News

From the war in Ukraine, to the Middle East, and escalating tensions in the South China Sea, the threat of conflict is forcing governments and businesses to confront an uncomfortable truth that digital systems are not immune to geopolitical pressure.

At London Tech Week recently UK Prime Minister Keir Starmer said that the way that war is being fought “has changed profoundly,” adding that technology and AI are now “hard wired” into national defense. It was a stark reminder that IT infrastructure management must now be viewed through a security lens and that businesses need to re-evaluate data management technologies and practices to ensure they are not left out in the cold.

Easier said than done. According to recent research from Civo, 83% of UK IT leaders say geopolitics threatens their ability to control data and 61% view sovereignty as a strategic priority, yet only 35% know exactly where their data resides. That’s not just a compliance gap. It’s a sign that infrastructure, policy and strategy are still out of sync.

Data sovereignty used to be a conversation for the policy teams and legal departments. Not anymore. Regulatory fragmentation, rising cyber risk, and increasingly complex data ecosystems are forcing organizations to treat sovereignty as a live operational concern. Whether it’s knowing who can access your AI training data or ensuring a healthcare provider meets national residency requirements, data sovereignty now defines what businesses can and cannot do.

The EU Data Act, the UK's evolving position (the UK is no longer bound by the EU Data Act but it remains closely aligned in practice to preserve data adequacy and ensure the continued free flow of data with the EU), and the increasing stringency of critical infrastructure policies, are starting to shape what enterprise resilience should look like.

As Lord Ricketts noted in the House of Lords in October last year, “the safe and effective exchange of data underpins our trade and economic links with the EU and co-operation between our law-enforcement bodies.” That trust depends on demonstrating a clear and enforceable approach to data control.

For many, public cloud services have created a false sense of flexibility. Moving fast is not the same as moving safely. Data localization, jurisdictional control, and security policy alignment are now critical to long-term strategy, not barriers to short-term scale. So where does that leave enterprise IT? Essentially, it leaves us with a choice - design for agility with control, or face disruption when the rules change.

Sovereignty-aware infrastructure isn’t about isolation. It’s about knowing where your data is, who can access it, how it moves, and what policies govern it at each stage. That means visibility, auditability, and the ability to adjust without rebuilding every time a new compliance rule appears.

A hybrid multicloud approach gives organizations the flexibility while keeping data governance central. It’s not about locking into one cloud provider or building everything on-prem. It’s about policy-driven control across environments, managing workloads through the context of data.

For example, a financial services firm may need to keep customer transaction data within UK borders, but still wants to run analytics in the cloud. With the right architecture, workloads can move, but sensitive data stays governed. That’s sovereignty in practice, not theory.

Of course, generative AI introduces a new layer of complexity. Training models on private data, deploying inference at the edge, or simply sharing prompts between locations adds pressure to already stretched governance models.

And while many organizations have rushed to build or adopt AI tools, few have aligned these efforts with data residency or compliance. Sovereignty isn’t just about storage anymore. It’s about compute, access patterns, and understanding how third-party models interact with your data.

Edge and sovereign cloud capabilities will be essential here. But they only work if infrastructure teams are given the mandate and support to build with sovereignty in mind. That means cross-functional collaboration between legal, compliance, and IT. It also means choosing platforms that support location-aware deployment and policy enforcement from day one.

According to Nutanix’s recent public sector sovereignty research, 94% of public sector organizations are already using GenAI tools, yet 92% say they could do more to secure those workloads, and 81% say their infrastructure needs improvement to support sovereignty requirements. That says everything you need to know about the challenges facing both public and private organizations. Complexity has clouded judgement and capability.

And yes, customers want to know where their data is, of course they do. Partners also want to understand how it’s being used. With regulators increasingly expecting transparency, not just tick-box compliance, sovereignty, in this context, becomes a proxy for trust.

This is particularly important in sectors like healthcare, education, and government. But it’s not limited to them. Any business operating in or across regulated markets needs to demonstrate control. Not because it’s a checkbox, but because it’s now fundamental to continuity and reputation.

First, get clear on where your data is and what laws apply. That’s not always simple. Next, review your infrastructure to see if it can support location-aware controls, hybrid deployment, and detailed auditing.

Then, consider where GenAI and future workloads are headed. Are you prepared to scale them without breaching sovereignty requirements? Can your teams adapt quickly as policies change?

Finally, treat sovereignty not as a constraint, but as a core part of your design strategy. The organizations that do this well won’t just be compliant, they’ll be more resilient, more transparent, and better prepared for what comes next.

