It’s no surprise to me that financial services organisations missed the 17 January2025 deadline to be in compliance with the European Union’s Digital Operational Resilience Act. I personally have not met a CIO or CISO who thought this deadline was realistic. Even back in January, research from Orange Cyberdefense saw 43% of respondents in the industry admit they would not be compliant by the deadline. In March, Clear Junction revealed 86% of financial services organisations were not fully compliant and more worryingly Skillcast’s DORA readiness report showed huge variation in the resilience of these institutions’ IT infrastructures. The banking and lending subsector stood out as the least prepared for compliance while the financial transaction processing subsector was the most vulnerable to cyber threats. Given we have known this deadline was coming, why such inconsistency when it comes to readiness? The reality is that cyber security strategies are always dealing with moving targets. Today, your organisation could feel secure and in compliance with DORA, but tomorrow the vulnerability landscape could change. New threats are introduced all the time. For example, you could implement a new supplier technology which could create new vulnerabilities in the supply chain, or the regulations themselves could change. In the UK, we are still expecting the Cyber Security and Resilience Bill at some point this year. The Government has announced its proposals but it is still to be confirmed when it will come into effect. The reality is that many companies are still unsure what measures they need to take to establish DORA compliance, and it requires a significant amount of vigilance across IT infrastructures to understand your exposure. One area commonly overlooked or discounted is the Java environment. Given Java comprises 51% of the software code in the financial sector, companies should make sure to give their Java applications the appropriate consideration as this is where many compliance and security risks lie dormant. Azul’s 2025 State of Java Survey & Report revealed that 41% of respondents encounter critical production security issues within their Java ecosystems on a weekly or daily basis. While three years after the Log4j incident, 49% are still experiencing security weaknesses in production from the remote code executionvulnerability. Financial institutions must ensure their Java footprint, and that of their third-party providers or services, complies with DORA regulations. As a result, investing in detection tools and post-breach response preparedness can help significantly reduce breach costs for financial firms and their customers. Together, they will have to take an inventory of the risks associated with their applications to ensure compliance and security. That risk could be amplified if organisations use unsupported versions of Java. In highly regulated industries, like financial services, where systems run on Java are supporting mission-critical applications, not ensuring your core systems are supported is highly risky, particularly as it exposes you to non-compliance with regulations like DORA. about DORA We look at the new EU regulation for cyber resiliency, the role of IT asset management in auditing and third-party risks. Compliance regulations come into force on 17 January, but many in the financial services community are not ready. To guarantee compliance, players in the financial services industry must address these five pillars: Guarantee ICT risk management: Unsupported OpenJDK distributions can expose financial institutions to significant risks, such as unpatched security vulnerabilities and performance issues. It is necessary to have an OpenJDK distribution capable of providing security patches to ensure Java applications remain resilient and compliant with management requirements. Report incidents quickly: Not all OpenJDK distributions provide security updates and critical patch updatesat the same time leading to unreported and unnoticed incidents that can lead to non-compliance. Industry players must equip themselves with tools capable of providing continuous monitoring for vulnerabilities and unused or dead code in production. This allows organisations to quickly and accurately detect, report and remediate vulnerabilities. Carry out regular and rigorous penetration and security tests: Using outdated or vulnerable updates of Java may not accurately reflect production environments, leading to false security assumptions. It is therefore important to have up-to-date and tested Java distributions, including legacy versions like Java 6 and 7 and architectures like Windows x86 32-bit, enabling reliable and accurate testing environments for financial institutions. Strengthen third-party risk management. Affiliating with unsupported OpenJDK distributions by third parties increases the risk of security vulnerabilities and operational failures. It is necessary to ensure that third-party applications and services based on Java meet the highest security and performance standards, thereby reducing third-party risks. Participate in sharing information on cyber threats.  Using unsupported OpenJDK distributions may result in a lack of awareness about updates and security patches, relegating these applications and services to becoming a weak link in the information sharing chain. Organisations must ensure they are aware of the latest vulnerabilities and can share relevant threat intelligence with other entities to improve collective cyber security resiliency. Cyber security is essential for stable and high-performance business operations today. By ensuring a secure Java distribution, promptly addressing vulnerabilities, and continuously monitoring their Java environment, companies can make a large portion of their IT assets DORA-compliant and strengthen their resilience against cyberattacks. James Johnston is vice president of EMEA at Java specialist Azul. He is responsible for growing Azul's software revenues across EMEA. Prior to joining Azul, James has held a number of leadership positions with Cloudera, Fujitsu and HPE.  James has an honours degree in business studies from UWE. #it039s #time #get #grips #with

