating routine work and improving detection capabilities. However, experts note that AI must be used responsibly, with clear governance to protect privacy and ensure accountability.
Many analysts believe that the recent surge in AI markets may be cooling, leading governments and businesses to focus more on digital resilience, diversification, and sustainable cybersecurity strategies.