Because in a world where data moves faster than policy, the ability to stay in control isn’t just good governance, it’s good business. And when geopolitics forces the issue, it might just be the nudge needed to get sovereignty right.

We list the best data migration tools to help manage your files.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

If Zero Trust actually worked like the industry said it would, VPNs would’ve disappeared years ago. Instead, they’re booming. We’ve all heard the warnings, seen the vendor pitches, and read enough LinkedIn posts to fill several lifetimes: Zero trust is supposed to be here.

And yet, despite all that hype, the business VPN market isn’t just alive — it's thriving, projected to nearly double from $5.7 billion in 2024 to well over $10 billion by 2033.

I wrote my first VPN — Tunnel Vision — back in 1998, for the first customer of my first startup. Later we replaced it with an IPsec key manager. Then I wrote sshuttle, a sort of VPN built on top of SSH. At Google, I ended up writing a multicast VPN tool we called "frobnicast" (don’t ask). And finally, I co-founded yet another VPN company to try fixing this once and for all. That makes it five VPNs so far. As the meme goes, we have become exceedingly efficient at it.

Why do we keep writing new VPNs? Because the old ones suck. But honestly, it's not just VPNs that suck — it’s TCP/IP that sucks. If IPv4 had been encrypted by default and access-controlled from the beginning and didn't run out of IP addresses and IPv6 had successfully rolled out, we wouldn’t need VPNs. Every generation of these tools has been a workaround for something broken further down the stack.

Still, businesses don’t let go of familiar tools easily. I once wrote that “not changing stuff is amazingly powerful as a product strategy.” VPNs are dependable. Or at least, they’re the devil we know. They’re built into enterprise security bundles, they’re in the onboarding checklist, and they’ve been “good enough” for long enough that most teams have figured out how to live with them.

But when a tool sticks around long after its design goals are obsolete — like my old dialer program WvDial, still popular decades after modems became irrelevant — it’s worth asking why. In WvDial’s case, the answer was simple: everything else was worse. That story still applies to VPNs.

According to recent research, this comfort comes at a cost. Over 83% of engineers admit to bypassing their company's security controls simply to get work done. Worse yet, 68% retain access to internal systems after leaving their employers, exposing critical gaps in the security lifecycle. Yet, despite these clear risks, only 10% of professionals feel their current VPN "works well."

So, VPNs linger not because they're ideal, but because migrating fully to zero trust isn’t trivial. It’s not a product you can buy; it’s a shift in how you think. Continuous verification, least privilege access, and identity-first networking sound simple until you try to retrofit them into a sprawling, 20-year-old IT architecture.

There’s a common belief that VPNs are fundamentally insecure. They’re not. But the traditional enterprise VPN model, the one that drops you inside the perimeter and lets you wander freely, is dangerous. That’s like giving everyone a master key to your office building.

A better model grants access one step at a time, based on who you are, what you need right now, and where you’re coming from. Microsegmentation. It’s not about banning tunnels — it’s about more, smaller tunnels, each with its own control valve.

The most secure approach is one where identity management is everything. Not where you are, not what subnet you’re on, not whether you’re in the office. Identity. Strong authentication, hardware-backed keys, just-in-time access.

But identity isn’t easy. Our survey found only 29% of organizations have adopted identity-based access control at scale. Even fewer use automation. Many still rely on spreadsheets and service account credentials that outlive the employees who set them up.

So security becomes a tax. It slows people down. And when security gets in the way, people route around it. That’s why VPN fatigue is real — and growing.

Yet, there's hope. Nearly half of surveyed companies are consolidating fragmented tools, embracing automation, and experimenting with adaptive policies. But more interestingly, they're starting to rethink their whole approach.

Security and engineering teams are collaborating instead of clashing. They're designing systems that work with people, not against them. AI tools are emerging — not to replace humans, but to help notice the things humans miss: a sudden pattern change, a weird login time, an unexpected access request.

More companies are adopting modular, policy-driven systems. Instead of writing 50 firewall rules, they define intent: "this kind of app talks to that kind, under these conditions." That’s not Zero Trust as a checklist — it’s Zero Trust as infrastructure.

Zero trust isn’t a product you install. It’s a direction you walk in.

Start by reducing implicit trust — wherever you find it. Use strong identity through encryption, not IP addresses. Make credentials short-lived. Assume the worst. Break your network into zones. Shrink the blast radius.

But do it gradually. Nobody rips out all their networking in a day. Choose one high-value system and zero-trustify it. Learn. Repeat.

VPNs will stick around a while, not because they’re good, but because everything else is hard or immature. But as we’ve seen with tools like WvDial, still in use long after its time, familiarity isn’t the same as fitness. The future belongs to systems that embrace the complexity of real-world access — and make it feel simple.