May 12, 20257 min readPhysicists Build a ‘Black Hole Bomb’ in the LaboratoryAstronomical amounts of energy could be extracted from black holes—to build a gigantic bomb, for example. Experts have now implemented this principle in the laboratoryBy Manon Bischoff edited by Lee BillingsAn artist’s rendition of a black hole surrounded by a glowing accretion disc of material, the light from which is warped by the strong gravity. In principle, energy could be harvested from a spinning black hole—and lab-based demonstrations are beginning to show physicists how this could occur. Mark Garlick/Science Photo Library/Getty ImagesA bomb from a black hole would probably be the most destructive weapon in the universe. Hypothetically, it could be created by wrapping one of these cosmic monsters in mirrors and waiting for it to go “boom.” Now Hendrik Ulbricht of the University of Southampton in England and his colleagues have demonstrated this principle, called superradiance, in the lab using a rotating metal cylinder instead of a black hole. They submitted their results, which have not yet been peer-reviewed, to the preprint server arXiv.org in late March.“This work shows that a ‘black hole bomb’ can actually be built in the laboratory,” says physicist Vitor Cardoso of the Niels Bohr Institute in Denmark, who was not involved in the study. “It thus provides a solid basis for studying the entire physics of black holes.”Among the strangest objects in the universe, black holes pack so much mass into such a small space that they can radically warp spacetime. A black hole’s gravitational pull is so strong that within a certain distance, nothing can escape it—not even light. Theorist Roger Penrose is one of the pioneers who first studied black holes mathematically in detail—work for which he shared the Nobel Prize in Physics in 2020. And amid that early work, he realized something surprising.On supporting science journalismIf you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.As Penrose knew, nothing stands still in our cosmos, not even black holes. These massive monsters can spin, distorting spacetime in the process to form a kind of vortex. An approaching object can be caught up in this vortex and spiral around the spinning black hole. Even before the object passes the event horizon, beyond which not even light can escape gravity’s clutches, it reaches an area that physicists call the “ergosphere.” There the object would have to move faster than light to escape the rotation around the black hole.This ergosphere is a strange place, as Penrose noted, because objects there can possess negative energy. A particle, for example, could split into two equal-but-opposite parts: one with negative energy and another with positive energy. The former would then crash into the black hole (thus reducing the black hole’s energy), allowing the latter to escape the cosmic behemoth’s mighty grip. An external observer would see a particle with a certain energy falling toward the black hole, only to apparently rebound outward with higher energy. The black hole loses part of its rotational energy in the process.Black Hole Mining and SuperradianceIn principle, this would allow black holes to serve as gigantic sources of energy. The process could not only imbue massive objects with more energy but also amplify electromagnetic waves in a phenomenon called superradiance. This realization spurred some physicists to even imagine how advanced alien civilizations might use superradiance to generate energy. But despite how relatively simple it is to describe on paper, no one knew how the signal of superradiance could be observed in real black holes. Thus, the concept initially remained mere speculation.In 1971, however, two years after Penrose first described this phenomenon, physicist Yakov Zel’dovich published research that suggested that black holes aren’t the only objects that can be tapped as superradiant energy sources. Any rotating, axially symmetrical body that absorbs electromagnetic radiation—such as a metal cylinder—can also exhibit superradiance under certain circumstances. “Roughly speaking, the rotating absorber must rotate faster than the phase rotation of the incident radiation,” explains physicist Maria Chiara Braidotti of the University of Glasgow in Scotland, who was involved in the latest work. “If this condition is met, the absorption coefficient of the cylinder changes sign, thus amplifying the radiation.”Zel’dovich even went one step further by showing that superradiance could also take place in a vacuum and wouldn’t require an incoming electromagnetic wave. That’s because on quantum scales the vacuum is anything but empty. At any time, pairs of virtual particles and antiparticles can pop into existence, although they typically immediately annihilate each other again. The phenomenon is known as vacuum fluctuation. And these fluctuations could also be amplified in the vicinity of black holes —or a rotating metal cylinder. “Stephen Hawking didn’t believe this idea and tried to refute it,” explains Marion Cromb, a researcher in Ulbricht’s group at the University of Southampton and a contributor to the new work. “Not only did [Hawking] admit that Zel’dovich was right but he was also able to prove that even nonrotating black holes—without an ergosphere—spontaneously emit radiation.” This realization led to the discovery of Hawking radiation.According to the theoretical calculations, however, vacuum-based superradiance would be so faint that it could not be detected—unless, that is, it was somehow amplified. As Zel’dovich described, the rotating body (black hole or metal cylinder) could be encased in mirrors to reflect the amplified radiation back to the rotating body, intensifying it over and over again. As physicists William Press and Saul Teukolsky realized, so much energy could accumulate inside the mirrors that a gigantic explosion would occur. Press and