Welcome to your essential briefing on threats at the intersection of cybersecurity and critical infrastructure, brought to you by Neeve, the edge cloud security platform for smart buildings, making built spaces secure, intelligent, and sustainable.

This Week’s Cyber Insights

• 🏥 Healthcare's Cybersecurity Crisis

• 🌍 Middle East Prioritizes AI Security in 2026 Inf …

• 🇨🇳 Chinese 'Salt Typhoon' Campaign Infiltrates A …

• 📰 Further Alerts & Insights

 🏥 Healthcare's Cybersecurity Crisis

93% of U.S. healthcare organizations experienced at least one cyberattack in the past year averaging 43 incidents per organization, yet only one in three executives list cybersecurity as a top concern despite 168 million records exposed in 2023 and extortion demands reaching $4 million.

• 72% of incidents disrupted patient care, with 22% experiencing attacks directly impacting medical devices. Three-quarters of device attacks disrupted care, including 24% requiring patient transfers as cybercriminals target diagnostic and treatment systems.

• 89% of healthcare organizations have the top 1% of riskiest IoMT devices containing known exploitable vulnerabilities linked to active ransomware campaigns on their networks, representing critical remediation priorities.

• Healthcare workers regularly upload sensitive data to ChatGPT and Gemini, while only 29% of executives feel prepared for AI-powered threats despite 41% believing they will happen. 32% feel ready for deepfakes though 49% expect them.

• Rural hospitals face losing battles due to tight budgets, small teams, and limited training. Despite large security investments, 46% report higher attack volumes while many executives cite cost or compliance as bigger challenges than cybersecurity.

🤔 The Bigger Picture: 

Healthcare facility automation systems share IoT infrastructure with medical device networks, creating attack vectors between HVAC, access control, and medical equipment. Compromised building automation can disrupt patient care environments as critically as medical device attacks, requiring segmentation of building networks from medical systems and staff training since bypassed security in one system cascades across interconnected facility infrastructure.

Read the full article

🌍 Middle East Prioritizes AI Security in 2026 Infrastructure Push

Middle East technology market will reach $174.9 billion in 2026 with AI and cyber security as the biggest issues influencing strategy and spending, as AI transitions from experimentation to production-grade deployments across government, finance, and energy sectors.

• AI evolves from supplementary tool to foundational enterprise layer as organizations move beyond pilots. 34% already use AI and machine learning in IoT deployments, with agentic AI embedding into specific business processes rather than consumer-facing applications.

• Cyber security shifts from static defense to adaptive resilience as attackers use AI to enhance ransomware and phishing campaigns. Organizations leverage machine learning, generative, and agentic AI as foundational capabilities while cyber security teams face burnout from intensified threat landscapes.

• Sovereign AI emerges as strategic priority though definitions remain fluid. Key risk is whether regional investments can keep pace with global innovation, with datacentres becoming critical national infrastructure despite challenges around power consumption and sustainability.

• Talent landscape enters uncertainty as AI agents could reshape recruitment from hiring full-time staff to orchestrating hybrid human-machine teams, making market entry harder for new graduates despite high demand for AI and cyber security skills.

🤔 The Bigger Picture: 

Building automation systems face dual pressures as AI-enabled optimization creates expanded attack surfaces requiring adaptive security frameworks. The convergence of IT and OT with physical AI increases vulnerability to AI-enhanced attacks, while facility operators must balance rapid deployment against cyber security team burnout and sovereign infrastructure control needs.

Read the full article

🇨🇳 Chinese 'Salt Typhoon' Campaign Infiltrates Australian Critical Infrastructure

Security experts warn that Chinese state-sponsored hackers have likely penetrated Australia's most vital systems in what's being called one of the most effective long-term espionage operations.

• The 'Salt Typhoon' campaign is attributed to Chinese state-sponsored actors

• Experts describe it as one of the most effective long-term espionage operations

• Critical infrastructure in Australia has reportedly been infiltrated

• The breach poses significant risks to national security and operational integrity

• Potential impacts threaten essential services across the country

🤔 The Bigger Picture: 

State-sponsored infiltration of critical infrastructure demonstrates how building systems and industrial controls can become strategic targets. Facilities must implement enhanced monitoring and network segmentation to detect and contain sophisticated persistent threats.

Read the full article

Further Alerts & Insights