Image: Zion Grassl / Nintendo LifeWhile it was formally established last week, Nintendo has today revealed its newest Taiwanese subsidiary, creatively called 'Nintendo of Taiwan'.The branch was formed on 10th February and is set to take over Nintendo operations in the region from 1st April (the start of the new fiscal year).In an announcement post on the Nintendo Hong Kong website (translated via Google), the company stated that the subsidiary was established to "further strengthen our business base in the Taiwan market and improve the quality of customer service". The subsidiary will be based in Taipei and will "continue to promote business development in accordance with the Nintendo Group's business philosophy," the company continued.Nintendo closed its old Taiwanese subsidiary, 'Nintendo Phuten', back in 2014, with Nintendo Hong Kong taking control of the region's operations in the years since.With the growing market, the (re)establishment of Nintendo of Taiwan makes a lot of sense. Nintendo went all-out at last year's Taipei Game Show, pulling in the crowds with a massive Switch booth. The city has also been lucky enough to land a Nintendo pop-up store in the past, selling the kind of exclusive merch that we in Europe can only dream of getting our mitts on. Taiwan-t to see it allWhat do you make of Nintendo's newest subsidiary? Let us know in the comments.[source nintendo.tw]Share:02 Jim came to Nintendo Life in 2022 and, despite his insistence that The Minish Cap is the best Zelda game and his unwavering love for the Star Wars prequels (yes, really), he has continued to write news and features on the site ever since. Hold on there, you need to login to post a comment...Related ArticlesMetroid Prime First 4 Figures 'Samus Phazon Suit' Sneak Peek, Pre-Orders Open SoonUpdate: Here's a teaser of the light-up collector's editionSwitch 2 Units Are Reportedly Selling For $40,000 On The Chinese Black MarketOr $50 trade-in at GameStopHideki Kamiya Wants Nintendo To Reboot Virtual Console For Switch 2Not a fan of Switch Online, huh?98 Games You Should Pick Up In Nintendo's 'Play On' eShop Sale (Europe)Every game we scored 9/10 or higherFeature: "I Was Seeing Him In My Dreams" - Nintendo Veteran Just Can't Shake Shigeru Miyamoto"He got a good laugh out of that"

Above the Switch, but below its competitors.An analyst has predicted that Nintendo will "likely" price the upcoming Switch 2 at $399.Joost van Dreunen, author of 'One Up Creativity, Competition, and the Global Business of Video Games' and co-founder of the Nielson-owned games market research firm 'SuperData Research' has presented his reasoning for this prediction in his latest 'SuperJoost Playlist' newsletter.Read the full article on nintendolife.com

Last decade, companies like Segment rewrote the book on how organizations used APIs to merge data from disparate apps to improve marketing strategies. Today, a startup called Hightouch co-founded by a former engineering manager at Segment is announcing $80 million in funding for the next chapter: a platform that lets sales, marketing, and customer service teams synchronize data warehouses and other locations, along with AI agents to do that work and build those experiences for them.Sapphire Ventures is leading this Series C round, with NVC, Amplify Ventures, ICONIQ Growth, Bain Capital Ventures, and Y Combinator also participating. The funding, notably, catapults Hightouch to a $1.2 billion post-money valuation. For some context on that valuation, it roughly doubles the companys valuation from its last round in 2023.The funding will be used to continue developing Hightouchs technology, as well as for business development and hiring.Tejas Manohar the co-CEO of Hightouch, who co-founded the company with Kashish Gupta (co-CEO) and Josh Curl (CTO) said that at Segment, where he and Curl were also colleagues, there was work to be done beyond building a way to use APIs to improve integrations. That was a key evolution, but it was one that took a page from how developers worked, and thus could be too technical to execute in practice due to the number of data sources an organization might use.Asking customers to get data into Segment was an onerous task, Manohar recalled, not least because data from warehouses, where a lot of data ended up, was primarily used for analytics not marketing purposes.In 2019, as Segment scaled (eventually to the point of getting acquired by Twilio for $3.2 billion), Manohar and Curl teamed up with Curls friend Gupta, a machine learning specialist, to strike out on their own to build Hightouch.Hightouch has focused on developing tools in two main areas.The first is its core customer data platform (CDP) product. Designed both for non-technical users as well as data scientists, Hightouchs CDP was a bit of a breakthrough when it launched in 2020 because of how it shifted away from looking at data in apps and focused on using machine learning and other tooling to make it easier to use data from data warehouses in marketing, sales, and customer service work.They realised that cloud data warehouses are the new customer data platforms, Rajeev Dham, a partner at Sapphire Ventures, said in an interview. (He is joining the board with this round.)Uses include building personalization campaigns, loyalty programs, syncing data from data warehouses to a wide range of tools (more than 250, the company says, including all the big CRM and marketing platforms), and more. As weve described previously, users