<?xml version="1.0" encoding="UTF-8"?><rss xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom" version="2.0" xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd" xmlns:googleplay="http://www.google.com/schemas/play-podcasts/1.0"><channel><title><![CDATA[Unbreakable Ventures]]></title><description><![CDATA[A bi-weekly digest covering 5 risk categories from the last 14 days. Brought to you by resilience advisory specialists and risk analysts.]]></description><link>https://www.unbreakableventures.com</link><image><url>https://substackcdn.com/image/fetch/$s_!MYfG!,w_256,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb7912fbd-2b9f-4d50-9744-60f3704ceaaa_1024x1024.png</url><title>Unbreakable Ventures</title><link>https://www.unbreakableventures.com</link></image><generator>Substack</generator><lastBuildDate>Thu, 02 Jul 2026 17:31:04 GMT</lastBuildDate><atom:link href="https://www.unbreakableventures.com/feed" rel="self" type="application/rss+xml"/><copyright><![CDATA[Fixinc Group Ltd 2024]]></copyright><language><![CDATA[en]]></language><webMaster><![CDATA[info@fixinc.org]]></webMaster><itunes:owner><itunes:email><![CDATA[info@fixinc.org]]></itunes:email><itunes:name><![CDATA[Ollie Law]]></itunes:name></itunes:owner><itunes:author><![CDATA[Ollie Law]]></itunes:author><googleplay:owner><![CDATA[info@fixinc.org]]></googleplay:owner><googleplay:email><![CDATA[info@fixinc.org]]></googleplay:email><googleplay:author><![CDATA[Ollie Law]]></googleplay:author><itunes:block><![CDATA[Yes]]></itunes:block><item><title><![CDATA[Trapped By Design | Risk Updates for Weeks of 17 June - 1 July '26]]></title><description><![CDATA[Threat concerns this week: Why 91% of businesses can't see their own AI dependencies. How grounded airlines became the resilience lesson we all need. And 5 quick fires you should know about.]]></description><link>https://www.unbreakableventures.com/p/trapped-by-design-risk-updates-for</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/trapped-by-design-risk-updates-for</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Wed, 01 Jul 2026 07:53:41 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/169097892/f5482b18d9394fa8ffa84752223ae1ed.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!B8gU!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8296ed3a-5e2b-4b00-a71d-1807469ced38_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!B8gU!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8296ed3a-5e2b-4b00-a71d-1807469ced38_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!B8gU!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8296ed3a-5e2b-4b00-a71d-1807469ced38_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!B8gU!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8296ed3a-5e2b-4b00-a71d-1807469ced38_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!B8gU!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8296ed3a-5e2b-4b00-a71d-1807469ced38_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!B8gU!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8296ed3a-5e2b-4b00-a71d-1807469ced38_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/8296ed3a-5e2b-4b00-a71d-1807469ced38_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:732905,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/169097892?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8296ed3a-5e2b-4b00-a71d-1807469ced38_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!B8gU!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8296ed3a-5e2b-4b00-a71d-1807469ced38_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!B8gU!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8296ed3a-5e2b-4b00-a71d-1807469ced38_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!B8gU!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8296ed3a-5e2b-4b00-a71d-1807469ced38_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!B8gU!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8296ed3a-5e2b-4b00-a71d-1807469ced38_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Hello &#128075; get a brew on because <strong>these are the top emerging risks between June 17th, and July 1st, 2026&#8230;</strong></p><p><strong><a href="https://fixinc.substack.com/about">Review our report&#8217;s terminology here &#8599;</a></strong></p><p>Our main risk this fortnight is&#8230;</p><h2>1. <strong>Technological: Hidden AI Dependencies Expose Enterprises</strong></h2><ul><li><p>A new IBM study finds that 91% of organisations surveyed say they don&#8217;t fully understand their dependencies across AI vendors, models, and infrastructure, limiting the ability to assess risk and plan for disruption.</p></li><li><p>As firms embed AI into core operations, most remain locked into systems they cannot easily change, with 81% saying a seven-day vendor outage would still cause severe or critical disruption, effectively halting operations.</p></li><li><p>Disruption is already routine. Surveyed leaders report an average of six AI-related disruptions over the past two years, largely driven by vendor services.</p></li><li><p>The threats extend beyond outages. Respondents also cite unexpected changes across the AI ecosystem, including price increases, usage restrictions, model deprecations, and performance degradation.</p></li><li><p>A small elite is pulling ahead. Organisations with the most advanced AI control capabilities protect more than half of their operating profit from AI-driven disruptions, yet only 7% operate at this level, signalling a widening gap between those building adaptable AI systems and those constrained by dependency.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://newsroom.ibm.com/2026-06-17-ibm-study-limited-control-and-rising-dependencies-leave-enterprises-exposed-in-the-age-of-ai">IBM Study: Limited Control and Rising Dependencies Leave Enterprises Exposed in the Age of AI | IBM Newsroom | June 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Enterprises with AI embedded in core operations:</strong> With most firms unable to map their AI dependencies, a single vendor outage, price hike, or model deprecation could halt operations. The lack of visibility leaves leaders unable to assess true exposure or plan continuity.</p></li><li><p><strong>Regulated industries handling sensitive data:</strong> 68% of surveyed executives say meeting data residency and sovereignty requirements across geographies is challenging, creating compliance and continuity risk for financial services, healthcare, and government bodies operating across borders.</p></li><li><p><strong>Organisations carrying legacy technical debt:</strong> Legacy complexity is also widely cited by respondents (57%), reflecting mergers, acquisitions, and historical decisions, which compound the difficulty of switching or governing AI systems flexibly.</p></li><li><p><strong>Smaller firms reliant on single AI providers:</strong> Without the resources to diversify vendors or build sovereign infrastructure, smaller players risk being trapped by usage restrictions and price increases, eroding margins and limiting their ability to respond to ecosystem shifts.</p></li><li><p><strong>Procurement and governance teams:</strong> Traditional procurement cycles move slower than AI ecosystem changes, leaving teams exposed to contractual terms that fail to account for sudden model retirements, performance degradation, or escalating costs.</p></li></ul><p><em>These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don&#8217;t know what they are, <a href="https://www.fixinc.io">get in touch.</a></em></p><h2>Preventative actions</h2><h5><strong>Map your full AI dependency chain</strong></h5><ul><li><p>Conduct a comprehensive audit of every AI vendor, model, and infrastructure layer your operations rely on. Visibility is the prerequisite for risk assessment. You cannot plan continuity around dependencies you have never documented or stress-tested.</p></li></ul><h5><strong>Build vendor redundancy and exit strategies</strong></h5><ul><li><p>Avoid single points of failure by qualifying alternative providers and negotiating portability into contracts. Ensure data and workloads can migrate if a vendor raises prices, restricts usage, or deprecates a model your operations depend upon.</p></li></ul><h5><strong>Strengthen AI sovereignty and control</strong></h5><ul><li><p>Invest in greater control across data, models, infrastructure, and applications. The minority of firms with advanced control capabilities protect significantly more operating profit, demonstrating that adaptable, sovereign AI architecture directly underpins resilience and performance.</p></li></ul><h5><strong>Stress-test for a multi-day vendor outage</strong></h5><ul><li><p>Model the operational impact of a seven-day outage from each critical AI supplier. Establish fallback processes, manual workarounds, and contingency capacity so that a single disruption cannot effectively halt your business.</p></li></ul><h5><strong>Align governance with AI velocity</strong></h5><ul><li><p>Update procurement and governance frameworks to match the pace of AI change. Embed clauses covering model deprecation, performance guarantees, price stability, and data sovereignty so contractual protections keep pace with a fast-evolving ecosystem.</p></li></ul><div><hr></div><h2>2. Geopolitical: Airlines Become Resilience Case Study</h2><ul><li><p>The airline industry is among the hardest hit by the Iran conflict, offering a live business continuity lesson. The major airlines of the Middle East, including Emirates, Etihad, and Qatar Airways, suspended all operations facing major disruptions, while international airlines like Air India, British Airways, Cathay Pacific, and Lufthansa also suspended services.</p></li><li><p>The disruption has been severe. Airspace closures in the UAE, Qatar, Kuwait, Bahrain, and other Gulf states have led to over 4,000 daily flight cancellations, stranding hundreds of thousands of passengers.</p></li><li><p>Even with reopenings, recovery is slow. The largest operational challenge is no longer whether airspace is technically open. The issue is that too much traffic is now attempting to move through too few viable routing options.</p></li><li><p>Layered atop this, structural supply chain strain persists. Austrian Airlines&#8217; CEO warns that aviation supply chain disruption remains a long-term challenge, with aircraft delivery delays and shortages of parts and engines expected to influence planning through at least 2028.</p></li><li><p>The survivors will teach the rest of us. Carriers that endure are doing so through contingency planning. One carrier has avoided capacity reductions by relying on contingency planning, fleet flexibility, and support from the wider group. Meanwhile, smaller airlines like Gulf Air and Middle East Airlines have faced an increased risk of bankruptcy due to sustained airspace closures and soaring insurance premiums.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://aircargoweek.com/supply-chain-disruption-remains-a-long-term-challenge-for-airlines/">Supply chain disruption remains a long-term challenge for airlines | Air Cargo Week | June 2026</a></p></li><li><p><a href="https://simpleflying.com/airlines-most-disrupted-middle-east-airspace-closures-2026/">The Airlines Most Disrupted By Middle East Airspace Closures In 2026 | Simple Flying | April 2026</a></p></li><li><p><a href="https://www.universalweather.com/blog/middle-east-airspace-compression-operational-impact-of-the-u-s-israel-iran-conflict/">Middle East Airspace Closures: Operational Impact on Business Aviation and GA Flights | Universal Operational Insight Blog | June 2026</a></p></li><li><p><a href="https://safeairspace.net/summary/">Safe Airspace: Conflict Zone &amp; Risk Database | Safe Airspace | June 2026</a></p></li><li><p><a href="https://www.oliverwyman.com/our-expertise/insights/2025/oct/how-to-revive-aircraft-supply-chains-to-accelerate-delivery.html">How To Revive Aircraft Supply Chains To Accelerate Delivery | Oliver Wyman | October 2025</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Gulf-based and Asian carriers:</strong> Proximity and reliance on Gulf transit make these airlines most exposed. India is particularly exposed because roughly 40% of its $130 billion in annual revenue comes from traffic passing through the Gulf. Reroutes and suspensions are eroding margins severely.</p></li><li><p><strong>Smaller and indebted airlines:</strong> Carriers without group-wide support or deep balance sheets face existential threat. Sustained airspace closures and soaring insurance premiums have pushed smaller operators toward bankruptcy, making them cautionary rather than instructive case studies.</p></li><li><p><strong>Any business dependent on air freight:</strong> Maritime diversions around the Cape of Good Hope are adding between two and four weeks to shipping times, while air freight capacity across Middle Eastern routes has tightened and congestion is spreading through ports. Time-sensitive goods face mounting delays.</p></li><li><p><strong>Business continuity and resilience planners across all sectors:</strong> Airlines are a leading indicator. Having weathered pandemics, fuel shocks, and now conflict, the carriers that survive offer transferable playbooks on contingency planning, asset flexibility, and operating under permanent uncertainty.</p></li><li><p><strong>Insurers and aviation lessors:</strong> Soaring premiums and concentrated risk in volatile regions are reshaping underwriting. Lessors face exposure as carriers reroute, ground fleets, or fail, threatening lease income and asset values across long-haul widebody portfolios.</p></li></ul><h2>Preventative actions</h2><h5><strong>Treat airlines as a live monitoring benchmark</strong></h5><ul><li><p>Track how surviving carriers adapt. Their responses to airspace closures, fuel volatility, and routing constraints provide a real-time playbook for resilience that businesses in other industries can study and adapt before facing comparable shocks.</p></li></ul><h5><strong>Build a credible &#8220;Plan B&#8221; for critical operations</strong></h5><ul><li><p>Airlines that avoided capacity cuts did so through pre-built contingency plans and asset flexibility. Maintain alternative routes, suppliers, and capacity so external shocks disrupt your plan without halting your business entirely.</p></li></ul><h5><strong>Pool and share assets across the wider group</strong></h5><ul><li><p>Carriers redistribute aircraft, engines, and capacity across group networks to absorb shocks. Organisations should similarly design for shared resources and mutual support across business units rather than optimising each unit in isolation.</p></li></ul><h5><strong>Reprice and diversify risk exposure</strong></h5><ul><li><p>With insurance premiums soaring and routing options thin, reassess concentration risk now. Diversify suppliers, transit corridors, and geographic dependencies, and lock in contingency fuel, capacity, or inventory buffers before disruption forces reactive, costlier decisions.</p></li></ul><h5><strong>Plan around prolonged, not temporary, disruption</strong></h5><ul><li><p>The aviation supply crunch is forecast to persist for years. Build planning horizons that assume disruption is structural rather than transient, so your continuity strategy survives extended uncertainty rather than betting on rapid normalisation.