Chinese smartphone-makers OnePlus and Oppo plan to raise prices on some existing models starting next week, according to a 9to5Google report citing GizmoChina and a notice posted on Oppo’s China online store.

In its notice, Oppo said it would adjust pricing after evaluating rising costs for several key components used in its mobile phones. The changes are expected to take effect around March 16 and will affect some of the company’s more affordable smartphones, as well as some OnePlus models. 

Flagship devices — like those in the Find and Reno series — are not expected to be affected for now. The reported adjustments currently appear to be limited to China.

The move highlights growing pressure across the smartphone supply chain as component costs climb. Analysts say prices for memory and storage chips used in phones have been rising in recent months as demand surges across the tech industry. 

Much of the chip demand is coming from the rapid buildout of AI data centers, which rely on large amounts of high-performance memory. 

That pressure isn’t limited to Oppo and OnePlus. Analysts say smartphone brands across the industry are facing rising component costs amid increased demand for memory chips.

As manufacturers shift production toward higher-margin memory used in AI servers, supply for consumer electronics such as smartphones and laptops can tighten. 

If component costs continue to rise, manufacturers may face difficult choices later this year, including raising retail prices or adjusting device specifications to offset higher manufacturing costs.

OnePlus and Oppo didn’t immediately respond to a request for comment.

The first step to fighting a war in space is knowing what’s happening tens of thousands of miles above the planet. Toward that end, defense tech darling Anduril is buying boutique data firm ExoAnalytic Solutions.

ExoAnalytic operates a network of 400 telescopes around the world, which it uses to track spacecraft in high orbits above the planet. The company’s engineers develop software that converts those observations into situational awareness tools for U.S. national security agencies watching adversary spacecraft and coordinating American assets on orbit.

“This is a company we’ve been working with closely for the last several years on a number of programs, and they are experts in space domain awareness and missile defense,” Anduril VP of engineering Gokul Subramanian told reporters. “We believe the [Department of Defense] deserves the best catalog of everything going on in space.”

The privately-held companies did not disclose the terms of the deal. Anduril is in the process of raising a $4 billion round from investors Thrive Capital and Andreessen Horowitz, Reuters reported last week.

ExoAnalytics will be directly integrated into Anduril, not run as a separate subsidiary, though Subramanian said it would continue to serve existing and future outside customers. Currently, Anduril has 120 employees focused on space defense, a number that will more than double with the addition of 130 ExoAnalytics employees.

The company’s technology could help Anduril win government contracts supporting Golden Dome, the missile defense system that the US Congress has appropriated billions of dollars to build. That system is expected to include thousands of satellites to track and target enemy missiles, and maintaining real-time awareness and coordination among them will be a heavy lift.

Anduril is planning to launch three spacecraft this year as internally-funded R&D projects that will draw on capabilities gained in the acquisition. Subramanian said ExoAnalytic’s experience processing space data would be used in an infrared tracking satellite it plans to launch this year in partnership with Apex Space. The space tracking data will be used to execute two missions in high orbit expected to launch this year in partnerships with Impulse Space and Argo Space, respectively.

There’s another potential angle to the acquisition — the machine vision algorithms ExoAnalytic has developed to spot satellites in orbit are also useful for interceptors trying to track and engage with incoming threats. Anduril received a contract from the Pentagon in late 2025 to begin developing a space-based missile interceptor.

ExoAnalytic was founded in 2008 to adapt missile defense sensor technology to track spacecraft in orbit after U.S. military officials called for new and better ways to understand what was happening in space, CEO Doug Hendrix said in a 2024 interview. The company’s early growth was funded by grants and contracts from the federal government, including $26 million in SBIR grants since 2010.

U.S. Space Force officials have expressed deep concern about Chinese and Russian spacecraft that fly closely alongside American and European satellites, where they could potentially intercept communications or damage the satellite with electronic or other weapons.

“Two years ago, an [U.S. commander in the Pacific told] me that the fleet cannot leave the port without the space layer being secured,” Subramanian said. “We’ve been on a mission for the last several years to figure out how to be a part of that solution.”

The global average cost of a data breach fell to USD 4.44 million in 2025, a 9 per cent drop and the first decline in five years, according to IBM’s Cost of a Data Breach Report. On the surface, that looks like progress. Security AI and automation are finally paying dividends, compressing detection timelines and trimming investigative overhead.

But the headline number obscures a more uncomfortable reality. Organisations with extensive automation reported breach costs nearly USD 1.9 million lower than those relying on manual processes. The gap between leaders and laggards is not closing – it is widening. And the very AI tools driving those savings are introducing a new category of risk that regulators, insurers and boards can no longer ignore.