can create SQL queries to send data from data warehouses to different apps for specific uses, and there is a graphical interface for non-technical people to create queries.Hightouchs second product is a newer offering, AI Decisioning, which goes deeper into machine learning and automation to do what the name says: it is an agentic AI product that can be prompted with a particular goal, which then runs multiple experiments and tests to suggest optimal campaigns.AI Decisioning has been around since August 2024. But while Hightouch was not looking to raise money before its capital efficient as investors like to say, with money in the bank customer interest in the AI product is what led the company to put together this Series C.Thats what motivated us to say, All right, lets have this conversation, and lets raise the round, said Gupta, because now we finally have a good use for capital.Manohar admitted take-up of the AI product was helped by it getting rolled out to all of its existing customers which include companies like Spotify, PetSmart, Tripadvisor, Grammarly, and more. But such is the juggernaut of AI right now that Hightouch found it was also picking up new business as a result of AI Decisioning.While do things faster has long been one strong use case for adopting AI, as Manohar describes it, motivations are maturing.Companies, at the CEO and Chief Digital Officer and Chief Marketing Officer level, are really interested in like, how do we use AI to give our customers a better experience and increase lifetime value and revenue across our customer base? he said. The AI Decisioning agents can run thousands of experiments to figure out the best experience to deliver, Manohar added.Hightouchs previous fundraises include a seed round in 2020 from Y Combinator and others; a $40 million round led by ICONIQ Growth; and a $38 million round in 2023.

Monolinguists wanting to communicate with the global masses have never had it so easy. Trusty old Google Translate can convert the content of images, audio, and entire websites across hundreds of languages, while newer tools such as ChatGPT also serve as handy pocket translators.On the back end, DeepL and ElevenLabs have have reached lofty billion-dollar valuations for various language-related smarts that businesses can funnel into their own applications. But a new player is now entering the fray, with an AI-powered localization engine that serves the infrastructure to help developers go global a Stripe for app localization, if you will.Formerly known as Replexica, Lingo.dev targets developers who want to make their apps front end fully localized from the get-go; all they need to worry about is shipping their code as usual, with Lingo.dev bubbling away under the hood on autopilot. The upshot is that there is no copy/pasting text between ChatGPT (for quick and dirty translations), or messing around with multiple translation files in different formats sourced from myriad agencies.Today, Lingo.dev counts customers such as French unicorn Mistral AI and open source Calendly rival Cal.com. To drive the next phase of growth, the company has announced it has raised $4.2 million in a seed round of funding led by Initialized Capital, with participation from Y Combinator and a slew of angels.Found in translationLingo.dev is the handiwork of CEO Max Prilutskiy and CPO Veronica Prilutskaya (pictured above) who announced that they sold a previous SaaS startup called Notionlytics to an undisclosed buyer last year. The duo had already been working on the foundations of Lingo.dev since 2023, with the first prototype developed as part of a hackathon at Cornell University. This led to their first paying customers, before going on to join Y Combinator (YC)s fall program last year.At its core, Lingo-dev is a Translation API that can either be called locally by developers through their CLI (command line interface), or through a direct integration with their CI/CD system via GitHub or GitLab. So in essence, development teams receive pull requests with automated translation updates whenever a standard code change is made.At the heart of all this, as you might expect, is a large language model (LLM) or several LLMs, to be exact, with Lingo.dev orchestrating the various input and outputs between them all. This mix-and-match approach, which combines models from Anthropic, OpenAI, among other providers, is designed to ensure that the best model is chosen for the task at hand.Different prompts work better in some models over other models, Prilutskiy explained to TechCrunch. Also depending on the use-case, we might want better latency, or latency might not matter all.Of course, its impossible to talk about LLMs without also talking about data privacy one of the reasons that some businesses have been slower to adopt generative AI. But with Lingo.dev, the focus is substantively on localizing front-end interfaces, though it also caters to business content such as marketing sites, automated emails, and more but it doesnt funnel into any customers personal identifiable information (PII), for instance.We do not expect any personal data to be sent to us, Prilutskiy said. Through Lingo.dev, companies can build translation memories (a store of previously translated content) and upload their style guide to tailor the brand voice for different markets.Lingo.dev: Building a brand voiceImage Credits:Lingo.devBusinesses can also specify rules around how particular phrases should be handled and in what