Teukolsky, therefore, referred to the setup as a black hole bomb.Depending on how much rotational energy the black hole or the metal cylinder has, a result other than a gigantic explosion is conceivable, though. Cardoso and his colleagues described this possibility in a paper published in 2004 that showed how superradiance can cease if the black hole or metal cylinder loses too much angular momentum, thus defusing the explosion.Explosions in the LaboratoryUlbricht, Braidotti and their colleagues now wanted to test all these theoretical predictions in the laboratory. “Originally, we thought it would be too difficult to observe the actual effect,” Braidotti says, nothing that a cylinder would have to rotate so fast that it would be destroyed in the process. For this reason, she initially turned her attention to simpler systems in which superradiance can occur, including a setup with sound waves. “The breakthrough was our noticing how to reduce the frequencies of electromagnetic fields in a very simple way so that they are smaller than the rotation frequencies of the metal cylinders,” Ulbricht explains. The researchers only needed alternating current circuits for this. “This finding opened up the possibility of conducting the experiment with electromagnetic waves,” Braidotti says.The team then turned its attention to electromagnetic superradiance. “The experimental setup itself is quite simple: it consists of a rotating cylinder and the stator coils of a commercially available induction motor, combined with some capacitors and resistors,” Cromb says. These devices were placed around the metal cylinder to generate a magnetic field inside it, which produced electromagnetic radiation. At the same time, these devices also served as mirrors because they reflected the electromagnetic waves back toward the cylinder.“The biggest difficulty was that things were constantly exploding,” Cromb says. “It was a balancing act between measuring a reasonable signal and overloading the system. When the current through the coils became too high, the resistors in the circuit exceeded their rated voltage and burned out. This interrupted the electrical circuit, thus destroying the ‘mirror.’”The researchers initially feared that these overloads would prevent any observation of superradiance. But they were lucky. “The reinforcement was large enough to overcome the loss and enter the area of instability,” Cromb says. In fact, the team was able to show that the voltage in their structure increased exponentially, as predicted by Zel’dovich. This underpins the researchers’ claim of the first-ever lab-based demonstration of an electromagnetic version of a black hole bomb.Note, however, that despite the martial connotations of the name, the “bomb” Ulbricht and his team built in their lab isn’t anything like a military-grade munition—or even a firecracker. It would be quite useless as a weapon because its yield is only on the order of a millijoule of energy—that is, about the same amount involved in pressing a single key on a mechanical keyboard.Radiation-Free Superradiance?Next, Cromb and the team used their setup to study whether superradiance can also take place in a vacuum: Would an electromagnetic signal arise in their apparatus even without a magnetic field? Because the experiment took place at room temperature, thermal fluctuations overshadowed any vacuum fluctuations—meaning that the team could not directly detect the latter. But that very same thermal background noise, the researchers realized, would spontaneously generate electromagnetic waves that could theoretically be amplified.And that is what they did manage to demonstrate: by choosing the appropriate rotation speed of the cylinder, they generated electromagnetic waves out of nowhere, so to speak. Their work also confirmed the “defusing” scenario predicted by Cardoso: the metal cylinder was able to lose enough rotational energy to halt superradiance and stave off any explosion.According to Ulbricht, the most special thing about the work is its sheer simplicity. “Many physicists think that all the simple experiments have already been done and that new insights into the fundamentals of physics can only come from very complex and very expensive projects,” he says. “We proved the opposite.”“I didn’t expect that someone would be able to carry out such an experiment now,” Cardoso says. On the day the new work was posted to arXiv.org, he recalls, he was giving a series of lectures at Bangalore University in India. “I talked about superradiance and told the audience that no one had ever proven the electromagnetic superradiance or the bomb effect in the laboratory. So you can imagine my surprise when I saw the paper shortly afterwards!”The new work could lead to deeper insights about black holes, Cardoso says. “Superradiance is a little-known classical effect that plays an important role in the physics of black holes,” he explains. For example, extremely light particles, such as axions or special types of photons considered candidates for dark matter, could absorb the rotational energy of black holes, amplifying their signals. “This means that black holes can be used as gigantic particle detectors,” Cardoso explains. With a lab-based black hole bomb, physicists could test such hypotheses more precisely than ever before.In the future, Ulbricht would like to carry out the quantum version of the experiment, which would entail observing the spontaneous generation of electromagnetic waves and their amplification from the vacuum. Such direct experiments with vacuum fluctuations could open up completely new possibilities for the scientific community and the world, he says, potentially representing “a major breakthrough for physics.” Perhaps, Ulbricht muses, that work could allow researchers “in a few decades to understand whether it is possible in principle to generate energy from the vacuum—which would be an inexhaustible new source of energy.” Source: https://www.scientificamerican.com/article/how-to-build-a-black-hole-bomb/ #how #build #black #hole #bomb