The automation paradox

Security operations centres have embraced AI with the urgency of an industry running out of analysts. Burnout-driven churn rates exceed 25 per cent annually in many SOC teams, among the highest in IT. Replacing a trained analyst typically takes six to twelve months. The maths is brutal: organisations cannot hire their way to resilience.

Automation was supposed to solve this. And in narrow, well-defined workflows, alert triage, log correlation, repetitive enrichment tasks – it has. The Nextgen 2025/2026 Cybersecurity Trends Report estimates that industry telemetry in 2025 reached 308 petabytes across more than four million identities, endpoints and cloud assets, producing nearly 30 million investigative leads. Analysts confirmed only around 93,000 genuine threats from that mountain, a hit rate of just 0.3 per cent. Without automation, the volume alone would be unmanageable.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!

Yet Gartner’s 2025 Hype Cycle for Security Operations places AI SOC agents at the Peak of Inflated Expectations, warning that claims still outpace sustained, measurable improvement. Initial adoption frequently adds work before it reduces it. False positives and hallucinations remain genuine operational risks. And cost models often limit broad deployment across SOC roles.

The paradox is clear: organisations need AI to cope with the data flood, but ungoverned AI introduces the very blind spots it was meant to eliminate. IBM’s 2025 report found that shadow AI,  staff using unsanctioned generative AI tools to process sensitive data, added an average of USD 670,000 to breach costs where present. A staggering 97 per cent of breached organisations that experienced an AI-related security incident lacked proper AI access controls. Meanwhile, 63 per cent of surveyed organisations admitted they have no AI governance policies in place at all.

The implication is stark. Automation without governance does not reduce risk, it redistributes it. And in a regulatory climate that increasingly demands transparency, ungoverned AI in the SOC is not just a technical liability. It is a compliance exposure.

When alert fatigue becomes a breach vector

The human cost is measurable, and it extends well beyond budget lines. Studies cited in the Nextgen report show SOC teams routinely ignore or dismiss up to 30 per cent of incoming alerts – not through negligence, but necessity. When every alert looks the same and context arrives fragmented across disconnected consoles, skilled analysts are forced to triage by instinct rather than evidence.

The consequences vary by sector, but the pattern repeats. In healthcare, still the costliest industry for breaches at USD 7.42 million per incident and 279 days to contain – alert fatigue is not merely an IT problem. ENISA’s dataset of 215 healthcare incidents between 2021 and 2023 found that 54 per cent involved ransomware, with patient data the primary target in 30 per cent of cases. Hospitals have reported diverted ambulances and delayed surgeries directly tied to stretched staff and clogged detection pipelines.

In manufacturing and energy, where NIS2 enforcement began in 2025, a single day of downtime at a high-throughput plant can cost millions of euros. Adversaries increasingly target industrial control systems by pivoting through poorly segmented IT networks, exploiting exactly the kind of ambiguous, context-dependent alerts that overwhelmed analysts tend to dismiss.

The financial data reinforces the point. Breaches contained in under 200 days averaged USD 3.87 million in 2025, while those stretching beyond that threshold averaged USD 5.01 million. Multi-environment incidents, spanning cloud, SaaS and on-premises infrastructure simultaneously, were costlier still, averaging USD 5.05 million with lifecycles approaching 276 days. The operating environment dictates complexity, and complexity dictates cost.

The lesson from 2025 is that sheer data volume will only increase, but the teams that succeed are those treating correlation and enrichment as architectural necessities rather than optional add-ons.

Europe’s regulatory convergence

Three regulatory frameworks are now converging on a single demand: prove resilience continuously, not just report it after the fact.

The Digital Operational Resilience Act (DORA), which came into force across the EU in January 2025, reframes cybersecurity for financial services around operational resilience during severe IT disruptions. Its reporting requirement is the most disruptive element – institutions must submit incident reports within hours, backed by forensic, audit-grade evidence. Logs must be digitally signed and time-stamped to survive regulator scrutiny months later.

The NIS2 Directive, transposed into national law across Europe in 2024–2025, expanded the regulatory perimeter from seven sectors to eighteen essential and important sectors. In Romania, it was transposed as Law 124/2025, explicitly naming manufacturing as a regulated sector for the first time, forcing production facilities to adopt compliance frameworks on par with hospitals and banks. Under NIS2, boards of directors are directly accountable, with penalties including fines and disqualification from holding directorships in the EU.

And then there is the EU AI Act, whose most substantive obligations take effect on 2 August 2026. High-risk AI systems, a category that encompasses many security automation tools, will need to demonstrate compliance with requirements around risk management, data governance, technical documentation, transparency, human oversight, accuracy, robustness and cybersecurity. Providers must implement technical measures against data poisoning, model evasion and adversarial attacks.