situations. Moreover, the engine can analyze the placement of specific text, making necessary adjustments along the way for example, a word when translated from English into German might have double the number of characters, meaning that it would break the UI. Users can instruct the engine to circumvent that problem by rephrasing a piece of text so it matches the length of the original text.Without the broader context of what an application actually is, it can be difficult to localize a small piece of standalone text, such as a label on an interface. Lingo.dev gets around this using a feature dubbed context awareness, whereby it analyzes the entire content of the localization file, including adjacent text or event system keys that translation files sometimes have. Its all about understanding the microcontext, as Prilutskiy puts it. And more is coming on this front in the future, too. Were already working on a new feature that uses screenshots of the apps UI, which Lingo.dev would use to extract even more contextual hints about the UI elements and their intent, he said.Lingo.dev dashboardImage Credits:Lingo.devGoing localIts still fairly early days for Lingo.dev in terms of its path to full localization. For example, colors and symbols may have different meanings between different cultures, something that Lingo.dev doesnt directly cater to. Moreover, things like metric/imperial conversions is something that still needs to be addressed by the developer at the code level. However, Lingo.dev does support the MessageFormat framework, which handles differences in pluralization and gender-specific phrasing between languages. The company also recently released an experimental beta feature specifically for idioms; for instance, to kill two birds with one stone has an equivalent in German that translates roughly into to hit two flies with one swat.On top of that, Lingo.dev is also carrying out applied AI research to improve various facets of the automated localization process. One of the complex tasks were currently working on is preserving feminine/masculine versions of nouns and verbs when translating between languages, Prilutskiy said. Different languages encode different amounts of information. For example, the word teacher in English is gender-neutral, but in Spanish its either maestro (male) or maestra (female). Making sure these nuances are preserved correctly falls under our applied AI research efforts.Ultimately, the game-plan is about much more than simple translation: It wants to get things as close as possible as to what you might get with a team of professional translators.Overall, the [goal] with Lingo.dev is to eliminate friction from localization so thoroughly, that it becomes an infrastructure layer and natural part of the tech stack, Prilutskiy said. Similar to how Stripe eliminated friction from online payments so effectively that it became a core developer toolkit for payments.While the founders most recently were based in Barcelona, theyre moving their formal home to San Francisco. The company counts just three employees total, with a founding engineer making up the trio and this is a lean startup philosophy that they plan to follow.Folks at YC, myself and other founders, were all huge believers in that, Prilutskiy said.Their previous startup, which provided analytics for Notion, was entirely bootstrapped with high-profile customers including Square, Shopify, and Sequoia Capital and it had a grand total of zero employees beyond Max and Veronica.We were two people, full time, but with some contractors for various things now and then, Prilutskiy added. But we know how to build things with minimal resources. Because the previous company was bootstrapped, so we had to find a way for that to work. And we are replicating the same lean style but now with funding.

Breakdown & ShowreelsWicked: Chistery VFX Breakdown by ILMBy Vincent Frei - 18/02/2025 Witness the artistry of ILM in Wicked! This new VFX Breakdown focuses on Chistery, the first and head of the flying monkeys, whose mesmerizing presence elevates the magic of the movie!WANT TO KNOW MORE?ILM: Dedicated page about Wicked on ILM website. Vincent Frei The Art of VFX 2025

Kurrimotzo Gallery | Pedro RosenbleuthAlberto Kalachs architectural practice has long been characterized by a profound sensitivity to site, material, and spatial experience. The Kurrimotzo Gallery presents a compelling exploration of how architecture can serve as both a frame and a subject in the art exhibition. Located within an evolving urban landscape, the gallery functions as a space for artistic display and as an architectural statement in its own right. Kurrimotzo Gallery Technical InformationArchitects1-2: TAX, Alberto KalachLocation: Gob. Rafael Rebollar 94, Colonia San Miguel Chapultepec, Mexico City, MexicoArea: 1,300 m2 | 13,990 Sq. Ft.Completion Year: 2008Photographs: Pedro Rosenbleuth; Roberto Ortiz de LandazuriThe first task of language is to create a space that fulfills a concrete objective, a space that is practical but at the same time thrills and offers a sense of surprise that becomes part of your memory. Alberto Kalach 3Kurrimotzo Gallery PhotographsFacade | Roberto Ortiz de Landazuri, ArchEyesCourtyard | Pedro RosenbleuthGallery Space | Pedro RosenbleuthSkylight | Pedro RosenbleuthSkylight | Pedro RosenbleuthGallery Space | Pedro RosenbleuthConcrete Bench Detail | Pedro RosenbleuthCourtyard | Roberto Ortiz de Landazuri, ArchEyesCourtyard | Roberto Ortiz de