I don't want to write VPNs, I don't want to deploy VPNs, I just want to solve real problems. But we can't solve the real problems without a working network. So here I am with a $1.5B company still selling VPNs. Sure it's maybe the best VPN. But it looks like I'll be continuing to do it for years, so that other people can finally solve real problems.

And if we finally get it right this time, maybe we can stop reinventing the same broken tunnel — one VPN at a time.

We've listed the best VPN deals.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• The European Commission rejects accusations that the Digital Services Act (DSA) is designed to harm US big tech
• The EU also denies that DSA content-removal requirements constitute internet censorship
• This comes as Trump threatens sanctions against EU member states implementing DSA rules

No, the EU's Digital Service Act (DSA) doesn't constitute internet censorship and isn't designed to harm US big tech giants specifically.

This is the blunt reply from the European Commission on Tuesday, August 26, 2025, in response to accusations made by US President Donald Trump the day before – Reuters reported.

On Monday, in fact, another report from Reuters revealed that the Trump administration was considering imposing sanctions against the European Union and any member states looking to implement DSA rules.

The EU's Digital Service Act seeks to create a safer online environment, said the EU, by limiting the spread of illegal content, including hate speech and child sexual abuse material, and disinformation on digital platforms. It also bans manipulative advertising practices.

Washington sees these actions as restrictions on Americans' freedom of speech, with a government spokesperson confirming to Reuters that authorities are monitoring the situation in Europe "with great concern."

DSA enforcement decisions have so far affected X and Meta, but also Chinese-owned companies like AliExpress, Temu, and TikTok, said an EU spokesperson.

US officials' concerns around new digital regulations aren't limited to the EU, though, nor to the Digital Service Act.

In a Truth Social post, Trump shared his intentions to "impose substantial additional tariffs" on all countries that target American tech companies with digital taxes or regulations, "unless these discriminatory actions are removed."

This comes only days after a pledge from the Chair of the Federal Trade Commission (FTC) to at least 13 US tech giants, including Apple, Alphabet (parent firm behind Google), Meta, Microsoft, and Amazon, to resist UK and EU demands to weaken encryption and censor content.

Besides the EU DSA, the FTC raised the alarm about two UK laws in particular – the Online Safety Act and Investigatory Powers Act.

US officials have been critical about the latter, following a Technical Capability Notice (TCN) issued under the law that hit Apple in February and led the tech giant to remove its advanced end-to-end encryption protection from iCloud in the UK market. The UK, however, has now agreed to drop its Apple encryption backdoor request, in a victory for Washington.

At the end of July, mandatory age verification in the UK was also enforced as per the Online Safety Act, age-gating not just adult-only content, but also so-called legal but harmful material across multiple platforms like social media, dating apps, and even music streaming services, like Spotify.

Millions of Brits have so far turned to the best VPN apps to bypass age checks, mostly for fear of the privacy and security consequences of sharing their most sensitive data with third parties.

• The Online Safety Act isn't just about age verification – end-to-end encryption is also at risk
• The EU could be scanning your WhatsApp chats by October 2025 
• Apple and Meta set to face fines for alleged breaches of EU DMA

• Many AI pilots fail real-world operations and 95% of GenAI pilots don’t reach production, Salesforce claims
• CRMArena-Pro lets enterprises stress-test their AI agents with digital twins
• Two new benchmarks are used for stress-testing AI agents

Salesforce says enterprises are struggling with their AI pilots failing in real-world operations, and has launched CRMArena-Pro, a new service to allow businesses to create a digital twin of their operations to stress-test AI agents before they get deployed.

The company cited recent MIT research which found 95% of generative AI pilots don’t even reach the production stage.

CRMArena-Pro evaluates AI agents on real tasks, like customer service, sales forecasting and supply chain disruptions, but using synthetic data that’s been validated by experts.

“CRMArena-Pro creates a rigorous, context-rich simulated enterprise environment framework with synthetic data, where it can safely evaluate API calls to relevant systems, as well as the ability to safeguard PII data,” the company wrote in an announcement.

By adding real-world noise into the test environment, CRMArena-Pro can better evaluate performance, strengthen resilience and bridge the gap between pre- and post-deployment.

“The result is AI agents that are capable, consistent, trustworthy, and agentic enterprise-ready.”

Companies can also see how AI agents handle real-world challenges like messy data, legacy systems and complex workflows.

Salesforce noted part of the complexity comes from the vast array of models available to choose today, and knowing which specific model or combination of models to use isn’t so simple.