</p></li></ul><div><hr></div><h2>Quick snippet stories</h2><ol><li><p><strong>Pharma Supply Chains Hit Record Pressure</strong> A Moody&#8217;s report warns that pharmaceutical supply chains face unprecedented strain as geopolitical disruption, manufacturing weaknesses, cyber threats, and counterfeit medicines combine to create a new era of risk. The danger is that these threats are interconnected yet managed in silos. Firms should adopt integrated frameworks and improve visibility across suppliers and distribution networks. <br><a href="https://www.emjreviews.com/emj-gold/news/pharma-supply-chains-face-record-pressure-as-four-risks-converge/">Main link to resource</a></p></li><li><p><strong>UAE Weighs Humanitarian Early-Warning Centre</strong> The UAE is studying a humanitarian aid early-warning centre to strengthen crisis response, reflecting how proactive risk anticipation is becoming central to regional resilience strategy. The risk it addresses is reactive, slow disaster response amid escalating regional instability. Organisations should similarly invest in early-warning systems and pre-positioned contingency capacity. <br><a href="https://www.thenationalnews.com/news/uae/2026/06/17/uae-studies-humanitarian-aid-early-warning-centre-plan-to-boost-crisis-response/">Main link to resource</a></p></li><li><p><strong>World Bank Flags Sustained Gas Price Volatility</strong> The World Bank forecasts prolonged volatility in global gas prices. The risk stems from the Hormuz disruption, which affected global gas markets, with about 20% of the world&#8217;s supply of liquefied natural gas having moved through the Strait in 2025. Energy-intensive businesses should hedge exposure and diversify supply sources. <br><a href="https://punchng.com/world-bank-forecasts-sustained-volatility-in-global-gas-prices/">Main link to resource</a></p></li><li><p><strong>Australian Businesses Face Relentless Cyberattacks</strong> Cybercrime costs are surging as Australian businesses reportedly face an attack roughly every six minutes. The risk is intensifying as attackers exploit AI, cloud reliance, and third-party providers to breach defences. Firms should prioritise threat detection, staff training, incident response planning, and continuous monitoring of critical systems. <br><a href="https://www.techbusinessnews.com.au/news/cybercrime-costs-surge-as-australian-businesses-face-an-attack-every-six-minutes/">Main link to resource</a></p></li><li><p><strong>Asia-Pacific Supply Chains May Stay Disrupted</strong> S&amp;P warns Asia-Pacific supply chains may remain disrupted even after Hormuz reopens. The risk is that a full recovery in flows is unlikely to be immediate. Mines will need to be cleared from the main shipping lanes and supply chains will take time to normalise. Businesses should maintain buffer inventory and alternative routing. <br><a href="https://www.businessworld.in/article/s-p-warns-asia-pacific-supply-chains-may-stay-disrupted-despite-hormuz-reopening-612199">Main link to resource</a></p></li></ol><h2>More stories we&#8217;re following</h2><p>Here are more threat updates we&#8217;re monitoring across the month listed for your convenience.</p><ul><li><p><strong>LastPass customer data stolen in Klue vendor breach affecting multiple security firms</strong> <a href="https://techcrunch.com/2026/06/23/password-manager-maker-lastpass-says-hackers-stole-customer-support-case-data-during-klue-breach/">Link &#8599;</a></p></li><li><p><strong>Hormuz closure exposes shipping&#8217;s vulnerability to geopolitical chaos and aging fleet risks</strong> <a href="https://alvinology.com/2026/06/24/allianz-125-billion-in-vessel-and-cargo-value-awaits-passage-from-the-persian-gulf/">Link &#8599;</a></p></li><li><p><strong>Global fertilizer markets destabilized by energy volatility, geopolitical conflict, and export controls</strong> <a href="https://agrospectrumindia.com/2026/06/26/global-fertilizer-trade-hits-81-bn-as-energy-volatility-strait-of-hormuz-disruptions-and-geopolitical-risks-reshape-supply-chains-fao.html">Link &#8599;</a></p></li><li><p><strong>Arctic shipping booms despite sanctions, geopolitical risks constraining mainstream adoption</strong> <a href="https://gcaptain.com/allianz-sees-arctic-shipping-boom-potential-but-warns-risks-sanctions-and-geopolitics-could-hamper-growth/">Link &#8599;</a></p></li><li><p><strong>China faces demographic crisis as ageing population threatens workforce productivity by 2050</strong> <a href="https://www.scmp.com/business/china-business/article/3358119/china-plans-demographic-crisis-some-sectors-see-opportunity">Link &#8599;</a></p></li><li><p><strong>EU forces 75% of unlicensed crypto platforms to exit market as MiCA deadline approaches</strong> <a href="https://www.digitaltoday.co.kr/en/view/74280/eu-begins-ousting-unlicensed-crypto-firms-tells-them-to-halt-operations">Link &#8599;</a></p></li><li><p><strong>Iran drone attack on cargo ship escalates Strait of Hormuz crisis, halts IMO escorts</strong> <a href="https://anewz.tv/region/middle-east/21228/un-halts-escorts-after-attack-on-cargo-ship/news">Link &#8599;</a></p></li><li><p><strong>EDF shuts nuclear reactors as heatwave forces environmental cooling limits</strong> <a href="https://nashaniva.com/en/398509">Link &#8599;</a></p></li><li><p><strong>Ransomware claims drop 53% but costs surge 17% in H1 2025</strong> <a href="https://www.insurancebusinessmag.com/uk/news/cyber/europe-cyber-incidents-fall-but-severity-keeps-insurers-cautious-579962.aspx">Link &#8599;</a></p></li><li><p><strong>Climate risks threaten $388bn in global data centre assets, report warns</strong> <a href="https://www.edie.net/from-homes-to-hard-infrastructure-the-cost-of-climate-risk-is-growing/">Link &#8599;</a></p></li><li><p><strong>AI-driven cyberattacks surge while non-malicious incidents reshape insurance landscape</strong> <a href="https://riskandinsurance.com/ai-geopolitical-tensions-and-human-error-are-reshaping-the-cyber-risk-landscape/">Link &#8599;</a></p></li><li><p><strong>Microsoft disrupts Amadey, StealC malware supply chain serving 140,000 infected computers</strong> <a href="https://blogs.microsoft.com/on-the-issues/2026/06/24/scaling-cybercrime-disruption-through-innovation-and-ai/">Link &#8599;</a></p></li><li><p><strong>Scam Alert! Beware the CNRegistry PHISHING Scam: Why That Email About Chinese Domains Is a Trap</strong> <a href="https://openclassactions.substack.com/p/scam-alert-beware-the-cnregistry">Link &#8599;</a></p></li><li><p><strong>Pentagon blacklists six Chinese tech firms; Beijing vows countermeasures amid escalating tech war</strong> <a href="https://www.cryptopolitan.com/china-threatens-retaliation-on-us-pentagon/">Link &#8599;</a></p></li><li><p><strong>Food industry faces triple disruption: conflict costs, climate chaos, regulatory tightening</strong> <a href="https://www.irishexaminer.com/farming/arid-41864190.html">Link &#8599;</a></p></li><li><p><strong>Global dairy supply contraction looms as geopolitical costs squeeze producer margins into 2027</strong> <a href="https://www.thecattlesite.com/news/global-dairy-markets-approach-supply-slowdown-amid-cost-pressures">Link &#8599;</a></p></li><li><p><strong>Irish SMEs lose &#8364;3.4bn yearly to cyber disruptions, but preparedness cuts downtime sharply</strong> <a href="https://businessplus.ie/sme/cyberattacks-sme-e3-4bn/">Link &#8599;</a></p></li><li><p><strong>Middle East conflict exposes global hydrogen supply chain vulnerabilities, IEA warns</strong> <a href="https://economymiddleeast.com/news/why-the-hydrogen-economy-is-being-reconsidered-after-middle-east-supply-chain-disruptions/">Link &#8599;</a></p></li></ul><div><hr></div><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><div><hr></div><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unbreakable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/trapped-by-design-risk-updates-for?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/trapped-by-design-risk-updates-for?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/trapped-by-design-risk-updates-for?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item><item><title><![CDATA[Strait Talk: Six Days in Dubai After the Guns Went Quiet]]></title><description><![CDATA[I flew in expecting a city on its knees. What I found, and why confidence under fire is the story no camera stayed for.]]></description><link>https://www.unbreakableventures.com/p/strait-talk-six-days-in-dubai-after</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/strait-talk-six-days-in-dubai-after</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Sun, 28 Jun 2026 23:31:28 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!3iiZ!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!3iiZ!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!3iiZ!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!3iiZ!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!3iiZ!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!3iiZ!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!3iiZ!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:741683,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/203666767?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!3iiZ!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!3iiZ!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!3iiZ!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!3iiZ!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F36910192-9be9-40ed-a51e-755ec6592fb6_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>I booked the flight while the conflict was still live. The Strait of Hormuz was closed, missiles were still moving across the Gulf, and a week before I flew, <a href="https://www.bbc.com/news/articles/c5yx135yg53o">drones struck Kuwait International Airport</a>, killing one passenger and wounding more than sixty.</p><p>Kuwait and US Central Command blamed Iran. Tehran denied it. By the time I reached my gate in Kuala Lumpur, the airport screens were carrying a different headline. Washington and Tehran had signed a memorandum of understanding. A fragile ceasefire was holding. The war was not finished, but the shooting had mostly stopped.</p><p>I sat on the plane with a strange thought. I might be one of a very small group of professionals flying into Dubai this soon after the guns went quiet. Six and a half hours later, I understood something I have been turning over ever since. <strong>The Dubai I landed in was not the Dubai I had been watching from Malaysia, New Zealand and Australia.</strong></p><div class="pullquote"><p>That gap is the entire point of this piece.</p></div><p>The first thing that hit me, before anything else, was the heat. Not the Kuala Lumpur humidity I&#8217;d grown used to, but a dry, flat 37 degrees with not a cloud in the sky. The second was the efficiency. I was off the plane, through immigration, had collected my bag and was out of the terminal in under forty minutes, in a clean, professional taxi with the air conditioning turned down to something close to Arctic.</p><p>The third thing took longer to notice, because it was an absence. The motorways, the lanes, the vast pedestrian boulevards, none of them were at capacity. Dubai is built at a scale that assumes crowds, and the crowds were thinner than the architecture expected. Some of that is seasonal. The city empties out as summer climbs toward the mid-40s and, on its worst days, close to 50. But some of it was the war.</p><p>What the government chose to do with that moment was the first lesson. Along the motorway, hundred-metre billboards read &#8220;The United Arab Emirates welcomes everyone.&#8221; It was tourism messaging, but it was also something steadier, a state telling its residents in large letters that they were being looked after. I was yet to see the evidence behind the slogan, but I knew to keep an eye out.</p><p>Underneath it sat a harder edge. Several people told me that during the conflict, spreading misinformation or AI-generated deepfakes could earn you deportation or a jail term. Whether or not you find that comfortable, the effect was specific. </p><p>If information did not come from an official channel, you treated it as suspect. The fact-versus-assumption problem that defines most crises, the fog where rumour travels faster than truth, had been deliberately compressed. People knew where their information came from, and they trusted it, because what they were told kept matching what they saw.</p><p>That trust extended to the sky. When the interceptions were happening, an emergency alert went out to every phone in the country, telling anyone near a strike to seek shelter.</p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Is this article your type of content? Consider subscribing. No spam. No sales.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><p>Residents described three or four interceptors going up for every incoming Iranian drone or missile, until the spectacle became almost routine. More than one person described it, with the dark humour that long crises breed, as a fireworks show. That is what normalisation under fire looks like, and it is not bravado. It is what happens when people believe the system over their heads is working.</p><p>Dubai was hit. I want to be clear about that, because it is where coverage and reality both have a claim. In the opening days of the war, debris from an intercepted Iranian drone sparked a fire at the entrance of the <a href="https://www.fairmont.com/en/hotels/dubai/fairmont-the-palm.html">Fairmont The Palm</a>, the five-star hotel on the same island where I would later stay. Four people were injured.</p><p>The international airport was struck and briefly evacuated. A tower in the Marina was hit<span> </span>by falling debris. Across the Emirates, the <a href="https://www.khaleejtimes.com/uae/iran-war-mod-statement-april-4-2026">authorities later counted</a> more than a dozen dead and over two hundred injured. None of that is invention, and none of it should be waved away.</p><p>And yet, by the time I arrived, the damage was contained and the city had moved on. Chatter still circulated about which marquee hotels had supposedly been struck. I walked up to the <a href="https://www.newarab.com/news/burj-al-arab-closes-restoration-after-iran-war-debris-damage">Burj Al Arab</a>, the sail-shaped landmark on the waterfront, and found nothing. No damage, no cordon, no scaffolding. Over lunch, one businessman gestured at the skyline and said, with a smirk, </p><blockquote><p>&#8220;look, they are all still standing.&#8221;</p></blockquote><p>The one place the war reached me directly was my phone. GPS was unreliable for most of the trip, and taxis navigating by map were close to useless at times. I was told a data centre might have been<span> </span>affected by unidentified falling objects. Whatever the cause, it was the first time I had felt a live conflict reach into the device in my hand, and it was both unsettling and clarifying.</p><p>I carried one question through the entire trip. <strong>What is business confidence here, right now?</strong></p><p>I ask because I track this figure obsessively at home. In New Zealand it is published quarterly, sometimes monthly, and it tends to predict whether a small business like mine gets paid. What I have learned is that the headline number rarely matches how people feel on the ground.</p><p>So, I asked everyone. Entrepreneurs, advisors, waiters, friends, family. The answer was unanimous, and it surprised me. </p><div class="pullquote"><p><strong>Confidence was high.