Landazuri, ArchEyesCourtyard | Roberto Ortiz de Landazuri, ArchEyesCourtyard | Roberto Ortiz de Landazuri, ArchEyesSkylight | Roberto Ortiz de Landazuri, ArchEyesGallery Space | Roberto Ortiz de Landazuri, ArchEyesSpatial and Programmatic Composition: Reinterpreting the Gallery TypologyThe Kurrimotzo Gallery departs from traditional white-box paradigms, opting instead for a dynamic interplay of volumes, light, and movement. The spatial composition is defined by a sequence of rooms that encourage a layered experience of arteach space offering distinct perceptual shifts through varying ceiling heights, apertures, and transitions between enclosed and semi-open areas. The circulation strategy is particularly noteworthy: visitors are guided through a carefully orchestrated sequence of spaces that alternate between compression and expansion rather than a linear progression.Kalachs use of thresholdswhether through carefully framed openings or transitional courtyardscreates a nuanced dialogue between interior and exterior. The gallery does not merely house art but actively engages with it, offering spatial conditions that allow for different scales of artistic intervention. This intentional ambiguity between exhibition space and architectural space raises questions about the role of galleries in shaping how art is experienced.Materiality and Atmosphere: Crafting Sensory ExperiencesMateriality plays a central role in defining the character of the Kurrimotzo Gallery. Kalach has long advocated raw, locally sourced materials, and this project continues that ethos. Using exposed concrete, stone, and timber is not merely an aesthetic choice but an effort to anchor the building within its physical and cultural context. These materials contribute to a tactile quality that contrasts sharply with the often sterile environments of contemporary galleries.Natural and artificial lighting is another crucial element in the projects atmospheric composition. Skylights and clerestory windows punctuate the heavy materiality of the walls, allowing diffused daylight to sculpt the interior spaces. The play of light and shadow shifts throughout the day, creating an ever-changing backdrop for the exhibited works. At night, strategically placed artificial lighting highlights textural details, emphasizing the material richness of the gallery itself.The integration of vegetationan element frequently seen in Kalachs worksoftens the buildings brutalist tendencies. Courtyards punctuated with native plants serve as transitional spaces and moments of pause, blurring the boundary between architecture and landscape.Context and Cultural Resonance: Beyond the ObjectWhile the Kurrimotzo Gallery is undoubtedly a formal and spatial experiment, its significance extends beyond its immediate physicality. The gallerys relationship with its urban or natural surroundings is critical to its architectural narrative. Does it integrate harmoniously within its context, or does it assert itself as an autonomous object? Kalachs design treads a delicate line between the two, offering a deeply rooted and undeniably distinct structure.From a cultural perspective, the gallerys impact on the local arts scene cannot be overlooked. As more cities witness the commodification of gallery spaces, often stripped of architectural ambition, the Kurrimotzo Gallery stands as a counterpointa space where the built environment enhances, rather than neutralizes, artistic experience. By embracing materiality, light, and spatial dynamism, it fosters an engagement with art that is as much about the observers movement through space as it is about the works on display.Sustainability is another lens through which the project can be critically evaluated. While its reliance on heavy materials raises questions about embodied carbon, its passive cooling strategies, reliance on natural light, and integration with the landscape suggest a conscientious approach to environmental concerns. The absence of overt sustainability branding is refreshingKalach allows the architecture itself to communicate these values subtly and effectively.Kurrimotzo Gallery PlansFloor Plan | TAX | Alberto KalachSection | TAX | Alberto KalachElevation and Sections | TAX | Alberto KalachKurrimotzo Gallery Image GalleryAbout Alberto KalachAlberto Kalach is a Mexican architect known for his innovative and contextually driven designs that blend modernism with natural and cultural influences. As the founder of Taller de Arquitectura X (T.A.X.), his work spans residential, commercial, and public projects, often integrating vegetation, raw materials, and sustainable strategies. Notable works include the Jos Vasconcelos Library in Mexico City and various residential projects that emphasize light, space, and ecological sensitivity. His architecture reflects a deep engagement with Mexicos urban and natural landscapes.Credits and Additional NotesDesign Team: Taller de Arquitectura X (T.A.X.)Client: Kurimanzutto Gallery, founded by Mnica Manzutto, Jos Kuri, and Gabriel OrozcoAlberto Kalach: WorkbyAlberto Kalach,Miquel Adri,Carlos Jimnez,Juan Palomar,Fernndo Fernndez,Eduardo Vzquez

