EUROPE'S TECH FAULTLINE : FROM RANSOMWARE TO QUANTUM

Sponsored by

🤖 Dear internet users and fellow Cyberdefenders,

The frontline is everywhere. In administrations, where 67% of systems are already compromised. In Polish SMEs, overwhelmed by a tsunami of ransomware. In British companies, caught unprepared by attacks they can't foresee. Even in the quiet corridors of IT departments, where the shadow of Q-Day approaches unnoticed... while most sleep.

Yet all is not lost. Units are forming. Alliances are emerging. Microsoft and Huntress have joined forces to equip smaller entities. Pioneers are already mapping their cryptographic assets in anticipation of the great post-quantum migration.

The battle will be long, uncertain, and often thankless. But each CISO, CIO, and CTO is a soldier. And every decision is a defensive line.

In this war, inaction equals defeat.

HIGHLIGHTS

👉 Europe on High Alert – 67% of Governments at Critical Risk 🏛️

👉 Poland Under Siege – Now Europe's #1 Ransomware Target 💣

👉 Cybersecurity Crisis in the UK – Half of Businesses Overwhelmed 🧯

👉 Post-Quantum Cryptography – Are You Ready for 'Q-Day'? ⏳

👉 Microsoft & Huntress Join Forces in Major Cyber Defense Pact 🛡️

If this letter was forwarded to you, subscribe by clicking this link !

🗞️​ Guess what ?

Not All AI Notetakers Are Secure. Here’s the Checklist to Prove It.

You wouldn’t let an unknown vendor record your executive meetings, so why trust just any AI?

Most AI notetakers offer convenience. Very few offer true security.

This free checklist from Fellow breaks down the key criteria CEOs, IT teams, and privacy-conscious leaders should consider before rolling out AI meeting tools across their org.

Get the Security Checklist

🤓​ Would you like to know more?

1️⃣​ Europe on alert: 67% of governments deemed “critical risk”

Summary : An alarming report reveals that the majority of European public institutions suffer from systemic cybersecurity flaws. Out of 75 organizations evaluated, 67% received a critical rating (D or F), and none met high standards (A or B). Risky practices, such as massive reuse of compromised passwords and SSL/TLS configuration flaws, are common. The risk of compromise is increased, especially since all analyzed organizations have already experienced a data breach. The structural weakness of the European public sector poses a direct danger to citizens and critical infrastructure.

Details :

• Widespread basic flaws: The institutions studied show fundamental shortcomings: absent authentication policies, undeployed MFA, non-existent monitoring of exposed credentials. Even organizations rated C show critical levels of vulnerability.

• Password hygiene needs: In institutions rated F, 85% of employees reuse already compromised passwords. The figure drops to 71% for D ratings, which remains catastrophic. This creates a trivial attack surface for cybercriminals.

• SSL/TLS and hosting vulnerabilities: 100% of institutions rated F and C, as well as 92% of D, suffer from flaws in their SSL/TLS configurations. These defects expose communications to "man-in-the-middle" attacks.

• Uncontrolled spoofing: Email spoofing affects 96% of organizations rated D and F. Their official channels can be impersonated, increasing the risks of institutional phishing, disinformation, and fraud.

• Opportunity for tech providers: The report calls on cybersecurity companies to fill these gaps: robust IAM, leak monitoring, strong encryption, hardened configuration. A market with high potential, especially for cloud solution providers and fintechs.

What should be remembered?

The structural weakness of European public institutions in cybersecurity directly threatens democratic stability and citizen protection. The urgency is no longer to be demonstrated: a complete transformation of practices and infrastructures must be initiated, particularly through public-private partnerships.

 —————————————————————————

2️⃣ Poland, victim #1 of ransomware: red alert on national cybersecurity

Summary : In 2025, Poland rose to the top of the global ransomware attack ranking, accounting for 6% of recorded cases alone. This explosion of incidents is explained by a combination of internal factors: only 59% of companies use security solutions, and less than one in five employees knows what ransomware is. The country is suffering the consequences of insufficient awareness, reactive investments, and a lack of understanding of threats. The ClickFix phenomenon, a new attack technique, is rapidly gaining ground. The situation demonstrates the importance of education and multi-layered defenses to avoid a systemic digital crisis.

Details :

• Alarming statistics: Poland accounts for 6% of ransomware attacks worldwide in the first half of 2025. This figure positions the country as the epicenter of the threat, despite its relatively modest size.

• Low software coverage: Only 59% of Polish companies have active security software. This situation massively exposes infrastructure and data to opportunistic or targeted attacks.

• Lack of awareness: Less than 20% of employees understand the concept of ransomware. By comparison, 78% recognize the term "identity theft." This imbalance in training makes employees vulnerable to social and technical attacks.

• ClickFix: the new weapon: This lure method, growing rapidly (+517%), disguises itself as error messages to trick users into executing malicious scripts. It bypasses traditional protections and relies on social engineering.

• Post-incident chain reaction: The majority of cybersecurity investments are triggered after an incident or under regulatory pressure. An ineffective defensive posture that keeps the country in a cycle of chronic vulnerability.

What should be remembered?

The Polish situation brutally illustrates the cost of neglected cybersecurity. Without national awareness and massive employee training, the country will remain a priority target for ransomware groups. SMEs, in particular, must rethink their defense strategy.