</strong></p></div><p>That is the most important learning I brought home. Sitting overseas, watching the bombardment, I assumed people would want to leave, and many did. But the ones who stayed were not bracing. They were positioning. Trade continued. Deals continued. </p><p>In the middle of a war, the city inaugurated tunneling on <a href="https://www.etihadrail.ae/">Etihad Rail</a> and their new stations were confirmed. You do not commit billions to rail you will not ride for years unless you are confident there will be a city to ride it in.</p><p>More than the hardware, it was the handling. People had been told things they could verify, and that built the kind of trust that lets a society keep functioning while it is under fire.</p><p>The clearest picture of that came on an ordinary evening out. My colleague <a href="https://www.fixinc.io/bio/umaima-baboojee">Umaima</a>, our Resilience Advisor at <a href="https://www.fixinc.io/">Fixinc</a> based in Dubai, took me to the Australian Business Council Dubai quiz night, held in a make-shift English-style pub. It was packed. Business owners had brought their families. The mood was loud, warm and entirely unbothered. If a room full of expatriates and their kids laughing over a trivia night a few weeks after a missile exchange does not signal a return to normal, nothing does.</p><p>Not everything was strong. The hotels that survived COVID are still paying down the debt it cost them, and some have closed in the past year because they could not. My resort, spectacular and near empty, was running weekend <em>stay-cation</em> deals straight out of the 2020 playbook.</p><p>The government had already moved on exactly this pressure. At the end of March, it approved a one-billion-dirham support package, letting hotels, hotel apartments and holiday homes defer the full sales fees on rooms and food, along with the Tourism Dirham, for three months from the first of April. </p><p>Read one way, that is a city shielding its most exposed sector. Read another, and you get the sharper point Umaima brought back from a later ORF session where the package was picked apart. The relief does more than free up cash. It quietly reframes the empty rooms as a regional shock rather than a failure of the operators, so no one can pin the downturn on the sector itself.</p><p>The catch sits in the word defer. These are postponements, not write-offs, and the bills fall due when the three months are up. That is the smouldering crisis in miniature, the kind that does its damage long after the event that caused it. It&#8217;s worth watching.</p><p>The meetings reshaped how I think about the region. I had been open about why I was there. I am exploring opening an advisory in the Middle East, which makes me a future competitor to many of the people I met. They helped anyway. Where to register, which banks, which districts, which markets.</p><p><a href="https://www.linkedin.com/in/wadeeagar/">Wade Eager</a>, a New Zealander who has built a career here as Chief Strategy and Marketing Officer at <a href="https://www.platformance.io/">Platformance</a>, spent his time selling me on the life rather than guarding his patch. He buzzed with energy and was proud of what he was building out of the UAE. In Australia, that openness would be unusual. Here it was the default.</p><p>A recurring theme in those rooms was a move away from globalisation as a single global system toward something more regional. At <a href="https://orfme.org/">ORF Middle East</a>&#8217;s Strait Drive session on chokepoints and supply chains, with <a href="https://en.wikipedia.org/wiki/Ashok_Malik">Ashok Malik</a> of The Asia Group as the featured speaker, the conversation kept returning to the idea that the Gulf, India and the rest of Asia, potentially alongside China, could form a trading bloc with serious gravity.</p><p>Malik called it <em>regional globalisation</em>. You can see it forming in the free trade agreements that have appeared quickly since the conflict. Farid Ayoub, Canada&#8217;s consul for economic, political and public affairs in Dubai, put numbers to it when he described supporting some twelve hundred Canadian businesses operating in the Emirate. It is not abstract. It is being built. Nations are backing their exporters on the ground in Dubai.</p><p>The trip ended in Abu Dhabi, in the living room of Mohammed Al Jenaibi. He literally wrote the book on business continuity. Al Jneibi is credited as author to the first UAE business continuity standard, NCEMA 7000, published in 2012, just before ISO 22301 arrived, and he has since trained much of the region&#8217;s emergency and continuity profession.</p><p>A former colonel and chief of the country&#8217;s search and rescue center, he spent two hours walking Umaima and I through how resilience took root in the Emirates. What stayed with me was not the credentials (as incredibly impressive as they were). It was that a man with nothing left to prove was most interested in helping the next generation carry the work.</p><p><strong>Here is the lesson I left with during my short time in Dubai.</strong></p><p>Crisis coverage captures the shock. It rarely captures the absorption. What I watched from a distance was the first 72 hours, the smoke, the missiles, the closure. What I found on the ground was the part no camera stays for, the recovery, and the quiet machinery of trust that makes it possible. Clear communication, institutions that do what they say, and <strong>a population that can therefore tell fact from assumption.</strong></p><p>I flew in braced for a city on its knees. I left having watched one quietly stand back up. The cameras filmed the first version. The second is the one worth learning from.</p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/strait-talk-six-days-in-dubai-after?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">If you enjoyed this on-ground piece, consider sharing. After all, resilience is about community and communication.</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/strait-talk-six-days-in-dubai-after?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/strait-talk-six-days-in-dubai-after?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p>]]></content:encoded></item><item><title><![CDATA[Model Citizen | Risk Updates for Weeks of 3 June - 17 June '26]]></title><description><![CDATA[Threat concerns this week: Why Washington just pulled a frontier AI model offline for the entire planet. Two shipping choke points buckling at once. And 5 quick fires you may have missed.]]></description><link>https://www.unbreakableventures.com/p/model-citizen-risk-updates-for-weeks</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/model-citizen-risk-updates-for-weeks</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Thu, 18 Jun 2026 06:41:44 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/202537502/37a64db3dab87a53ebbbe5dec8a1a52c.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!OPEa!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f9180-4013-487b-ab8a-c38d9d52e438_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!OPEa!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f9180-4013-487b-ab8a-c38d9d52e438_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!OPEa!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f9180-4013-487b-ab8a-c38d9d52e438_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!OPEa!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f9180-4013-487b-ab8a-c38d9d52e438_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!OPEa!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f9180-4013-487b-ab8a-c38d9d52e438_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!OPEa!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f9180-4013-487b-ab8a-c38d9d52e438_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/8f8f9180-4013-487b-ab8a-c38d9d52e438_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:253086,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/202537502?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f9180-4013-487b-ab8a-c38d9d52e438_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!OPEa!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f9180-4013-487b-ab8a-c38d9d52e438_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!OPEa!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f9180-4013-487b-ab8a-c38d9d52e438_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!OPEa!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f9180-4013-487b-ab8a-c38d9d52e438_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!OPEa!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8f8f9180-4013-487b-ab8a-c38d9d52e438_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Hello &#128075; get a brew on because <strong>these are the top emerging risks between June 3rd, and June 17th, 2026&#8230;</strong></p><p><strong><a href="https://fixinc.substack.com/about">Review our report&#8217;s terminology here &#8599;</a></strong></p><p>Our main risk this fortnight is&#8230;</p><h2>1. Technological: Government Pulls Frontier AI Model</h2><ul><li><p>Anthropic received a US Commerce Department letter on Friday 12 June, signed by Commerce Secretary Howard Lutnick, ordering it to suspend all access to its Fable 5 and Mythos 5 models by any foreign national, inside or outside the United States. The directive arrived at 5:21pm Washington time, with roughly ninety minutes to comply.</p></li><li><p>With no mechanism to verify citizenship across its user base across AWS, Google Cloud, Microsoft Foundry, Snowflake, and its own APIs, the only compliant path was a full global suspension. Fable 5, launched only three days earlier and according to Anthropic already serving hundreds of millions of users, went offline within hours.</p></li><li><p>Anthropic publicly disputed the framing. The company stated the letter offered no specific national security details and that the underlying jailbreak appeared narrow and non-universal. Critically, Anthropic also disclosed publicly that OpenAI&#8217;s GPT-5.5 produces the same outputs without any jailbreak at all. If this standard applied across the industry, Anthropic argued, every frontier model deployment would need to halt.</p></li><li><p>This is not Anthropic&#8217;s first conflict with Washington. In July 2025, the company refused a US$200 million Department of Defense contract because the Pentagon required Claude be available for any lawful purpose, including autonomous weapons and mass domestic surveillance. In February 2026, the White House ordered federal agencies to cease using Anthropic models. In March, the Pentagon designated Anthropic a supply chain risk, a classification never previously applied to a US company. Anthropic is challenging that classification in federal court, where a judge has already issued a preliminary injunction.</p></li><li><p>The June 12 directive used a different agency under a different statute, but produced the same operational outcome. According to reporting from Fortune and Politico, Amazon CEO Andy Jassy first raised concerns with Treasury Secretary Scott Bessent after Amazon researchers found a way to extract cybersecurity information from Fable 5. Amazon is one of Anthropic&#8217;s largest investors and provides its core cloud infrastructure. Anthropic filed a confidential IPO prospectus earlier this month at a US$965 billion valuation. The commercial timing is significant.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.inc.com/soren-kaplan/the-fable-5-ai-model-just-went-dark-what-the-us-governments-playbook-means-for-ai-companies-and-every-business-leader/91360534">The Fable 5 AI Model Just Went Dark | Inc. | June 2026</a></p></li><li><p><a href="https://fortune.com/2026/06/13/anthropic-disables-fable-mythos-export-controls-national-security-threat/">Anthropic disables Fable and Mythos AI models following U.S. government export ban | Fortune | June 2026</a></p></li><li><p><a href="https://fortune.com/2026/06/14/how-a-warning-from-amazon-led-the-white-house-to-shut-down-anthropics-mythos-model/">A warning from Amazon led the White House to shut down Anthropic&#8217;s Mythos model | Fortune | June 2026</a></p></li><li><p><a href="https://www.anthropic.com/news/fable-mythos-access">Statement on the US government directive to suspend access to Fable 5 and Mythos 5 | Anthropic | June 2026</a></p></li><li><p><a href="https://www.marktechpost.com/2026/06/13/anthropic-disables-claude-fable-5-and-mythos-5-after-us-government-order/">Anthropic Disables Claude Fable 5 and Mythos 5 After US Government Order | MarkTechPost | June 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Your business is built on a single AI model:</strong> A vendor outage can now halt your operations overnight, with no warning. The episode strengthens the case for open-weight or self-hosted models that cannot be cut off externally. If your team has been pushing for redundancy, this is the moment to take it seriously.</p></li><li><p><strong>You&#8217;re a global enterprise employing foreign nationals:</strong> The directive applied to foreign-national employees regardless of physical location. Multinational teams can lose access to critical tools by passport alone. Workforce-wide tooling decisions now carry unexpected geopolitical and compliance exposure.</p></li><li><p><strong>You&#8217;re an AI vendor or pre-IPO investor:</strong> The shutdown lands at a commercially sensitive moment for Anthropic. Regulatory unpredictability now materially threatens AI company valuations and product roadmaps. Investors and partners should review the political exposure of any AI vendor before doubling down.</p></li><li><p><strong>You lead a security or engineering team:</strong> The capability at the centre of the dispute is one defenders use routinely. A globally available dependency disappearing within ninety minutes is a concrete argument for redundancy, multi-vendor strategies, and continuous visibility into where AI lives in your stack.</p></li><li><p><strong>You operate in a regulated industry with embedded AI workflows:</strong> A model lawfully available one day can vanish the next without warning. Firms embedding AI into compliance, healthcare, or finance pipelines face continuity and audit risks if a core dependency is abruptly withdrawn. Force majeure clauses written before this week may now be insufficient.</p></li></ul><p><em>These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don&#8217;t know what they are, <a href="https://www.fixinc.io">get in touch.</a></em></p><h2>Preventative actions</h2><h5><strong>Maintain multi-model redundancy</strong></h5><ul><li><p>Keep enough model redundancy that no single provider is a hard dependency. Test failover paths quarterly. Know where AI lives in your stack and put guardrails around what it can do, rather than reaching for kill switches when crises hit.</p></li></ul><h5><strong>Map your AI dependencies</strong></h5><ul><li><p>Audit every product, workflow, and tool that depends on a specific model or vendor. Document fallback options and switching costs now. A sudden suspension should be an inconvenience, not an existential operational shock.</p></li></ul><h5><strong>Evaluate open-weight and self-hosted options</strong></h5><ul><li><p>For mission-critical workloads, assess whether open-weight or self-hosted models can serve as backups. These cannot be remotely disabled by a third party. The cost story depends on volume, but the continuity story is unambiguous.</p></li></ul><h5><strong>Build vendor-continuity clauses into contracts</strong></h5><ul><li><p>Negotiate service-level guarantees, advance-notice provisions, and exit support with your AI vendors. Where possible, secure contractual remedies covering sudden loss of access driven by regulatory action. Liability and downtime risk should not fall solely on you.