From flooring to furniture, this roundup prioritizes recycled materials, circular design, and sustainability at-scale. (Courtesy AHF Products)Ingenious PlankAHF ProductsThis hybrid resilient flooring is made with a renewable and recycled core composed of natural wood fibers encapsulated in resin and raw materials. It is 100-percent PVC-free, suitable for residentialand light commercial applications. Available in 23 wood visuals, Ingenious Plank is dent-proof and durable while offering an attached pad for sound absorption.(Courtesy Rimadesio)RialtoRimadesioRialto is a freestanding furniture collection of bar cabinets, side tables, and consoles. Modern and linear design unite the pieces, as well as a focus on recyclable and recycled materials such as aluminum, glass, and wood.(Courtesy Hydro)Hydro CIRCALHydroMade from post-consumer aluminum sourced from old windows, doors, and facades, CIRCAL is the worlds first aluminum facade made entirely from scrap and produced at an industrial scale. The material is remelted, reducing carbon emissions and waste, and remade for facade, extrusions, windows, furniture, and more applications. (Courtesy Fiberon)Wildwood Composite CladdingFiberonMade with a minimum of 94-percent recycled content, Wildwood Composite cladding offers a long-lasting, low-maintenance, and more sustainable alternative to traditional wood cladding. It is available in a variety of board lengths and widths for more design solutions.(Courtesy REGUPOL)REGUPOL UpscaleREGUPOLUpscale is made from recycled rubber tires and planks to create flooring with slip resistance and acoustic benefits, making it suitable for healthcare, education, and other commercial applications. Custom colors are available, as well as a square or micro-bevel edge. Tiles and planks can be mixed and matched to create custom looks.(Courtesy CENTRIA)INTERCEPT+ Modular Metal PanelsCENTRIAINTERCEPT+ Modular Metal Panels incorporate modules of varying sizes for different depths, tapers, slopes, and perforation for diverse facade designs and easy-to-install rainscreens. The lightweight cladding uses 100-percent-metal substrate that is recyclable at the end of its life. (Courtesy Oldcastle APG)Moisture Shield Meridian DeckingOldcastle APGThese composite deck boards offer a low-profile wood grain with CoolDeck technology that reduces heat by up to 35 percent compared to standard capped composite decking. Its almost entirely made from recycled materials, including post-consumer plastic, industrial plastic, wood fibers, and other recycled content.(Courtesy Neolith)IgneaNeolithInspired by volcanic landscapes, the color of cooled matter, and the textures found in magmatic cycles, the Ignea collection features intense color with a riverwash finish. The sintered stone is made with up to 98-percent-recycled content and has a 98R seal for its recycled composition.

All images Mary Maka, shared with permissionThe Year of the Snake Slithers in Many Guises in Mary Makas Playful IllustrationsFebruary 18, 2025IllustrationKate MothesWidely celebrated in China and cultures across Asia, Lunar New Year is one of the most important holidays, marked by the new moon that appears between January 21 and February 20. This year, the celebration fell on January 29, and in accordance with the zodiac, 2025 ushered in the Year of the Snake.Mary Maka (previously) ran with the motif in a new series of illustrations dedicated to the annual event, exploring character design and experimenting with a range of shapes. Combining botanical elements and an interest in animation, her dynamic creatures writhe and twist, sometimes incorporating plant-like traits like cacti spikes and flowers into serpentine compositions.Cat SnakeOf the twelve zodiac animals, the snake may be the most tenacious, associated with the element fire. People born under the sign are said to be resilient, intelligent, resourceful, and determined. Makas digital portraits capture various unexpected characteristics, from a fork-tongued green cat to a berry-tailed rattler.Through humorous depictions of serpents shaped like cats, fruit, desert flora, and creatures out of science fiction, Maka embraces new ideas and juxtapositions. Still in draft form, additional vipers try on the guises of a genie, cowboy, and others. See more on her website, Behance, and Instagram.Plant SnakeSock SnakeLove SnakeMushrooms SnakeBerry SnakeEye SnakeApple SnakeNext article

sdecoret - stock.adobe.comNewsSouth Korea plots to become home to worlds largest AI datacentreConstruction of a datacentre that is projected to be 3GW in size is set to start later this year in South KoreaByCaroline Donnelly,Senior Editor, UKPublished: 18 Feb 2025 14:00 A newly created public-private partnership looks set to oversee the creation of the worlds largest artificial intelligence (AI) datacentre in South Korea. Work on the datacentre, which has a projected total cost of $35bn, is set to begin later this year and is expected to create a 3GW (gigawatt) datacentre by the time of its scheduled completion in 2028.Overseeing the project will be investment company Stock Farm Road, which has signed a memorandum of understanding (MoU) with South Korean governor Kim Young-rok of the Jeollanam-do Province that will pave the way for the sites development.The facility will feature advanced cooling infrastructure, regional and international fibre bandwidth, and the ability to handle significant and sudden variations in energy load, according to a statement. It will serve as a foundation for next-generation AI enablement, fostering innovation and economic growth in the region and beyond.The statement further claims the project will lead to the creation of 10,000 jobs in a variety of disciplines spanning energy supply and storage, renewable energy production, equipment supply, and research and development.This is more than just a technological