To that tune, the company has published two new benchmarks to measure agent performance: MCP-Eval for evaluation through synthetic tasks and MCP-Universe, which adds real-world tasks and execution-based evaluators to stress-test agents in complex scenarios.

In a previous post, Salesforce noted that CRMArena-Pro “lays the groundwork for the next frontier: Enterprise General Intelligence” - and for now, users can expect “safe, capable and impactful” AI for all organizations.

• We’ve listed the best AI tools and best AI writers
• Salesforce unveils Agentforce 3, its smartest agent platform yet
• Give your workers a helpful boost with the best productivity tools

South Park season 27 episode 4 hasn't aired again this week, and it's now the third in a series of ongoing delays. After its controversial premiere, both episodes 2 and 3 have had two-week gaps between them, with episode 4 now following suit (you can expect to see it on September 3 instead).

Paramount has now confirmed this schedule will continue for the entire duration of the 10-episode season, meaning we can now expect the (surely explosive) season finale on November 26.

Initially, the studio hadn't given a reason why, or at least it hadn't publicly. With influential figures in the US Government blasting South Park's parodies on a near-daily basis, I'd already guessed that this could feed into why episodes were taking longer, especially given the Paramount+ exclusive post-credit scenes we're starting to see.

President Trump has been naked in bed with the devil, US Secretary of Homeland Security Kristi Noem has shot puppies at point blank range, and Towelie's trip to Washington D.C. shone a spotlight on the city's National Guard deployment.

But ahead of South Park season 27 episode 4, we've finally got an explanation – and as it turns out, there are multiple reasons why we're seeing a lag on the launches.

Not only does it feel like a smart move, I also think it's a huge positive. The creators show no signs of slowing down their scathing political parodies, so some breathing space between them could do us all the world of good.

According to an interview with Deadline, the season 27 delays initially started with timing episode 2 to release in line with the show's 25th anniversary. Afterwards, a two-week schedule was continued in order to make sure episodes were completely up to date with real-world events.

Deadline's source close to the South Park producers explained, “What they’re doing means this year’s episodes need more time than usual to put together, to finish.

“So much happens right now in just one day with Trump. No one’s going to sacrifice getting it right, even if we have to push getting it to air, and if that makes the season longer, so be it.”

In short, this means that everything is taking more time to make, which isn't surprising in a world with a news cycle that moves at breakneck speed.

What's perhaps more surprising is that Paramount is totally fine with the changes. “We’re not going to argue with what’s working, ” an insider at the studio added. “The numbers are great, the show is getting a lot of attention – if they want to give us a 20-week season for 10-episodes, that’s OK.”

Deadline previously reported that the second episode of Season 27 drew 6.2 million global multi-platform viewers across Comedy Central and Paramount+ in its first three days, numbers which largely came from streaming. Clearly, taking more time is working for everyone, and perhaps this allows creators to cut even deeper with their political parody.

Could this change how comedies, or any streamable series, are released in the future? Very possibly. But for now, there's a certain relief that comes with the empty space between the animated poundings.

With Florida Congresswoman Anna Paulina Luna now the latest to clap back at her South Park depiction, the new schedule will likely cool any political jets before anything gets messier than the tension and legal threats we saw through its two-year hiatus.

• Beth Dutton and Rip Wheeler spin-off: Everything we know about the sequel series to Yellowstone on Paramount+
• Mayor of Kingstown season 4: everything we know so far about the hit Paramount+ show's return
• New Paramount+ series Avatar: Seven Havens will succeed where the Last Airbender live-action adaptation couldn't, and that should make Netflix panic

• Final Fantasy 14's director, Naoki Yoshida, has shared a statement regarding mods that may "infringe" on other players' enjoyment and the core game
• Yoshida says he has no issue with mods but wants players to be aware of the rules
• He also said sharing the use of NSFW mods online could lead to the game being subject to legal measures by regulators in certain countries

Final Fantasy 14's director, Naoki Yoshida, has issued a warning about the continued use of mods that may "infringe" on other players and also lead to legal troubles.

Last week, it was reported that one of Final Fantasy 14's most popular mods was shut down due to a "legal enquiry". The mod, named Mare Synchronos, was a plug-in that allowed users to sync and view other players' mods in-game, like character customization add-ons.

News of the mod's takedown wasn't received well by users, which later led to the game being review-bombed on Steam.

Now, in a new Final Fantasy 14 blog post, Yoshida has responded to the overall matter of mods, stating that though he "tolerates" the personal use of them and understands that modding culture is "rooted in good intentions", he wants players to be aware of the importance of the game's user agreement.