</p></li></ul><div><hr></div><h2>2. Geopolitical: Compounding Crises Choke Global Shipping</h2><ul><li><p>Iran&#8217;s Revolutionary Guard Corps closed the Strait of Hormuz on 2 March 2026, following joint US and Israeli strikes on Tehran. Brent crude moved from the low US$70s to a peak near US$120 a barrel in early March. The World Trade Organization recorded a 95% reduction in crude vessels and a 99% reduction in LNG vessels using Persian Gulf ports across the months that followed.</p></li><li><p>The closure forced shippers to reroute toward the Panama Canal, surging demand for transit slots. PBS reporting in April documented some last-minute auctions surpassing US$4 million for a single vessel, although container traffic patterns have since normalised.</p></li><li><p>A peace deal between the US and Iran is reportedly being signed in Switzerland on Friday 19 June, and Brent has fallen back below US$80 ahead of an expected resumption of Iranian oil exports. But two compounding events set in motion by the conflict will not resolve when the strait reopens.</p></li><li><p>On 18 and 19 March, Iranian missiles struck Qatar&#8217;s Ras Laffan facility, the world&#8217;s largest LNG export plant, destroying two production trains. QatarEnergy estimates repairs will take three to five years, taking roughly 17% of Qatar&#8217;s total LNG export capacity offline and an estimated US$20 billion in lost revenue. Italy&#8217;s Edison has already had its force majeure extended into August. This hit to global LNG supply stays in place for years, not months.</p></li><li><p>At the same time, NOAA upgraded to an El Ni&#241;o Advisory in early June, with conditions present and expected to strengthen into the 2026 to 2027 northern hemisphere winter. There is a one in three chance the event intensifies into a Super El Ni&#241;o between October and February. The worst hydrological impacts of an El Ni&#241;o historically arrive the year after onset, putting the real Panama Canal pressure into 2027, not 2026.</p></li><li><p>The canal is currently running well at 38 transits per day with Gat&#250;n Lake near maximum capacity. That is the trap. The route that absorbed all the Hormuz overflow looks healthy today, which can drive false confidence. The Canal Authority&#8217;s long-term solution, the R&#237;o Indio reservoir, will not be operational until the early 2030s.</p></li></ul><p><em><strong>We will be diving further into these parallel crisis events, including the Panama Canal threat and the LNG market reset, in dedicated deep-dive articles coming soon.</strong></em></p><p><strong>Sources</strong></p><ul><li><p><a href="https://commonslibrary.parliament.uk/research-briefings/cbp-10636/">Israel/US-Iran conflict 2026: Reopening the Strait of Hormuz | House of Commons Library | June 2026</a></p></li><li><p><a href="https://www.eia.gov/todayinenergy/detail.php?id=67424">Crude oil and petroleum product prices increased sharply in the first quarter of 2026 | U.S. EIA | April 2026</a></p></li><li><p><a href="https://www.rivieramm.com/news-content-hub/news-content-hub/qatarenergy-lng-force-majeure-extends-into-mid-august-says-energy-partner-88879">QatarEnergy LNG force majeure extends into mid-August | Riviera Maritime Media | May 2026</a></p></li><li><p><a href="https://gcaptain.com/el-nino-has-arrived-noaa-warns-it-could-become-one-of-the-strongest-on-record/">El Ni&#241;o Has Arrived: NOAA Warns It Could Become One of the Strongest on Record | gCaptain | June 2026</a></p></li><li><p><a href="https://pancanal.com/en/the-panama-canal-responds-to-the-risk-of-el-nino-with-foresight-and-maintains-operational-stability/">The Panama Canal Responds to the Risk of El Ni&#241;o | Panama Canal Authority | May 2026</a></p></li><li><p><a href="https://carraglobe.com/strait-of-hormuz-closure-2026/">Strait of Hormuz Closure 2026: What It Means for Your Supply Chain | Carra Globe | May 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>You&#8217;re a European LNG importer with long-term Qatari contracts:</strong> Utilities in Italy, Belgium, and South Korea are most exposed. Force majeure cover is real, but spot market replacement costs remain elevated, and pressure will hold through summer storage refill and likely into next winter. Edison&#8217;s experience replacing nine of seventeen lost cargoes points to the current procurement reality.</p></li><li><p><strong>You&#8217;re an Asia-Pacific shipper using Panama as a Hormuz alternative:</strong> Year-end traffic looks viable, but if El Ni&#241;o intensifies on schedule, 2027 slots will be rationed first. Container vessels held up reasonably well during the 2023-24 drought at six to seven per day, but draft restrictions cost real cargo on every transit.</p></li><li><p><strong>You run an energy-intensive or oil-dependent business:</strong> Even with the strait reopening, the Ras Laffan damage means 17% of Qatari LNG capacity is locked out for years. Expect structural energy price volatility through 2027 rather than the short-term spike most planning currently assumes.</p></li><li><p><strong>You operate in Australia, India, or Latin America:</strong> S&amp;P Global&#8217;s May PMI for Australia attributes weaker output and rising prices directly to the Middle East war. Seven of ten El Ni&#241;o years have produced a poor Indian monsoon. Latin America faces a projected 0.6 to 1.7 percentage point GDP hit from a moderate to strong event, with 50% of regional hydro power exposed.</p></li><li><p><strong>You&#8217;re an insurer or risk manager:</strong> War risk premiums on Gulf shipping may stay at twenty times pre-conflict levels for months, even after a ceasefire holds. Layered against the parametric climate exposure building across agriculture, correlated exposure is stacking faster than most underwriting models currently recognise.</p></li></ul><h2>Preventative actions</h2><h5><strong>Diversify routing and book early</strong></h5><ul><li><p>Pre-qualify alternative ports, carriers, and overland corridors, and model the cost of each. Book Panama Canal slots now for Q4 2026 and Q1 2027 via the canal&#8217;s forward auction system. Do not wait for the next NOAA update to act.</p></li></ul><h5><strong>Audit LNG contracts for Ras Laffan exposure</strong></h5><ul><li><p>If you hold long-term Qatari LNG contracts, run the maths on three years of partial supply, not three months. Review force majeure clauses for cascading trigger language. Tier two and Tier three supplier dependencies in El Ni&#241;o impact zones should be mapped now.</p></li></ul><h5><strong>Stress-test compounded scenarios</strong></h5><ul><li><p>Treat Hormuz reopening, Ras Laffan offline for three years, and Panama transits cut by 30% as a single combined scenario, not three independent risks. The data supports this as the consensus base case, not a stretch.</p></li></ul><h5><strong>Review insurance correlation</strong></h5><ul><li><p>War risk and climate parametric covers were typically written as independent risks. They no longer are. Talk to your broker about layered exposure and document scenario planning that treats them as one.</p></li></ul><div><hr></div><h2>Quick snippet stories</h2><ol><li><p><strong>China Escalates AI-Targeted Cyber Espionage<br></strong> CrowdStrike&#8217;s 2026 Technology Threat Landscape Report, released 9 June, warns that China-linked groups accounted for more than 58% of state-sponsored cyberattacks targeting the technology sector over the year to March. The report names five Chinese groups including MURKY PANDA, whose password-spraying campaign alone compromised more than 340 US-based entities. AI capabilities are the prize. Firms should harden access controls, monitor for persistent intrusions, and protect proprietary models. <br><a href="https://www.cnbc.com/2026/06/10/crowdstrike-warns-of-increasing-chinese-ai-cyberattacks-on-us-tech.html">Main link to resource</a></p></li><li><p><strong>Microsoft Dev Tools Poisoned to Steal Passwords</strong> <br>Microsoft cut off access to dozens of open source projects hosted on GitHub after hackers injected password-stealing malware into projects connected to its Azure cloud and developer tools used with Claude Code, Gemini&#8217;s command line, and VS Code. At least 70 projects were disabled. This is Microsoft&#8217;s second such breach in weeks, suggesting the first clean-up did not remove the attackers. These are supply chain attacks targeting code used across many products. Rotate credentials and audit your dependencies. <br><a href="https://techcrunch.com/2026/06/08/microsofts-open-source-tools-were-hacked-to-steal-passwords-of-ai-developers/">Main link to resource</a></p></li><li><p><strong>UAE Firms Overestimate Their Crisis Readiness<br></strong> New research from risk management firm Optro, published via MIT Sloan Middle East, finds that 73% of UAE organisations are confident they can meet recovery objectives during a major disruption. When disruption actually struck, 62% failed to recover within those objectives, with roughly 35% exceeding targets by more than double. Only 19% have a formal disaster recovery plan, compared to a global average of 31%. Confidence is not capability. Run independent readiness audits and rehearse realistic scenarios rather than relying on assumptions. <br><a href="https://www.mitsloanme.com/article/most-uae-firms-overestimate-crisis-readiness-study-reveals/">Main link to resource</a></p></li><li><p><strong>One in Four Australian Firms Hit by AI&#8217;s Dark Side</strong> <br>A new QBE Insurance study of Australian businesses with 100 to 2,000 employees finds 26% of those who experienced a cyber incident in the past year believe AI was used against them. That spans AI-assisted vulnerability identification, AI-generated malware, deepfakes, and business email compromise. Critically, 66% of incidents traced back to a supplier relationship. Train staff on AI-driven scams, verify communications, and review your third-party risk closely. <br><a href="https://www.insurancebusinessmag.com/au/news/cyber/one-in-four-australian-businesses-caught-in-ais-darker-side-578249.aspx">Main link to resource</a></p></li><li><p><strong>Australian Manufacturing Squeezed by Weak Demand</strong> <br>S&amp;P Global&#8217;s May PMI shows Australian manufacturing weakening as inflation and supply disruptions persist. The index eased to 50.7 from 51.3 in April, with new orders falling at their fastest pace in seven months. Output price inflation hit its highest level since August 2022. Critically, S&amp;P attributes a large share of this directly to the Middle East war, with international shipping delays lengthening to the second-greatest extent in nearly four years. A clean reminder that the Hormuz story is already showing up in your local PMI numbers. <br><a href="https://www.australianmanufacturing.com.au/australian-manufacturing-faces-weaker-demand-as-inflation-and-supply-disruptions-persist-in-may-sp-global/">Main link to resource</a></p></li></ol><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><div><hr></div><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unbreakable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/model-citizen-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/model-citizen-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/model-citizen-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item><item><title><![CDATA[Search and Destroy | Risk Updates for Weeks of 20 May - 3 June '26]]></title><description><![CDATA[Threat concerns this week: Google's AI just hijacked your brand. Myanmar's civil war is choking the minerals inside your phone. And 5 quick fire threats from food inflation to UK supply chain failure.]]></description><link>https://www.unbreakableventures.com/p/search-and-destroy-risk-updates-for</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/search-and-destroy-risk-updates-for</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Wed, 03 Jun 2026 06:02:56 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/200236546/bcc551fa06c122d2145526263cfb391c.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!Y5we!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4bafa8ab-a8ad-4007-afa9-288e0165bd98_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!Y5we!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4bafa8ab-a8ad-4007-afa9-288e0165bd98_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!Y5we!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4bafa8ab-a8ad-4007-afa9-288e0165bd98_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!Y5we!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4bafa8ab-a8ad-4007-afa9-288e0165bd98_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!Y5we!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4bafa8ab-a8ad-4007-afa9-288e0165bd98_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!Y5we!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4bafa8ab-a8ad-4007-afa9-288e0165bd98_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/4bafa8ab-a8ad-4007-afa9-288e0165bd98_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:390633,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/200236546?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4bafa8ab-a8ad-4007-afa9-288e0165bd98_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!Y5we!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4bafa8ab-a8ad-4007-afa9-288e0165bd98_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!Y5we!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4bafa8ab-a8ad-4007-afa9-288e0165bd98_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!Y5we!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4bafa8ab-a8ad-4007-afa9-288e0165bd98_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!Y5we!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4bafa8ab-a8ad-4007-afa9-288e0165bd98_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Hello &#128075; get a brew on because <strong>these are the top emerging risks between May 20th, and June 3rd, 2026&#8230;</strong></p><p><strong><a href="https://fixinc.substack.com/about">Review our report&#8217;s terminology here &#8599;</a></strong></p><p>Our main risk this fortnight is&#8230;</p><h2>1. <strong>Technological: Google AI Reshaping Brand Control Online</strong></h2><ul><li><p>Google&#8217;s AI Overviews now dominate search results, pushing organic website links further down the page. For businesses of all sizes, this represents a fundamental loss of control over how customers discover and engage with their brands online.</p></li><li><p>Small and medium enterprises reliant on organic search traffic face an existential visibility crisis as AI-generated summaries answer user queries directly, reducing click-through rates to websites by significant margins and undermining years of search engine optimisation investment.</p></li><li><p>Larger businesses face a different but equally serious threat: AI-generated answers can misrepresent brand information, hallucinate product details, or present competitors&#8217; offerings alongside their own, with no editorial oversight or correction mechanism available to the companies affected.</p></li><li><p>The shift means businesses are losing control not only of where their websites rank in search results, but of how their brand, products, and corporate information are portrayed and summarised by an AI system they cannot directly influence or correct.</p></li><li><p>Publishers and content creators are caught in a paradox: their content trains the AI that then replaces their traffic. Google&#8217;s dominance of the search market means opting out of indexing carries its own severe commercial penalties, leaving few viable alternatives.