 ——————————————————————

3️⃣​ Cybersecurity in the UK: Half of companies admit to being overwhelmed

Summary: Nearly 50% of British companies say they are ill-prepared for cyber threats, according to a Wavenet study. Despite an increase in attacks — one every 42 seconds — only 38% plan to invest in new technologies next year. Budgetary constraints and talent shortages hinder defense capabilities. While connectivity remains the investment priority, cybersecurity comes second. However, faced with an inevitable threat, prevention is no longer enough: it is crucial to also have the capacity to manage the aftermath of an attack, particularly through robust recovery plans.

Details:

• Concerning statistics: 49% of British companies state they do not have sufficient cybersecurity. The frequency of cyberattacks is now one attempt every 42 seconds, or more than 2,000 per day.

• Insufficient investments: Only 38% of organizations plan to increase their technology budget. Although 39% target cybersecurity, this remains low given the scale of the threat. The current priority is given to connectivity (43%).

• Major internal obstacles: The main obstacles are fears related to cybersecurity itself, dependence on obsolete technologies, and difficulty recruiting qualified talents in a tight market.

• Lack of post-attack resilience: Even with better prevention, many companies lack effective solutions to manage the consequences of an incident: business recovery, crisis management, legal support, etc.

• Limited state intervention: The British government has released £1.9 million to improve cyber resilience. This aid is welcomed, but deemed insufficient given the real needs for training, auditing, and support for the digital transformation of businesses.

What should be remembered?

The British economy is weakened by chronic underinvestment and a lack of cybersecurity expertise. Faced with the increasing sophistication of attacks, it is no longer enough to strengthen prevention: it is also necessary to build complete organizational resilience.

  ————————————————————-

4️⃣​ Post-quantum cryptography: Are you ready for Q-day?

Summary : With the advent of quantum computers, current cryptographic algorithms are destined to become obsolete. The phenomenon of “harvest now, decrypt later” already encourages attackers to collect encrypted data to break it later. While 70% of organizations have started preparing, only 15% have a structured plan. The lack of governance, roadmap, and awareness hinders progress. However, according to experts, the transition will take up to 10 years. Governments are pushing for action, but companies must now inventory their cryptographic assets and build operational crypto-agility.

Details:

• Imminent quantum threat: “Q-day” refers to the moment when a quantum computer could break asymmetric algorithms (RSA, ECC). It marks a break in the security of current encrypted communications, with a global impact.

• Uneven preparation: 70% of companies conduct tests or evaluations, but only 15% are considered “post-quantum champions”: they have mature governance and pilot deployments.

• Agile cryptography: an imperative: Industry leaders, such as evolutionQ and Capgemini, emphasize the need for an active cryptographic inventory, prioritization of critical assets, and an agile architecture capable of integrating future standards.

• NCSC (UK) strategic calendar: 2028 objective: complete discovery and migration plan. 2031 objective: migration of critical assets. 2035 objective: complete migration. This calendar serves as an international reference for businesses.

• Psychological and budgetary barrier: The absence of visible attacks makes investment difficult to justify for decision-makers. However, inaction increases the risk of loss of compliance, competitiveness, and exposure of sensitive data in the coming decade.

What should be remembered?

The migration to post-quantum cryptography is a long, transversal, and technical undertaking. Companies that do not act now expose themselves to major strategic flaws. “Q-day” is not a hypothesis: it is a deadline.

5️⃣ Microsoft + Huntress: a tactical alliance against cyber threats

Summary : Microsoft and Huntress are joining forces to make advanced cybersecurity accessible to businesses of all sizes. Thanks to this collaboration, Huntress's EDR, ITDR, SIEM, and training capabilities are now integrated into the Microsoft 365 environment (Business Premium, E3/E5, Defender). This synergy allows SMEs to better leverage Microsoft's native protections, often underutilized due to lack of resources. The objective is to bridge the gap between available infrastructure and actual security posture through 24/7 monitoring and tools designed for the detection and response to modern threats and at the same time maximize existing investments.

Details:

• Strategic complementarity: Microsoft offers a robust infrastructure, but too often poorly utilized. Huntress fills this gap with lightweight and specialized tools, designed to be operational even without a dedicated cyber team.

• Seamless integration: The Huntress suite integrates natively with Defender for Endpoint, Defender AV, and Microsoft 365 offerings. This compatibility reduces adoption costs and strengthens workstation security coverage.

• 24/7 SOC within reach of SMEs: Huntress's Security Operations Center provides continuous monitoring, essential for detecting sophisticated threats, often invisible without dedicated expertise. This is a paradigm shift for companies with limited resources.

• Integrated training and awareness: Security does not rely solely on technology. The platform also includes cybersecurity awareness modules for employees, often the weakest link in the chain.

• A response to the talent shortage: In a context of a global shortage of cybersecurity professionals, this alliance allows companies to compensate for their lack of internal expertise with outsourced services, without compromising the quality of protection.

What should be remembered?

This collaboration redefines access to advanced cybersecurity. By capitalizing on the massive installed base of Microsoft 365, Huntress democratizes critical services like EDR and SOC. A pragmatic and powerful response to the rise of threats.

CYBERTRIVIA - DID YOU KNOW? 🤔

Did you know that 98% of exploitable security flaws are due to incorrect configurations (bad SSL/TLS, open ports, etc.)? These errors account for more than 4 out of 5 attacks in the European public sector, and many understaffed firms simply do not detect them. A simple correct SSL configuration could avoid millions of euros in damages and preserve citizen trust.

SURVEY 📊

👉️ Let me know if you need further adjustments !