milestone; its a strategic leap forward for Koreas global technological leadership, said Stock Farm Road co-founder Amin Badr-El-Din.We are incredibly proud to partner with Stock Farm Road and the Jeollanam-do government to build this crucial infrastructure, creating an unprecedented opportunity to build the foundation for next-generation AI.Stock Farm Road has a background of using data analytics and AI tools to manage energy resources, and operates its own proprietary energy-to-intelligence platform, known as e2i.The company said its expertise in this area will come into play during the datacentres construction, while other parts of its business will provide access to capital to fund the build.Meanwhile, the Jeollanam-do government side of the partnership will provide support by enabling the developers to secure the permits and approvals needed to allow construction of the datacentre to start.Stock Farm Road co-founder Brian Koo said the project could have a transformational impact on the region.Having witnessed first-hand the immense technological capabilities of large Asian enterprises, I recognise the potential of this project to elevate Korea and the region to a new level of technological advancement and economic prosperity, said Koo. This datacentre is not merely an infrastructure project, but the launchpad for a new digital industrial revolution.Looking ahead, Stock Farm Road said in its statement that the South Korean project marks the delivery of the first phase of its broader global strategy, whereby the company will seek to establish similar AI infrastructure partnerships across Asia, Europe and the US over the next 18 months.The decision to site the datacentre in the Jeollanam-do province of South Korea is notable, and in keeping with the direction of travel the countrys government has been going in for some time, with regard to supporting the spread of datacentre developments outside of the central Seoul area.The general policy direction is for the decentralisation of datacentres away from the greater Seoul area to regional areas for the establishment of purpose-led districts, said John Pritchard, Korea datacentre advisory team lead at real estate consultancy Cushman & Wakefield, in a late 2024 research note.However, this provides challenges for users, whereby latency and proximity to [the] end user are key considerations, and as such datacentres operating in the metropolitan area will become crucial enabling tools for digital groups.Read more about APAC datacentresThe Asia-Pacific Data Centre Association will advocate for policies to drive the security and resiliency of datacentres and minimise environmental impact, among other goals.Enterprises in the Asia-Pacific region are moving from their own datacentres into colocation facilities to reduce cost, improve efficiency and lower their carbon footprint.In The Current Issue:AI Action Summit: Global leaders decry AI red tapeNavigating the practicalities of AI regulation and legislationDownload Current IssueSLM series: ABBYY-A strategic recalibration of the tech arsenal CW Developer NetworkSLM series - Qt: Practical code experiences from the command line CW Developer NetworkView All Blogs

The CrowdStrike incident in 2024 hit the UK like a hurricane. As it swept across the country, it ground flights to a standstill, forced hospitals to cancel operations, and brought down the computer systems and websites of hundreds of businesses.Since the early 1970s, it has been possible to predict the damage likely to be caused by hurricanes using a five-point wind scale.Category one hurricanes may damage roofs or break branches on trees, and at the other end of the scale, a category five hurricane could leave areas uninhabitable for months.Theres no such way to categorise the destructive impact of cyber events like the CrowdStrike update, which brought down Windows computers worldwide in July 2024 but that is set to change, as an initiative gets underway this year to assess the damage caused by major cyber attacks on a hurricane-inspired five-point scale.The Cyber Monitoring Centre(CMC), the first organisation of its type, has been set up by the insurance industry as an arms-length organisation to assess the impact of serious cyber attacks that have systemic implications for the UKs infrastructure and services. It aims to make it easier for businesses to buy cyber insurance cover, and know exactly what will be covered and what wont.There are many ways to assess the impact of a cyber event. It could be measured in loss of life through cancelled hospital operations, the disruption caused by leaks of peoples personally identifiable information on the internet, or the strategic implications of the loss of classified government information to a hostile nation state.The CMC will focus on just one: the economic impact. The centre has appointed a technical committee of eminent experts to assign cyber events to a five-point scale ranging from small-scale disruptions impacting hundreds of people to catastrophic attacks affecting hundreds of thousands. Damage impacts range from less than 100m for category one events to more than 5bn for category five.The technical committeeCiaran Martin: Teaches cyber security and public policy at the Blavatnik School of Government at the University of Oxford. Founder of the UKs National Cyber Security Centre, part of GCHQ.Sadie Creese: Professor of cyber security in the Department of Computer Science at the University of Oxford.Gaven