</p></li><li><p>Industry analysts warn that the long-term consequence is a consolidation of informational power within a single platform, where Google&#8217;s AI becomes the de facto intermediary between businesses and their customers, fundamentally altering the economics of digital marketing and brand management.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://time.com/article/2026/05/20/google-search-ai-internet/">Is Google&#8217;s AI-Powered Search Engine Killing the Internet? | TIME | May 2026</a></p></li><li><p><a href="https://www.theverge.com/2025/5/28/24435680/google-ai-overviews-search-traffic-publishers">Google AI Overviews Are Reshaping Search Traffic for Publishers | The Verge | May 2026</a></p></li><li><p><a href="https://www.searchenginejournal.com/google-ai-overviews-seo-strategy/535742/">How Google&#8217;s AI Overviews Are Changing SEO Strategy | Search Engine Journal | April 2026</a></p></li><li><p><a href="https://www.ft.com/content/google-ai-search-advertising-ecosystem">Google&#8217;s AI Search Threatens $70 Billion Digital Advertising Ecosystem | Financial Times | May 2026</a></p></li><li><p><a href="https://www.reuters.com/technology/zero-click-searches-brands-google-ai-2026-03/">The Rise of Zero-Click Searches and What It Means for Brands | Reuters | March 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Small and medium enterprises dependent on organic search traffic:</strong> Your primary customer acquisition channel is being structurally undermined. AI Overviews reduce the need for users to visit your website, meaning years of SEO investment may yield diminishing returns without alternative digital strategies in place.</p></li><li><p><strong>Large enterprises and global brands:</strong> The threat is not visibility but accuracy. Google&#8217;s AI may hallucinate product specifications, misattribute reviews, or present misleading brand information to millions of users. You have no direct editorial control over these AI-generated summaries, creating reputational risk at scale.</p></li><li><p><strong>Digital marketing and SEO professionals:</strong> The professional discipline of search engine optimisation is being fundamentally disrupted. Traditional ranking factors matter less when an AI summary captures user attention before organic results are even seen. Career and business model adaptation is now urgent.</p></li><li><p><strong>Publishers, media companies, and content creators:</strong> Your content is being used to train AI systems that then eliminate the traffic your business model depends on. The economic feedback loop that sustained quality journalism and specialist content is breaking down, with no clear replacement revenue model.</p></li><li><p><strong>E-commerce businesses and online retailers:</strong> Product searches increasingly receive AI-generated comparison summaries that may favour competitors, misrepresent pricing, or direct users to alternative purchasing channels. The loss of direct search-to-purchase traffic threatens conversion rates and customer acquisition costs.</p></li></ul><p><em>These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don&#8217;t know what they are, <a href="https://www.fixinc.io">get in touch.</a></em></p><h2>Preventative actions</h2><h5><strong>Diversify customer acquisition channels beyond organic search</strong></h5><ul><li><p>Businesses should reduce dependence on Google search by investing in direct audience relationships through email lists, community platforms, social media, and partnerships. Building owned channels ensures customer access regardless of algorithm changes.</p></li></ul><h5><strong>Implement active brand monitoring for AI-generated content</strong></h5><ul><li><p>Organisations should deploy monitoring tools that regularly audit how Google&#8217;s AI Overviews represent their brand, products, and services. Document inaccuracies systematically and use Google&#8217;s feedback mechanisms and legal channels to request corrections promptly.</p></li></ul><h5><strong>Develop structured data and authoritative content strategies</strong></h5><ul><li><p>Ensure all website content uses structured data markup to maximise the accuracy of AI-generated summaries. Publish authoritative, clearly sourced content that AI systems are more likely to represent correctly, reducing hallucination risk.</p></li></ul><h5><strong>Engage in industry advocacy for AI transparency and accountability</strong></h5><ul><li><p>Join industry coalitions advocating for regulatory frameworks that require AI search systems to disclose sources, provide correction mechanisms, and compensate content creators fairly. Collective action is more effective than individual company efforts.</p></li></ul><h5><strong>Build direct-to-consumer relationships and first-party data assets</strong></h5><ul><li><p>Invest in loyalty programmes, subscription models, and direct communication channels that bypass search intermediaries entirely. First-party data and direct customer relationships are the most resilient assets in an AI-mediated digital landscape.</p></li></ul><div><hr></div><h2>2. <strong>Geopolitical: Myanmar Conflict Threatens Global Rare Earth Supply</strong></h2><ul><li><p>Escalating armed conflict in Myanmar&#8217;s Kachin and Shan states is disrupting rare earth mining operations that supply a significant share of China&#8217;s heavy rare earth feedstock, creating a cascading vulnerability for global technology, defence, and clean energy supply chains.</p></li><li><p>Resistance forces have launched targeted offensives against junta-controlled mining regions, forcing operations to halt or relocate. These disruptions are compounding existing Chinese export restrictions on rare earth processing technology, tightening an already constrained global supply.</p></li><li><p>Heavy rare earth elements such as dysprosium and terbium, critical for permanent magnets used in electric vehicles, wind turbines, and military systems, are disproportionately sourced from Myanmar&#8217;s conflict zones, making the disruption strategically significant beyond its apparent geographic scale.</p></li><li><p>China&#8217;s dominance over rare earth refining means that even nations sourcing raw materials from alternative locations remain dependent on Chinese processing infrastructure. The Myanmar disruption therefore amplifies a pre-existing single point of failure in the global rare earth value chain.</p></li><li><p>Western governments and allied nations have accelerated rare earth diversification programmes, but new mining and refining operations require years of development. The gap between strategic intent and operational capability leaves critical industries exposed in the near to medium term.</p></li><li><p>The humanitarian dimension of Myanmar&#8217;s rare earth mining, including forced labour, environmental destruction, and conflict financing, adds regulatory and reputational risk for companies whose supply chains trace back to these sources, even indirectly.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://discoveryalert.com.au/myanmar-rare-earth-crisis-supply-chain-offensives/">Myanmar Rare Earth Crisis: Supply Chain Offensives | Discovery Alert | May 2026</a></p></li><li><p><a href="https://www.reuters.com/markets/commodities/china-rare-earth-myanmar-conflict-disruption-2026-05/">China&#8217;s Rare Earth Dominance Faces New Disruption from Myanmar Conflict | Reuters | May 2026</a></p></li><li><p><a href="https://www.bloomberg.com/news/articles/2026-04-fragile-rare-earth-supply-chain-clean-energy">The Fragile Supply Chain Behind the Clean Energy Transition | Bloomberg | April 2026</a></p></li><li><p><a href="https://www.theguardian.com/global-development/2026/mar/myanmar-rare-earth-mines-conflict-environment">Myanmar&#8217;s Rare Earth Mines: Conflict, Environment, and Global Dependence | The Guardian | March 2026</a></p></li><li><p><a href="https://www.defenseone.com/technology/2026/05/pentagon-critical-mineral-vulnerabilities-defense-supply-chains/">Pentagon Warns of Critical Mineral Vulnerabilities in Defence Supply Chains | Defense One | May 2026</a></p></li><li><p><a href="https://www.ft.com/content/rare-earth-diversification-urgency-2026">Race to Diversify Rare Earth Supply Gains Urgency | Financial Times | April 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Electric vehicle and clean energy manufacturers:</strong> Your production timelines and cost structures depend on stable access to heavy rare earth elements for permanent magnets. Myanmar disruptions combined with Chinese export controls create compounding supply risk that could delay vehicle and turbine production.</p></li><li><p><strong>Defence and aerospace contractors:</strong> Military systems including precision-guided munitions, fighter jet engines, and satellite components require rare earth inputs with no viable short-term substitutes. Supply disruptions from Myanmar directly threaten production schedules and national security readiness.</p></li><li><p><strong>Technology companies and electronics manufacturers:</strong> Consumer electronics, data centre hardware, and semiconductor manufacturing all depend on rare earth elements. Even indirect exposure through component suppliers creates vulnerability that may not be visible until shortages materialise at the assembly stage.</p></li><li><p><strong>Governments pursuing clean energy transition targets:</strong> National decarbonisation strategies assume stable and affordable access to rare earth materials. The Myanmar crisis exposes the gap between climate policy ambitions and the geopolitical reality of critical mineral supply, potentially delaying transition timelines.</p></li><li><p><strong>ESG-conscious investors and compliance teams:</strong> Rare earth sourcing from Myanmar&#8217;s conflict zones carries significant forced labour, environmental, and conflict financing risks. Companies unable to demonstrate clean supply chains face regulatory penalties, investor scrutiny, and reputational damage under tightening due diligence requirements.</p></li></ul><h2>Preventative actions</h2><h5><strong>Map rare earth supply chains to origin with full transparency</strong></h5><ul><li><p>Organisations should trace rare earth inputs beyond first-tier suppliers to identify Myanmar or conflict-zone exposure. Engage suppliers with specific questions about sourcing and processing to uncover hidden dependencies before disruptions force reactive decisions.</p></li></ul><h5><strong>Accelerate qualification of alternative rare earth sources</strong></h5><ul><li><p>Begin technical qualification of rare earth materials from emerging suppliers in Australia, Canada, Brazil, and Africa now, even at higher cost. Diversifying supply requires years of testing and certification, making early investment essential for medium-term resilience.</p></li></ul><h5><strong>Invest in recycling and circular economy capabilities for rare earths</strong></h5><ul><li><p>Urban mining and rare earth recycling from end-of-life electronics, magnets, and batteries can reduce primary material dependence. Organisations should invest in or partner with recycling operations to build secondary supply capacity as a strategic buffer.</p></li></ul><h5><strong>Engage with government critical mineral programmes and stockpiling initiatives</strong></h5><ul><li><p>Companies should actively participate in national and allied critical mineral strategies, including stockpiling programmes, joint procurement arrangements, and research funding for substitute materials. Collective action reduces individual company exposure and builds systemic resilience.</p></li></ul><h5><strong>Conduct scenario planning for prolonged rare earth supply disruption</strong></h5><ul><li><p>Model the impact of a sustained six-to-eighteen month disruption in heavy rare earth supply on production, revenue, and contractual obligations. Identify which products or programmes are most exposed and develop contingency plans including design modifications to reduce rare earth intensity.</p></li></ul><div><hr></div><h2>Quick snippet stories</h2><ol><li><p><strong>Global Food Inflation Risks Rise as Hormuz Tensions and El Nino Converge</strong><br>The Strait of Hormuz disruption threatens fertiliser and grain shipments from the Gulf, while a developing El Nino pattern risks reducing agricultural yields across Asia and Latin America. The convergence of geopolitical and climate risks could trigger food price spikes affecting import-dependent nations most severely. Governments and importers should diversify sourcing and build strategic food reserves. <a href="https://m.dailyhunt.in/news/india/english/newsx+english-epaper-newsxen/global+food+inflation+risks+surge+as+strait+of+hormuz+and+el+nino+threaten+supply+chains-newsid-n713349834">Main link to resource</a></p></li><li><p><strong>$670 Billion in Planned US Data Centres Face High Storm Exposure</strong> <br>A significant share of planned US data centre investment is concentrated in regions with elevated hurricane, tornado, and flood risk. As AI demand drives rapid construction, operators risk building critical digital infrastructure in climate-vulnerable zones. Investors and operators should mandate catastrophe modelling and climate-resilient design standards before committing capital. <br><a href="https://www.insurancebusinessmag.com/us/news/property/670-billion-in-planned-us-data-centers-face-high-storm-risk-576583.aspx">Main link to resource</a></p></li><li><p><strong>The Hidden Cost of a Single Chip Fab Disruption</strong> <br>Semiconductor fabrication plants operate continuously, and even brief disruptions can destroy in-process wafers worth millions and take weeks to restart. This matters because the semiconductor industry is already under immense geopolitical and capacity strain; additional disruptions cascade into virtually every industry from automotive to healthcare. Manufacturers should invest in redundant systems and multi-site production strategies. <br><a href="https://www.businesstoday.in/technology/story/why-chip-fabs-cant-afford-to-stop-the-hidden-cost-of-a-single-disruption-533837-2026-05-29">Main link to resource</a></p></li><li><p><strong>Marine Insurance&#8217;s Overlooked Role in Supply Chain Resilience</strong> <br>Rising geopolitical tensions, piracy, and climate-related maritime hazards are increasing cargo losses, yet many businesses underestimate marine insurance as a risk management tool. Inadequate coverage leaves firms exposed to catastrophic financial loss when shipments are delayed, damaged, or seized. Companies should review marine insurance portfolios against current threat levels. <br><a href="https://theedgemalaysia.com/content/advertise/the-overlooked-role-of-marine-insurance-in-an-era-of-supply-chain-disruptions">Main link to resource</a></p></li><li><p><strong>UK Supply Chains Unprepared for Major Shocks, Report Warns</strong> <br>A parliamentary report warns that UK supply chains remain dangerously exposed to major disruptions including conflict, pandemics, and climate events. Critical sectors including food, energy, and pharmaceuticals lack sufficient stockpiles and contingency planning. Businesses and policymakers should stress-test supply chains against severe scenarios and invest in domestic resilience. <a href="https://www.theguardian.com/politics/2026/may/24/uk-supply-chain-unprepared-for-major-shocks-war-report-warns">Main link to resource</a></p></li></ol><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><div><hr></div><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unbreakable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/search-and-destroy-risk-updates-for?