Hammer Weekly Update, week ending 25 January 2026

Written by Hammer Enterprise | Jan 26, 2026 8:57:36 AM

Week ending 25 January 2026 put attention on AI, networking, security and cloud in UK and EMEA. We’ve boiled it down to the few stories with practical impact - and concrete steps partners can take this week.

Pwn2Own Automotive 2026 uncovers 76 zero-days, pays out more than $1M

The Register (Security) reports: Pwn2Own Automotive 2026 uncovers 76 zero-days, pays out more than $1M. Also, cybercriminals get breached, Gemini spills the calendar beans, and more infosec in brief T'was a dark few days for automotive software systems last week… [1]

Expect pressure on rack density, GPU power budgets and memory bandwidth; design choices affect UPS/PDU loading and cooling headroom. Hammer can source AI servers and pre-stage delivery to match cooling upgrades, and translate model sizing into an orderable BOM.

Model peak rack draw; confirm UPS/PDU headroom for target density.
Benchmark NVMe throughput against expected inference concurrency.
Lock delivery dates for AI servers to align with cooling changes.

UK border tech budget swells by £100M as Home Office targets small boat crossings

The Register (Security) reports: UK border tech budget swells by £100M as Home Office targets small boat crossings. Drone, satellite, and other data combined to monitor unwanted vessels The UK Home Office is spending up to £100 million on intelligence tech in part to tackle t… [2]

Latency to inspection points and PoP reach now shape experience as much as raw bandwidth; failover timing needs timing, not theory. Hammer can align SASE/SD-WAN SKUs to branch counts and lead times, and sequence rollouts to avoid link flap surprises.

Measure user latency to the nearest SASE PoP and capture variance.
Pilot split-tunnel policies for collaboration apps; record packet loss.
Time branch failover under controlled link flap.

CISA won't attend infosec industry's biggest conference this year

The Register (Security) reports: CISA won't attend infosec industry's biggest conference this year. But ex-CISA boss and new RSAC CEO Jen Easterly will be there exclusive The US Cybersecurity and Infrastructure Security Agency won't attend the annual RSA Confe… [3]

Controls must stand up to real phishing and ransomware drills, not just policy-recovery points and identity boundaries are the failure points. Hammer can bundle Microsoft 365 backup and a managed SOC handover into a repeatable rollout plan with timelines.

Run a restore test from an immutable backup set and record RTO.
Map MFA and conditional access coverage for high-risk apps.
Stage a 30-minute phishing drill and time the run-book.

EC2 Auto Scaling Introduces New Mechanisms for Group Deletion Protection

AWS What’s New reports: EC2 Auto Scaling Introduces New Mechanisms for Group Deletion Protection. EC2 Auto Scaling is introducing a new policy condition key autoscaling. [4]

Guardrails around identity, network and spend need to ship with the platform-landing zones and budgets should be codified, not manual.

Codify a landing zone (identity, network, logging) and deploy to all accounts.
Enable budget alerts/anomaly detection and assign owners.
Right-size or schedule off non-prod instances before month-end.

AI-powered cyberattack kits are 'just a matter of time,' warns Google exec

The Register (Security) reports: AI-powered cyberattack kits are 'just a matter of time,' warns Google exec. Security chief says criminals are already automating workflows, with full end-to-end tools likely within years CISOs must prepare for "a really different world"… [5]

Controls must stand up to real phishing and ransomware drills, not just policy-recovery points and identity boundaries are the failure points.

Run a restore test from an immutable backup set and record RTO.
Map MFA and conditional access coverage for high-risk apps.
Stage a 30-minute phishing drill and time the run-book.

References

View full post