Smith: Former director general for technology at GCHQ.Dan Jeffery: Managing director at Daintta, a cyber, data, privacy and systems engineering company.Jamie MacColl: Fellow in cyber security at the Royal United Services Institute.Julian Williams: Head of the department of finance at Durham University. Specialist in quantitative financial and cyber risk.The centre plans to monitor press reports and reports from business organisations to identify significant cyber attacks with multiple victims. It has partnerships with data providers to provide statistics on cancelled flights and disruption to datacentres, and works with the NHS to gather data on cancelled operations and hospital procedures. It also has access to advice from legal experts and cyber security specialists that respond to incidents, to help it build financial models of each significant cyber event. The models are reviewed and stress-tested. The final say goes to CMCs technical committeeThe centre aims to produce an impact report within 30 days of the cyber event that will focus on immediate financial losses. It will not take into account longer-term losses caused by, for example, the risk of litigation, or other delayed effects.The aim of the CMC is to make it easier for companies to buy cyber insurance and know what magnitude of cyber event on the five-point scale they can expect to be covered for, said Ed Lewis, a director and founder of the centre.The insurance industry has long struggled with how to insure cyber risks. Back in 2022, Lloyds of London issued a bulletin mandating the exclusion of cyber war incidents from cyber insurance cover. But who would decide whether a cyber attack was an act of warfare by a hostile state? Government or insurers?Add to that the complex exclusion clauses developed by the London market for cyber insurance, and it was a lawyers dream, said Lewis.It became clear that what mattered most was not which country was responsible for an act of cyber warfare, but the scale and severity of an attack. If a cyber attack had the digital fingerprints to show that it was directed against multiple targets, it had the hallmarks of a systemic attack.Some insurers, particularly those that insure multiple small and medium-sized businesses, do not cover systemic risks. That is to avoid large losses if multiple clients are hit by the same catastrophic incident. However, businesses can obtain insurance cover to protect against systemic risks from other specialist insurers.During the summer of 2022, Lewis went with a team of lawyers from his firm, Weightmans, working with insurer CFC, to France for six weeks to hammer out a solution. They came up with the idea of creating a company limited by guarantee to act as an independent centre of expertise on systemic cyber attacks.The team spent the first half of 2023 developing a methodology to assess the financial impact of cyber attacks on a five-point, hurricane-inspired scale, and in October that year incorporated CMC as a company limited by guarantee.The centre reviewed three cyber attacks in a trial run in 2024, and the results were surprising. Some of the most talked-about cyber attacks were not necessarily the most damaging to the UK economy.Take the attack on the file transfer service, MoveIT, in May 2023. It affected over 2,000 organisations and exposed the personal data of around 64 million people.Although it generated headlines around the world and captivated the attention of the cyber security community, the economic impact of the attack on MoveIT on the UK was as close to negligible as it is possible to reach on the CMCs hurricane scale.In June 2024, another ransomware group struck pathology laboratory Synnovis, which processes blood tests for NHS organisations across London. The attack led to major disruptions for GP surgeries and NHS trusts, leading to delays in medical procedures, cancelled appointments and shortages of blood stocks.Despite attracting mass interest, CMC judged the economic impact as relatively low, at between 100m and 1bn, with less than 0.1% of the population affected. That won it a rating of category two on the five-point scale.The failure of an update to CrowdStrikes security software in July 2024 caused worldwide disruption to Windows computers, but after an initial burst of press coverage, it failed to capture the publics continued interest. However, CMCs experts rated CrowdStrike as a category three incident significantly more impactful than MoveIT and Synnovis.The CMCs assessments may not be infallible, but they come with a clear methodology and use data to inform the technical committees decisions, all of which will be published and open to public scrutiny.The idea is that the centre will act very much like an independent arbitrator. Companies offering insurance and those buying insurance will be able to agree to be bound by its decision in any dispute over insurance cover.That means that the centre will need to be seen as completely independent of the insurance industry and government and that it will need to build a reputation for trusted decisions if it is to be successful.The centres current plans are to raise funding through membership fees, with the organisation hoping to attract members from a wide range of industries, professional services, manufacturing and retail, and insurers. Lewis stressed, however, that insurers and government will have no influence over the CMCs assessments.What we are very clear on is that the work of the technical