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/search-and-destroy-risk-updates-for?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/search-and-destroy-risk-updates-for?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item><item><title><![CDATA[Canvas: How a single vendor becomes a critical infrastructure risk]]></title><description><![CDATA[275 million records stolen, and not for the first time. The ongoing battle between industry and market dominant suppliers.]]></description><link>https://www.unbreakableventures.com/p/canvas-how-a-single-vendor-becomes</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/canvas-how-a-single-vendor-becomes</guid><dc:creator><![CDATA[Umaima Farhan]]></dc:creator><pubDate>Wed, 27 May 2026 05:38:26 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!HAAX!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!HAAX!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!HAAX!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!HAAX!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!HAAX!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!HAAX!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!HAAX!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/a1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:785514,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/199411890?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!HAAX!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!HAAX!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!HAAX!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!HAAX!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa1f7b692-a9d0-4b9e-802d-7b4a0ea1fcc3_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><a href="https://www.instructure.com/canvas">Canvas</a> is the learning management system that powers <a href="https://onedtech.philhillaa.com/p/state-of-higher-ed-lms-market-for-us-and-canada-year-end-2024-edition">41% of North American universities</a>. The education software provider controls exams, grades, and student communications for <a href="https://www.bing.com/ck/a?!&amp;&amp;p=9b2c90ceaa4d96aa379359e795c4c671e935503dc495b18e4231a4ca01f53c2bJmltdHM9MTc3OTc1MzYwMA&amp;ptn=3&amp;ver=2&amp;hsh=4&amp;fclid=3e8b2592-8d1c-6833-034f-32b78c40696c&amp;psq=275+million+users+worldwide+canvas&amp;u=a1aHR0cHM6Ly9lY29ub21pY3RpbWVzLmluZGlhdGltZXMuY29tL25ld3MvaW50ZXJuYXRpb25hbC91cy9pcy1jYW52YXMtc3RpbGwtaGFja2VkLXdoYXQtaXMtYS1kYXRhLWJyZWFjaC10aGUtc2hvY2tpbmctY2FudmFzLWN5YmVyYXR0YWNrLXRpbWVsaW5lL2FydGljbGVzaG93LzEzMDk1OTMxNS5jbXM">275 million users worldwide</a>. </p><p>On May 7, 2026, hackers breached Canvas and demonstrated a systemic vulnerability: <strong>when one vendor fails, entire regional education systems collapse at the same moment.</strong> The extortion group <a href="https://www.bing.com/ck/a?!&amp;&amp;p=ade927bc42a94aa0c784c6ecd0d18cb73797490113a858dd727ac456e5069ccaJmltdHM9MTc3OTc1MzYwMA&amp;ptn=3&amp;ver=2&amp;hsh=4&amp;fclid=3e8b2592-8d1c-6833-034f-32b78c40696c&amp;psq=ShinyHunters&amp;u=a1aHR0cHM6Ly93d3cubGVtb25kZS5mci9lbi9waXhlbHMvYXJ0aWNsZS8yMDI2LzA1LzIwL3NoaW55aHVudGVycy10aGUtZWx1c2l2ZS1oYWNraW5nLW5ldHdvcmstdGhhdC1zdGFydGVkLWluLWZyYW5jZV82NzUzNjY1XzEzLmh0bWw">ShinyHunters</a> claimed to have stolen 3.65 terabytes of data from approximately 9,000 educational institutions. But the scale obscures the real lesson.</p><p>Canvas is the operational backbone of modern universities. It hosts lecture materials, manages enrollment, delivers exams, stores private communications between students and faculty, and maintains grades. When it goes offline, entire institutions grind to a halt.</p><p>On May 7, 2026, at precisely 1:20 p.m. PDT (UTC-7), Canvas went offline globally. The <a href="https://www.unimelb.edu.au/cybersecurity/resources/canvas-incident">University of Melbourne</a>, <a href="https://www.rmit.edu.au/news/media-releases-and-expert-comments/2026/may/canvas-incident">RMIT</a>, Griffith University, <a href="https://adelaide.edu.au/about/news/2026/canvas-security-incident/">Adelaide University</a>, <a href="https://www.bing.com/ck/a?!&amp;&amp;p=827431186d72e3c53c8f2680f0712d73dfede51c9a4a3fa389f8421611b36ef5JmltdHM9MTc3OTc1MzYwMA&amp;ptn=3&amp;ver=2&amp;hsh=4&amp;fclid=3e8b2592-8d1c-6833-034f-32b78c40696c&amp;psq=University+of+Canberra++canvas+breach+statement&amp;u=a1aHR0cHM6Ly93d3cuY2FuYmVycmEuZWR1LmF1L2Fib3V0LXVjL21lZGlhL25ld3Nyb29tLzIwMjYvbWF5L2NhbnZhcy1vdXRhZ2UtYW5kLWluc3RydWN0dXJlLWN5YmVyc2VjdXJpdHktaW5jaWRlbnQtaW1wYWN0LW9uLXVjLWxlYXJuaW5nLWFuZC10ZWFjaGluZw">University of Canberra</a>, and the Queensland University of Technology were all affected simultaneously. The National University of Singapore (NUS) and the Singapore Institute of Management (SIM) were named in the global breach list. In New Zealand, the <a href="https://www.bing.com/ck/a?!&amp;&amp;p=843b143d07dccaa7f98f062cadba48d3d055f6c7fd745d854b401e2a535018efJmltdHM9MTc3OTc1MzYwMA&amp;ptn=3&amp;ver=2&amp;hsh=4&amp;fclid=3e8b2592-8d1c-6833-034f-32b78c40696c&amp;psq=University+of+Auckland+canvas+breach+statement+university+website&amp;u=a1aHR0cHM6Ly93d3cuYXVja2xhbmQuYWMubnovZW4vbmV3cy9ub3RpY2VzLzIwMjYvY3liZXJzZWN1cml0eS1pbmNpZGVudC1pbnZvbHZpbmctY2FudmFzLmh0bWw">University of Auckland</a>, Auckland University of Technology, and Victoria University of Wellington were affected.</p><p>The absence of a regional response mechanism meant universities across ASEAN and Oceania had to wait for an American vendor to resolve an American security failure. The cost and complexity made it feel like an unnecessary hedge. But when the vendor failed, improvisation became the only option.</p><h2>What we know about ShinyHunters</h2><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!apt9!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42939fa5-e75b-403c-bc67-80786aaa3f2b_754x470.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!apt9!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42939fa5-e75b-403c-bc67-80786aaa3f2b_754x470.jpeg 424w, https://substackcdn.com/image/fetch/$s_!apt9!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42939fa5-e75b-403c-bc67-80786aaa3f2b_754x470.jpeg 848w, https://substackcdn.com/image/fetch/$s_!apt9!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42939fa5-e75b-403c-bc67-80786aaa3f2b_754x470.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!apt9!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42939fa5-e75b-403c-bc67-80786aaa3f2b_754x470.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!apt9!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42939fa5-e75b-403c-bc67-80786aaa3f2b_754x470.jpeg" width="754" height="470" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/42939fa5-e75b-403c-bc67-80786aaa3f2b_754x470.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:470,&quot;width&quot;:754,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:100987,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/199411890?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42939fa5-e75b-403c-bc67-80786aaa3f2b_754x470.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!apt9!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42939fa5-e75b-403c-bc67-80786aaa3f2b_754x470.jpeg 424w, https://substackcdn.com/image/fetch/$s_!apt9!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42939fa5-e75b-403c-bc67-80786aaa3f2b_754x470.jpeg 848w, https://substackcdn.com/image/fetch/$s_!apt9!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42939fa5-e75b-403c-bc67-80786aaa3f2b_754x470.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!apt9!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42939fa5-e75b-403c-bc67-80786aaa3f2b_754x470.jpeg 1456w" sizes="100vw"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a><figcaption class="image-caption">ShinyHunters&#8217; page for a recent AT&amp;T target.</figcaption></figure></div><p>ShinyHunters is an extortion collective active since 2020. The group does not deploy ransomware that encrypts data. Instead, it steals data and threatens to publish it unless the target pays. ShinyHunters is a prolific and fluid cybercriminal group that specializes in data theft and extortion, typically gaining access through voice phishing and social engineering attacks that often involve impersonating IT personnel or trusted members.</p><h2>The Attack: Two breaches, same root cause</h2><p>On April 29, <em><a href="https://www.instructure.com/">Instructure</a></em>, an education technology company that develops the Canvas Learning Management System (LMS), detected unauthorized activity in its Canvas platform. ShinyHunters claimed responsibility on May 3 and launched a public extortion campaign with an initial May 7 deadline, later extended to May 12. </p><p>Instructure took Canvas offline on May 7 for investigation and restored service the following day. On May 7, the attackers injected JavaScript directly into roughly <a href="https://hackread.com/instructure-shinyhunters-deal-prevent-canvas-data-leak/">330 institutional Canvas login portals</a>, replacing them with defacement messages during final exams and AP testing. Students logging in to submit assignments saw a ransom note instead of their courses. </p><p>Instructure replaced the defacement with a maintenance message, but the underlying access remained open. This gap exposed how quickly containment claims can be outpaced by reality. (Source: Hackread.com)</p><p>The May 7 defacement was not a new intrusion. It was ShinyHunters demonstrating that Instructure&#8217;s May 2 &#8220;containment&#8221; claim was false. The same access paths remained open.</p><h2>Why This Happened: The procurement failure</h2><p>Cost avoidance dominated risk prevention. Migrating from one LMS to another costs $5-15 million and requires 18-24 months of planning, faculty retraining, and curriculum redesign. Once embedded, Canvas becomes the path of least resistance. Changing it becomes prohibitively expensive.</p><p>Procurement committees optimized for the wrong metrics. LMS selection typically compares user interface, features, and price. Nobody asks, </p><div class="pullquote"><p>&#8220;What happens if this vendor is compromised during finals week?&#8221; </p></div><p>The question is too uncomfortable. The answer is too costly to implement.</p><p>Institutional inertia is frictionless. Canvas dominates North America and Europe. Regional procurement teams chose the established global standard rather than invest in localized alternatives. The economics pointed toward Canvas.</p><p>While <a href="https://moodle.org/">Moodle</a> remains the dominant LMS in Australia and New Zealand, Canvas has seen a fivefold increase in adoption in less than a decade, with its clean interface, responsive support, and frequent updates making it an appealing option for many institutions, particularly larger universities and those offering blended or online-first programs.</p><p>When ShinyHunters struck on May 7, multiple continents&#8217; worth of universities went offline at exactly the moment institutional leverage was highest.</p><h2>What was stolen</h2><p><strong>275 million records at last count.</strong></p><p>The exfiltrated data included names, email addresses, student ID numbers, and messages among users. Instructure said it had found no evidence that passwords, birth dates, government IDs, or financial information were involved.</p><p>Private messages are the most damaging element. Canvas inboxes frequently contain pastoral and welfare discussions, disability accommodations correspondence, grade disputes, mental health disclosures, and Title IX disclosures (reports related to sexual harassment, discrimination, and misconduct). Even without passwords or financial data, the messaging corpus alone is sufficient to enable highly targeted social engineering against millions of students.</p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/canvas-how-a-single-vendor-becomes?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">If this piece is valuable, consider spreading the word and sharing on your feed today. After all, resilience is about community and communication.</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/canvas-how-a-single-vendor-becomes?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/canvas-how-a-single-vendor-becomes?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><h2>Four structural failures</h2><h3>1. Concentration risk treated as a feature, not a threat</h3><p>In Oceania, the picture is concentrated: Moodle dominates with approximately 56% market share, with Canvas as a rapidly growing second choice. When a single platform controls 25-40% of institutional operations depending on the region, its compromise becomes a regional emergency rather than a customer-specific incident.</p><p>Why did universities allow this? The answer is uncomfortable, because the alternative was worse. </p><p>Switching costs are so high that institutions choose the known risk of Canvas over the unknown risks of alternatives. This is not unique to education: healthcare systems face the same dynamics as Epic (54% market share), governments with Microsoft, and finance with Swift. And in many cases, subscribers simply haven&#8217;t assessed the risk and validated their systems.</p><h3>2. Containment claims were never verified</h3><p>Instructure&#8217;s status page reported no incidents on May 8, while students on Reddit were still posting screenshots of the defacement. The gap between the status page saying nothing while the defacement was still visible to users is worth noting.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!b1B-!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbe4d3aa-309f-4436-8309-582b0a08fa22_1024x768.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!b1B-!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbe4d3aa-309f-4436-8309-582b0a08fa22_1024x768.jpeg 424w, https://substackcdn.com/image/fetch/$s_!b1B-!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbe4d3aa-309f-4436-8309-582b0a08fa22_1024x768.jpeg 848w, https://substackcdn.com/image/fetch/$s_!b1B-!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbe4d3aa-309f-4436-8309-582b0a08fa22_1024x768.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!b1B-!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbe4d3aa-309f-4436-8309-582b0a08fa22_1024x768.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!b1B-!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbe4d3aa-309f-4436-8309-582b0a08fa22_1024x768.jpeg" width="1024" height="768" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/dbe4d3aa-309f-4436-8309-582b0a08fa22_1024x768.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:768,&quot;width&quot;:1024,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:232875,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/199411890?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbe4d3aa-309f-4436-8309-582b0a08fa22_1024x768.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!b1B-!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbe4d3aa-309f-4436-8309-582b0a08fa22_1024x768.jpeg 424w, https://substackcdn.com/image/fetch/$s_!b1B-!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbe4d3aa-309f-4436-8309-582b0a08fa22_1024x768.jpeg 848w, https://substackcdn.com/image/fetch/$s_!b1B-!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbe4d3aa-309f-4436-8309-582b0a08fa22_1024x768.