"In the past twenty or so years, I've seen numerous positive examples of games with fan-made mods that expand upon existing gameplay," Yoshida said. "However, these mods are generally created with a vital premise in mind: they are for personal use only, and the individual player is responsible for the mods they use.

"Furthermore, the mods must not impact the core game, its services, or the intended game design in a negative manner. I personally feel that these rules should be followed by all mod creators and users."

The director adds that if players continue to uphold these rules to enhance their personal enjoyment of the game, he personally sees no reason to track them down or investigate gamers for their use of mods.

He also stressed the importance of two rules in particular: that the mods don't "infringe upon others" and they "do not negatively impact the core game, its services, or intended game design, as mentioned above."

Yoshida continued by offering a lengthy list of examples where mods may infringe on others and impact intended game design, including a scenario where a player may use mods to bypass certain conditions to obtain in-game items, like Ultimate Raid loot.

The director explained that this wouldn't be an issue if it were for personal enjoyment; however, showcasing the loot that wasn't earned through participation to other players in-game would be against the rules and would result in the mod's take down.

"In response, our only options would be to ask that players cease using the mod, or to request that the mod creator removes the functionality causing the problem," Yoshida said. "Of course, we could also implement preventative measures in-game, but this would divert programming resources from other areas, potentially damaging the enjoyment of other players in the long run."

Similarly, Yoshida said that this would also apply to FFXIV Online Store items that have not been purchased but modded, suggesting it would be unfair to players who have spent real money.

"Some may say that Square Enix is to blame for trying to make money by demanding that players spend extra on optional items," he said. "We operate our servers and data centers twenty-four hours a day, three-hundred-sixty-five days a year with the hope that our players can enjoy a reliable gaming experience. Currently, global inflation is taking its toll at a rapid pace, driving up server electricity costs, the cost of land, and even the price of servers themselves.

"We do not want to increase subscription fees for players, if at all possible--but keeping our game running requires sufficient income. If we start creating a deficit, FFXIV may no longer be able to operate. This is an example of damage dealt to the services we provide."

Finally, Yoshida touched on the matter of NSFW mods, reiterating that if a player decides to mod their character to appear naked, it might fall into the category of personal use and responsibility, but if the user shares screenshots online, "FFXIV itself may be subject to legal measures by regulators in certain countries."

"Laws that regulate the content of video games grow stricter by the year," he said. "These laws are there to protect minors and for a variety of other reasons, but the fact remains that they are tangibly becoming stricter. We have a duty to provide our services in adherence to the laws of all countries where FFXIV is available, and if we are unable to do so, the distribution of our game can be prohibited. This is another example of damage dealt to our services."

The director added that he does not intend for his examples to be a censure on mod users or creators, but asks that players respect the game by enjoying it within the confines of basic rules.

• Final Fantasy 14 director has a pretty simple explanation for why the Monster Hunter Wilds collab will feature Omega – 'In the Monster Hunter team, there are many Warriors of Light'
• Here are the three biggest things we learned from the Hollow Knight: Silksong release date trailer
• Everything announced at Gamescom Opening Night Live 2025 from the Sekiro anime to the new Ghost of Yotei mode

• Xbox Insider Program members with an Xbox Game Pass Core or Standard subscription can now access Cloud Gaming at no extra cost
• This includes the ability to play a number of games included with the subscription service
• Users can also access select games that they already own

Members of the Xbox Insider program with an Xbox Game Pass Core or Standard membership can now try Xbox Cloud Gaming at no extra cost.

This includes access to a number of titles that are already included with those tiers of the subscription service, plus select games that they already own.

The list of supported games spans massive recent releases like Assassin's Creed Shadows and Black Myth: Wukong to indie favorites such as Dredge and Darkest Dungeon. There's a good range, and more ways to play the titles that you already own can only be a good thing.

In order to access the games, you simply need to sign in to Xbox Cloud Gaming on a supported device and select the title that you want to play.

Of course, you will need an active Xbox Game Pass Core or Standard subscription, and be part of the Xbox Insider Program.

If you're not yet part of the Xbox Insider Program, you can get started by downloading the Xbox Insider Hub app on your Xbox console or PC.

We expect these Xbox Insider features to start rolling out to other users in the coming months.

• Warhammer: 40,000 - Dawn of War 4 looks like a return to the glory days of the original real-time strategy game
• Pragmata is part puzzle game, part sci-fi shooter, and all a surprising amount of fun
• Who needs Asus' fancy flagship monitor? This dual-mode OLED screen stole the show and my heart at Gamescom 2025 – and it's perfect for PC and PS5 setups