committee has to be independent of government and independent of insurers, he said. They have to be as far as practically possible, beyond the potential for impeachment.The work of the CMC is likely to influence the direction of government policy over cyber risks. Many hope it will help to shift the balance of regulation from policing data leaks to policing cyber failures which result in the loss of essential services.Ciaran Martin cited as an example an attack by the Conti ransomware group on the Irish health service, which disrupted healthcare for months in 2021.When the Irish state refused to immediately pay the ransom, the Conti crime group stepped up the pressure by releasing medical data on the internet. It was only at that point that Irelands Health Service Executive was obliged to notify regulators about the incident.Its such a stark illustration of the point that a whole national healthcare system, including cancer surgeries had to stop, and thats not a breach of obligations, but the loss of a small amount of medical data [was considered a breach], he told Computer Weekly.That could change in the UK if the Cyber Security and Resilience Bill passes through parliament as expected. It introduces obligations for organisations to maintain critical services, and could lead to mandatory reporting of ransomware attacks.Im not saying, Lets repeal data regulation and lets impose sweeping service obligations on small hairdressing salons, but Im saying, Lets think about it carefully, said Martin.If you give a victim the choice between two bad situations one is the loss of critical health services and the other is the loss of their personal data, most people would opt for losing personal data rather than losing access to medical care, he added.Lewis concurs. There seems to be a disproportionate focus on cyber incidents that also involve a data breach, he said. I think its probably fair to say theres been quite a bit of criticism of the Information Commissioners Office and how those powers have been used over recent times.He hopes that the CMC can remove what he calls victim stigma, where fear of bad publicity or litigation can lead organisations hit by cyber attacks to opt for secrecy rather than openness.There are signs that this is happening already. The British Library, which faced major disruption after an attack by the Rhysida ransomware gang, published a comprehensive lessons-learned report, which was widely applauded in the cyber security community.The Harris Federation, a network of schools in London and the South East that lost email and telephone access after a ransomware attack in 2021, has talked about its experience in a series of podcasts to help others improve their own cyber resilience.For Martin, the CMCs primary aim is to deliver a better-functioning insurance market and better provision for companies seeking to insure against cyber attacks.He would like to see the CMC gain credibility over time as a source of factual information for academic, government and industry papers.And if the CMC is doing its job, he said, the media will be able to get a better handle on what cyber incidents are serious and what are likely to have a minor economic impact.How to measure the impact of a cyber attack1. Initial Review: After reviewing press reports and initial data sources, the technical committee discusses the attack and decides whether to formerly review it. Generally, the committee will only assess threats that cause more than 100,000 of damage and impact multiple organisations. The review includes assessing what types of organisations have been affected by the cyber attack and the creation of models to assess its economic impact.2. Data Collection: The centre collates media reports and supplements the reports by polling businesses through an arrangement with the British Chambers of Commerce. The poll identifies industry sectors that have been subject to cyber attacks, but either because they are less interesting to the public or have remained under the radar have not been reported by the press.Other data providers include Cirium, which provides details of all delayed and cancelled flights, and Parametrix, which provides data about outages of datacentres. Public sector data sources, such as the NHS, which publishes data on the impact of cyber attacks on clinical services, will also contribute. The centre plans fortnightly polls through the Office of National Statistics to collect further data on cyber attacks from up to 40,000 businesses.3. Modelling: The centre builds models of the financial impact of cyber attacks by speaking to experts in the organisations that might be affected, incident responders and legal experts. An attack on a NHS supplier, for example, would involve assessing the costs of delayed operations and the cost of catching up on a backlog of treatment. The centre is able to build a model of the upper and lower financial impacts of cyber attacks, based on the types of organisations affected. The assumptions of the model are reviewed and stress tested.4. Review by technical committee: A technical committee of experts meets to review and challenge the data and decide on the category of financial severity of the incident.5. Publication: The centre publishes an event report ranking the cyber risk between zero and five on a scale of severity. The report includes an analysis of how the committee reached its decision, additional analysis and commentary from members of the technical committee.