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!b1B-!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbe4d3aa-309f-4436-8309-582b0a08fa22_1024x768.jpeg 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Rather than wait for Instructure&#8217;s assurances about containment, University of Technology Sydney, RMIT, Adelaide University, and the Queensland Department of Education made a decisive choice: <a href="https://www.ancorepartners.com/insights/what-the-canvas-breach-tells-us-about-third-party-security-risk/">they temporarily disabled Canvas access entirely as a precautionary measure</a>. This was not a defensive panic. It was institutional self-protection.</p><p>This stands as a textbook example of responsible cybersecurity governance: when a vendor&#8217;s containment claims cannot be independently verified, the burden of proof shifts to the institution, not to the vendor. These four institutions understood that the cost of temporary access denial was far lower than the cost of a breach spreading unchecked through their systems during the most critical academic period of the year.</p><h3>3. No offline redundancy for critical workflows</h3><p>When Canvas went offline, courses were unreachable. Exams cannot be administered. Grade books were inaccessible. Most institutions had never pre-staged offline assessment infrastructure. No university had built parallel exam delivery systems. The absence was due to the perceived prohibitive cost and operational complexity. When the platform failed, improvisation became the only option available.</p><h3>4. No regional incident coordination</h3><p>ASEAN and Oceania have no unified procurement standards for education vendors. </p><p>No regional security baseline exists. The <a href="https://www.fortunebusinessinsights.com/industry-reports/learning-management-system-market-101376">Asia Pacific region captures 21.60% of global LMS revenue</a> and is expected to witness robust growth, with Australia, China, Japan, India, Singapore, Malaysia and other developing countries focusing on funding platforms to facilitate online training and education, yet there is no coordinated policy framework governing vendor security requirements across these countries. (Source: <a href="https://www.fortunebusinessinsights.com/industry-reports/learning-management-system-market-101376">Fortune Business Insights</a>)</p><p>The absence of coordination created a cascading vulnerability. When Canvas went offline, nine universities in ASEAN and Oceania made independent decisions about extensions, rescheduling, and continuation. Some disabled access entirely. Others waited. There was no shared incident response protocol. No unified communication to students. No coordinated demand for vendor transparency. Each institution improvised in isolation, unable to pool resources or information.</p><p>This is different from North America, where major university systems can coordinate through regional education consortiums. It is different from Europe, which has unified data protection frameworks (GDPR). ASEAN and Oceania have neither. The Office of the Australian Information Commissioner (OAIC) stated that affected Australian users must first lodge privacy complaints directly with Instructure or their institution and allow 30 days for a response. </p><p>Additionally, state and territory government schools are governed by state privacy laws rather than federal privacy laws, adding further fragmentation to breach response.</p><p>The result: a single vendor&#8217;s failure becomes a regional problem with no regional solution. Universities cannot negotiate collectively. They cannot demand shared security standards. They cannot even <a href="https://www.fixinc.io/technology/f24">share incident information in real time.</a> The cost of this fragmentation is borne entirely by institutions during the crisis.</p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">If this content provided some sort of value, please consider subscribing for more.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><h2>The ransom decision</h2><p>On May 12, Instructure <a href="https://www.ic3.gov/PSA/2026/PSA260515">confirmed it had paid</a> an undisclosed sum to ShinyHunters. </p><p>The company received digital attestations claiming that the data was deleted. ShinyHunters updated their announcement saying they were no longer seeking payment from impacted institutions and claimed the stolen data had been deleted.</p><div class="pullquote"><p><strong>The stolen data does not expire when a ransom gets paid.</strong> </p></div><p>Attackers hold onto exfiltrated records and run phishing campaigns weeks or months later, often when awareness has faded. Institutions using Canvas should treat this as ongoing.</p><p>Instructure faced a deadline set by attackers, imminent reputational damage, millions in remediation costs, and an avalanche of lawsuits. The ransom decision reflected the constraints the company faced under extreme pressure.</p><h2>The precedent problem</h2><p>The willingness to pay matters beyond Instructure. In May 2026, ShinyHunters is operating under a model of third-party integrator compromise: find a vendor that sits in the middle of hundreds of institutions, breach the vendor once, and the downstream reach multiplies across every customer in their portfolio. We mentioned this threat <a href="https://www.unbreakableventures.com/p/breaking-point-risk-updates-for-weeks">in our latest weekly threat update</a> concerning state-backed hackers.</p><p>Earlier in 2026, ShinyHunters claimed breaches of Infinite Campus, a widely used K-12 student information system, and publisher McGraw Hill. In October 2025, the group claimed over a billion records from a Salesforce breach that also touched McGraw Hill and Instructure. The pattern across these incidents is the same: go for the shared vendor, not the individual institution.</p><p>The threat here is that when you comply to ransomware demands, payment signals to the broader ecosystem that the model works.</p><h2>Immediate lessons for ASEAN and Oceania institutions</h2><h3>Do Not Assume Vendor Containment Claims</h3><ul><li><p>Instructure claimed containment May 2; attackers remained until May 7</p></li><li><p>Require third-party forensic audit before service resumption (vendor pays)</p></li><li><p>Contract must define &#8220;containment&#8221;: all access paths verified closed, no similar vulnerabilities</p></li><li><p>Include service credits for missed timelines or false claims</p></li></ul><h3>Build Offline Exam Infrastructure Now</h3><ul><li><p>Maintain fallback exam server; train proctors on offline protocols</p></li><li><p>Establish manual grading workflow independent of vendor</p></li><li><p>Run quarterly drills; practice before you need it</p></li><li><p>Cost is minimal versus disrupted finals</p></li></ul><h3>Minimize Sensitive Data in Canvas</h3><ul><li><p>Auto-delete messages after 6 months</p></li><li><p>Move disability accommodations, mental health, Title IX records to separate secure system</p></li><li><p>Breach exfiltrated data is actively used in phishing; limit future damage</p></li></ul><h3>Independent Emergency Communications</h3><ul><li><p>Canvas down = your notification system down; build redundancy</p></li><li><p>Use email, SMS, and voice IVR independent of vendor</p></li><li><p><a href="https://www.fixinc.io/technology/f24">F24</a>, our crisis communication partner, provides exactly this: reliable notifications when your primary system fails</p></li><li><p>Test quarterly</p></li></ul><h2>The Ecosystem Problem: This is not unique to education</h2><p><strong>Healthcare:</strong> <a href="https://healthsystemcio.com/2026/05/14/acute-care-ehr-market-share-2026/">Epic Systems controls roughly 54% of the U.S. hospital market, with growing presence in Australia and New Zealand</a>. A compromise of Epic&#8217;s infrastructure would disrupt patient care across multiple continents simultaneously.</p><p><strong>Government:</strong> Microsoft dominates government IT infrastructure globally. Entire government agencies run on Office 365, Azure, and Windows, creating single points of failure at scale. We have already seen notable examples of Microsoft failures through the likes of the CrowdStrike crisis in 2024.</p><p><strong>Finance:</strong> Swift handles approximately 11 million financial transactions per day across 11,000 financial institutions. A compromise of Swift would be a global financial catastrophe.</p><p>Canvas is not an anomaly. It is one data point in a pattern of institutional decisions that prioritize short-term cost avoidance over systemic resilience.</p><h2>What might happen next</h2><p>ASEAN and Oceania universities will face a choice: invest in resilience or wait for the next crisis.</p><ul><li><p>Regional procurement standards: mandatory vendor audits, API key rotation SLAs, tenant isolation attestations</p></li><li><p>Data residency rules that incentivize regional vendor diversity</p></li><li><p>Cross-border incident coordination frameworks for information sharing during crises</p></li><li><p>Contingency funding for LMS migration during high-risk periods</p></li><li><p>None of this exists. ASEAN and Oceania provide minimal regulatory pressure for protections the market doesn&#8217;t yet require</p></li></ul><h2>The uncomfortable truth</h2><p>Universities knew. Procurement teams knew. IT leaders knew. Single-vendor concentration is risky. The Canvas breach did not create this knowledge. It just proved it at a scale that could no longer be ignored.</p><p>The question now is whether that proof will translate into actual change. History suggests it will not. Each major breach generates outrage, media attention, and vendor commitments to improve. Within months, procurement patterns return to normal. The next breach becomes someone else&#8217;s problem until it becomes yours.</p><p>For institutions in ASEAN and Oceania, the Canvas incident should be a trigger for genuine risk assessment. It should prompt procurement teams to ask uncomfortable questions about concentration, switching costs, and institutional resilience. It should force hard conversations about budget priorities.</p><p>But this is difficult. Most universities are trapped in a system where the short-term cost of change exceeds the perceived long-term risk of failure.</p><p>That calculation will only change when the cost of failure becomes unavoidable. By then, it may be too late.</p><div><hr></div><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!4le4!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22e96d3c-a1cc-42ef-a551-02e6c45c56c5_1200x1200.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!4le4!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22e96d3c-a1cc-42ef-a551-02e6c45c56c5_1200x1200.jpeg 424w, https://substackcdn.com/image/fetch/$s_!4le4!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22e96d3c-a1cc-42ef-a551-02e6c45c56c5_1200x1200.jpeg 848w, https://substackcdn.com/image/fetch/$s_!4le4!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22e96d3c-a1cc-42ef-a551-02e6c45c56c5_1200x1200.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!4le4!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22e96d3c-a1cc-42ef-a551-02e6c45c56c5_1200x1200.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!4le4!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22e96d3c-a1cc-42ef-a551-02e6c45c56c5_1200x1200.jpeg" width="348" height="348" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/22e96d3c-a1cc-42ef-a551-02e6c45c56c5_1200x1200.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1200,&quot;width&quot;:1200,&quot;resizeWidth&quot;:348,&quot;bytes&quot;:262723,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/199411890?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22e96d3c-a1cc-42ef-a551-02e6c45c56c5_1200x1200.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!4le4!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22e96d3c-a1cc-42ef-a551-02e6c45c56c5_1200x1200.jpeg 424w, https://substackcdn.com/image/fetch/$s_!4le4!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22e96d3c-a1cc-42ef-a551-02e6c45c56c5_1200x1200.jpeg 848w, https://substackcdn.com/image/fetch/$s_!4le4!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22e96d3c-a1cc-42ef-a551-02e6c45c56c5_1200x1200.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!4le4!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22e96d3c-a1cc-42ef-a551-02e6c45c56c5_1200x1200.jpeg 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><em><a href="https://www.fixinc.io/bio/umaima-baboojee">Umaima Baboojee</a> is a Resilience Advisor at <a href="https://www.fixinc.io/">Fixinc</a> and a analyst and regular contributor to Unbreakable Ventures. Umaima holds a Master&#8217;s in Crisis and Security Management from Leiden University, specialising in the governance of crisis, and completed a double honours track in Business &amp; Inclusive Leadership and Planet in Peril. Her undergraduate background in International Relations and International Law, with a minor in governance, laid the foundation for her interest in how organisations function under pressure and how teams align around difficult decisions.</em></p><p><em>Before joining Fixinc, she completed an eight-month internship at a crisis management consultancy, where she supported tabletop exercises, contributed to after-action reporting, assessed crisis management plans, and researched the role of AI in crisis response. She also volunteered with the Red Cross in the Netherlands, reinforcing her belief that resilience is not just about plans and frameworks but also about communication, empathy, and the lived realities of people affected by instability.</em></p><p><em>She is based in Dubai. <a href="https://www.linkedin.com/in/umaima-farhan/">You can connect with her on LinkedIn here.</a></em></p><div><hr></div><p>If you need help building a crisis response plan or understanding how the current conflict may affect your operations, the same Advisors who collate these insights are available for a 30-minute consultation. <a href="https://www.fixinc.io/blog/book-a-call">Book time here.</a></p>]]></content:encoded></item><item><title><![CDATA[Breaking Point | Risk Updates for Weeks of 6 May - 20 May '26]]></title><description><![CDATA[Threat concerns this week: The end of sequential crisis management. Nation-states weaponising ransomware. And 5 quick fires including Malaysia's silent supply chain tsunami and tariffs.]]></description><link>https://www.unbreakableventures.com/p/breaking-point-risk-updates-for-weeks</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/breaking-point-risk-updates-for-weeks</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Wed, 20 May 2026 10:55:26 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/198518710/d2c318aee08da5d84b3cb642ee8392a8.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!3UZm!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb752c452-abd1-430e-9a95-eed37067351b_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!3UZm!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb752c452-abd1-430e-9a95-eed37067351b_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!3UZm!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb752c452-abd1-430e-9a95-eed37067351b_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!3UZm!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb752c452-abd1-430e-9a95-eed37067351b_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!3UZm!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb752c452-abd1-430e-9a95-eed37067351b_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!3UZm!