For global financial groups, the complexity multiplies. A single breach may require simultaneous reporting under DORA, GDPR and national frameworks, each with different formats and deadlines. For manufacturers newly brought under NIS2’s scope, the challenge is even more fundamental: many lack the tooling infrastructure to produce compliance-grade evidence at all, let alone under time pressure.

Together, these three frameworks create a regulatory environment where cybersecurity AI cannot simply be effective – it must be auditable, explainable and governed. The question organisations face is no longer “how secure are we?” but “can we demonstrate it to regulators within hours?“. For organisations evaluating platforms built for this regulatory environment, a recent comparison of European SIEM vendors provides additional context.

The case for governed autonomy

This regulatory convergence is reshaping what good security architecture looks like. The industry is shifting from rule-based automation – where playbooks execute predetermined steps, toward what might be called governed autonomy: semi-autonomous SOC operations with built-in compliance guardrails.

In a governed autonomy model, AI does not replace human judgement. It narrows the decision space. Correlation happens at ingestion, collapsing dozens of fragmented alerts into a single enriched case with full audit evidence.

UEBA scoring ranks anomalous identities and assets by risk, so analysts focus on what matters rather than wading through noise. And every investigation timeline doubles as a compliance artefact, digitally signed, framework-mapped and ready for regulator export.

The architectural principle is lean: every security case is simultaneously a compliance case. Analysts investigate once, and the system produces both operational outputs and regulator-ready reports. This avoids the duplication that plagues organisations running separate SIEM, SOAR and compliance tools, each adding cost, latency and integration effort.

European platforms are increasingly built around this philosophy. Romania-based Nextgen Software, for example, designed its CYBERQUEST platform to unify detection, investigation and compliance reporting within a single workflow, so that every enriched case automatically generates the audit trail DORA and NIS2 demand. Its agentless OT monitoring module addresses a gap that matters for manufacturers and utilities: visibility into industrial control systems without deploying intrusive endpoint agents. Similar convergence efforts are visible across the European vendor landscape, from Nordic SIEM providers building compliance-ready exports to German-led initiatives embedding ISO 27001 and NIS2 mappings directly into detection logic.

From assistants to agents – carefully

The next frontier is the move from AI assistants to AI agents systems that do not merely suggest next steps but actively execute detection, investigation and response workflows. It is a transition the industry is approaching with a mixture of ambition and caution.

Vlad Gladin, CTO of Nextgen Software, describes this evolution in practical terms: “Our Cyber Minds AI Personas are evolving from advisory assistants into context-aware investigation agents. Rather than simply recommending a response, these agents will be able to correlate telemetry across identity, network and endpoint data in real time, conduct preliminary forensic analysis, and present analysts with an enriched investigation narrative, not a queue of disconnected alerts. The goal is not to remove the analyst from the loop, but to ensure that when they engage, the context is already assembled.”

This mirrors the broader industry trajectory. Gartner recommends treating AI SOC agents as workflow augmentation tools rather than autonomous replacements, with strong emphasis on maintaining human oversight. The concern is legitimate: over-automation introduces risk if agents act on flawed assumptions, and most current use cases remain narrow and task-specific rather than end-to-end.

The governed approach means building trust incrementally. Start with automated enrichment and case assembly. Layer in UEBA-driven prioritisation. Only then extend to semi-autonomous response actions – and always with audit trails that a regulator or insurer can verify after the fact.

There is a reason this incremental model resonates particularly in Europe. The continent’s regulatory landscape rewards demonstrable control over raw capability. An AI agent that can triage a thousand alerts per hour is impressive; an AI agent that can triage a thousand alerts per hour and produce a DORA-compliant incident timeline for each one is bankable. The commercial logic and the regulatory logic are converging on the same architectural requirements.

What 2026 demands

The organisations best positioned for 2026 are not necessarily those with the most advanced AI, but those that can prove their AI is trustworthy. In a landscape where DORA demands forensic evidence within hours, NIS2 holds boards personally liable, and the EU AI Act requires demonstrable governance of high-risk systems, the real differentiator is not speed of detection but speed of demonstrable trust.

This means compliance cannot remain a bolt-on exercise performed quarterly by a separate team. It must be embedded in the detection-to-resolution workflow, generated automatically as a by-product of incident handling. Platforms that deliver audit-ready evidence as a natural output of operations, rather than requiring analysts to reconstruct it after the fact, will set the new standard.

The cybersecurity industry spent the past decade racing to automate. In 2026, the race shifts to governing that automation, proving to regulators, insurers and boards that the machines defending the network are themselves accountable. The winners will not be the organisations with the most AI. They will be the ones whose AI can show its working.

A new global study suggests people stop trusting AI voices the moment they realize the voice isn’t human, which creates a big problem for companies that use synthetic voices in customer service and other public-facing systems.

The research was conducted by Estonian startup Vocal Image and examined 20 text-to-speech models from major technology companies and specialized AI developers.