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb752c452-abd1-430e-9a95-eed37067351b_1200x720.jpeg" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/b752c452-abd1-430e-9a95-eed37067351b_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:null,&quot;width&quot;:null,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1322344,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/198518710?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb752c452-abd1-430e-9a95-eed37067351b_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!3UZm!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb752c452-abd1-430e-9a95-eed37067351b_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!3UZm!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb752c452-abd1-430e-9a95-eed37067351b_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!3UZm!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb752c452-abd1-430e-9a95-eed37067351b_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!3UZm!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb752c452-abd1-430e-9a95-eed37067351b_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p>Hello &#128075; get a brew on because <strong>these are the top emerging risks between May 6th, and 20th, 2026&#8230;</strong></p><p><strong><a href="https://fixinc.substack.com/about">Review our report&#8217;s terminology here &#8599;</a></strong></p><p>Our main risk this fortnight is&#8230;</p><h2>1. <strong>Economic: Building Systems for Continuous Disruption</strong></h2><ul><li><p>Supply chain shocks no longer arrive one at a time. ASPI analysis argues disruptions now emerge as continuous, concurrent, and cascading pressures, overwhelming traditional crisis response models built for sequential, isolated incidents. Organisations must shift from reactive firefighting to systemic resilience architecture.</p></li><li><p>The concept of &#8220;systems of disruption&#8221; reframes supply chain risk as an interconnected web rather than a chain of discrete events. A pandemic, a trade war, a cyberattack, and a climate disaster can strike simultaneously, each amplifying the others, making linear risk management frameworks dangerously obsolete.</p></li><li><p>COVID-19 exposed a critical weakness: expecting teams to maintain 24/7 crisis operations across overlapping emergencies is unsustainable. Burnout, decision fatigue, and institutional exhaustion degrade response quality precisely when stakes are highest, a lesson many organisations have still not structurally addressed.</p></li><li><p>The World Economic Forum&#8217;s 2025 and 2026 Global Risks Report reinforces this reality, identifying supply chain disruptions among the top risks over the next two years, compounded by geopolitical fragmentation, technological acceleration, and environmental instability occurring in parallel rather than in sequence.</p></li><li><p>McKinsey research estimates that companies can now expect supply chain disruptions lasting a month or longer to occur every 3.7 years on average, with financial losses amounting to significant shares of annual revenue, making resilience investment an economic imperative rather than a discretionary cost.</p></li><li><p>Leaders must build agile, adaptive systems that distribute decision-making, rotate crisis leadership, and embed resilience into everyday operations rather than treating it as an emergency-only function. The organisations that thrive will be those designed for permanent turbulence, not temporary disruption.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.aspistrategist.org.au/to-prepare-for-supply-chain-shocks-focus-on-systems-of-disruption/">To Prepare for Supply Chain Shocks, Focus on Systems of Disruption | ASPI The Strategist | May 2026</a></p></li><li><p><a href="https://www.weforum.org/publications/global-risks-report-2025/">Global Risks Report 2025 | World Economic Forum | January 2025</a></p></li><li><p><a href="https://www.mckinsey.com/capabilities/operations/our-insights/risk-resilience-and-rebalancing-in-global-value-chains">Risk, Resilience, and Rebalancing in Global Value Chains | McKinsey Global Institute | August 2020</a></p></li><li><p><a href="https://www.wto.org/english/res_e/publications_e/wtr23_e.htm">Supply Chain Disruptions and the Effects on the Global Economy | World Trade Organization | 2024</a></p></li><li><p><a href="https://www.whitehouse.gov/wp-content/uploads/2021/06/100-day-supply-chain-review-report.pdf">Building Resilient Supply Chains, Revitalising American Manufacturing | The White House | June 2021</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Operations and supply chain leaders in multinational organisations:</strong> The era of managing one crisis at a time is over. If your crisis playbook assumes disruptions queue up neatly, your teams will face overlapping emergencies with frameworks designed for a simpler world. Structural redesign of response capacity is now urgent.</p></li><li><p><strong>C-suite executives and board members responsible for enterprise risk:</strong> Concurrent disruptions compound financial exposure in ways traditional risk registers do not capture. Boards that treat resilience as a supply chain department issue rather than a strategic governance priority are underestimating the speed at which cascading failures erode enterprise value.</p></li><li><p><strong>Workforce and human resources leadership:</strong> COVID-19 proved that sustained crisis operations break people. If your resilience strategy depends on the same team operating at surge capacity indefinitely, you are building on a foundation that will collapse. Workforce rotation, mental health infrastructure, and distributed decision-making are operational necessities, not perks.</p></li><li><p><strong>Small and medium enterprises with limited redundancy:</strong> Larger firms can absorb concurrent shocks through diversified suppliers and geographic spread. SMEs operating with lean inventories, single-source dependencies, and small crisis teams face existential risk when multiple disruptions overlap, which is now the norm rather than the exception.</p></li><li><p><strong>Government policymakers and critical infrastructure operators:</strong> Cascading supply chain failures do not respect sectoral boundaries. A logistics disruption can trigger a pharmaceutical shortage, which strains healthcare, which affects workforce availability, which deepens the original disruption. Systems thinking must replace siloed crisis management in national resilience frameworks.</p></li></ul><p><em>These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don&#8217;t know what they are, <a href="https://www.fixinc.io">get in touch.</a></em></p><h2>Preventative actions</h2><h5><strong>Design for concurrent disruption, not sequential crisis</strong></h5><ul><li><p>Organisations should stress-test their crisis response frameworks against multiple simultaneous scenarios rather than single-event tabletop exercises. War-gaming overlapping disruptions reveals bottlenecks, capacity gaps, and interdependencies that only appear under compound pressure.</p></li></ul><h5><strong>Rotate crisis leadership and distribute decision authority</strong></h5><ul><li><p>Build tiered crisis teams with clear rotation schedules and delegated authority so no single group bears continuous operational burden. Empowering regional and functional leaders to act autonomously during overlapping emergencies prevents central bottlenecks and reduces burnout.</p></li></ul><h5><strong>Embed resilience into daily operations rather than emergency protocols</strong></h5><ul><li><p>Resilience should not be a plan activated during a crisis but a permanent operating principle. Integrate scenario planning, supplier diversification reviews, and disruption simulations into routine quarterly business processes so adaptive capacity becomes institutional muscle memory.</p></li></ul><h5><strong>Invest in real-time visibility and early warning systems</strong></h5><ul><li><p>Deploy supply chain monitoring tools that aggregate geopolitical, environmental, and operational risk signals into a single dashboard. Early detection of converging threats provides the lead time needed to activate mitigation strategies before cascading failures take hold.</p></li></ul><h5><strong>Build mutual aid networks and cross-sector partnerships</strong></h5><ul><li><p>No organisation can absorb continuous disruption alone. Establish pre-negotiated agreements with industry peers, logistics partners, and government agencies for resource sharing, alternative routing, and coordinated response during compound crises to distribute the burden across a wider network.</p></li></ul><div><hr></div><h2>2. <strong>Technological: State-Backed Ransomware Threatens Private Enterprise</strong></h2><ul><li><p>State-sponsored ransomware operations are escalating against operational technology and critical infrastructure, with cybersecurity experts warning that the line between espionage, sabotage, and financially motivated cybercrime has effectively dissolved as nation-states weaponise ransomware for strategic objectives.</p></li><li><p>Groups linked to Russia, China, North Korea, and Iran are increasingly deploying ransomware not just against government targets but against private enterprises that form the backbone of national infrastructure, including energy companies, hospitals, logistics firms, and manufacturing operations that serve entire populations.</p></li><li><p>The 2021 Colonial Pipeline attack demonstrated how a single ransomware strike on a private company can cascade into a national crisis, shutting down fuel supply across the US East Coast for days. More recently, the 2023 attack on logistics firm DP World Australia paralysed container operations at major ports, disrupting supply chains across the country for weeks.</p></li><li><p>The healthcare sector has been particularly devastated. The 2024 Change Healthcare ransomware attack, attributed to the ALPHV/BlackCat group with suspected Russian links, disrupted prescription processing and insurance claims for thousands of US pharmacies and hospitals, directly affecting patient care and exposing sensitive medical data of over 100 million individuals.</p></li><li><p>Private businesses often underestimate their exposure because they do not consider themselves geopolitical targets. Yet state-backed actors deliberately target private firms that control critical chokepoints, knowing that disrupting a single logistics provider, energy distributor, or healthcare processor can paralyse services that millions depend on daily.</p></li><li><p>Cybersecurity agencies including CISA and the UK&#8217;s NCSC have issued repeated warnings that operational technology environments remain dangerously under-protected, with many industrial control systems running legacy software, lacking network segmentation, and offering threat actors lateral movement pathways from corporate IT into physical infrastructure.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://industrialcyber.co/features/state-backed-ransomware-activity-raises-new-concerns-over-escalating-threats-to-ot-critical-infrastructure-operations/">State-Backed Ransomware Activity Raises New Concerns Over Escalating Threats to OT Critical Infrastructure Operations | Industrial Cyber | May 2026</a></p></li><li><p><a href="https://www.techtarget.com/whatis/feature/Colonial-Pipeline-hack-explained-Everything-you-need-to-know">Colonial Pipeline Cyber Attack: A Timeline | TechTarget | 2021</a></p></li><li><p><a href="https://www.reuters.com/technology/cybersecurity/dp-world-australia-ports-resume-operations-after-cyber-attack-2023-11-13/">DP World Australia Cyber Attack Disrupts Port Operations | Reuters | November 2023</a></p></li><li><p><a href="https://techcrunch.com/2024/10/24/unitedhealth-change-healthcare-breach-affected-over-100-million-people/">Change Healthcare Cyberattack Exposes Data of Over 100 Million People | TechCrunch | October 2024</a></p></li><li><p><a href="https://www.cisa.gov/topics/cyber-threats-and-advisories">CISA Warns of Ongoing Cyber Threats to Critical Infrastructure | CISA | 2024</a></p></li><li><p><a href="https://www.ncsc.gov.uk/section/information-for/large-organisations">State-Sponsored Cyber Threats: What Private Businesses Need to Know | UK National Cyber Security Centre | 2024</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Private enterprises operating critical infrastructure or essential services:</strong> If your company distributes fuel, processes medical claims, operates ports, or manages logistics networks, you are a strategic target regardless of your size. State-backed actors select victims based on systemic impact, not profile, and your disruption becomes a national crisis.</p></li><li><p><strong>Operational technology and industrial control system operators:</strong> Legacy OT environments with poor network segmentation are the primary entry vector for state-backed ransomware moving from IT systems into physical infrastructure. If your industrial controls are connected to corporate networks without robust isolation, your physical operations are exposed.</p></li><li><p><strong>Healthcare organisations and pharmaceutical supply chains:</strong> The Change Healthcare attack proved that a single compromised node in health infrastructure can disable prescription services, delay care, and expose millions of patient records. Any organisation in the healthcare value chain that lacks robust cyber resilience is both a target and a liability.</p></li><li><p><strong>Small and mid-sized suppliers to critical industries:</strong> State-backed actors increasingly exploit smaller vendors as entry points into larger targets. If your cybersecurity posture is weaker than your clients&#8217; and you have network access or data-sharing agreements with critical infrastructure operators, you represent a high-value attack vector.</p></li><li><p><strong>Boards and executive leadership teams without cyber literacy:</strong> Ransomware is no longer an IT department problem; it is a strategic, geopolitical, and operational risk that can halt revenue, trigger regulatory action, and destroy stakeholder trust overnight. Leadership teams that delegate cyber risk entirely to technical staff are governing blind.</p></li></ul><h2>Preventative actions</h2><h5><strong>Segment operational technology networks from corporate IT</strong></h5><ul><li><p>Implement strict network segmentation between IT and OT environments to prevent lateral movement by attackers. Ensure industrial control systems cannot be reached directly from compromised corporate email or administrative systems, which remain the most common initial access vectors.</p></li></ul><h5><strong>Conduct tabletop exercises simulating state-backed ransomware scenarios</strong></h5><ul><li><p>Move beyond generic cyber incident drills. Simulate scenarios where attackers have nation-state resources, persistence, and strategic objectives. Test your organisation&#8217;s ability to maintain operations, communicate with regulators, and recover critical systems under sustained, sophisticated attack conditions.</p></li></ul><h5><strong>Audit and harden supply chain cyber dependencies</strong></h5><ul><li><p>Map all third-party vendors with access to your systems or data, assess their cybersecurity maturity, and enforce minimum security standards contractually. The weakest link in your supply chain is the most likely entry point for state-sponsored actors targeting your operations.</p></li></ul><h5><strong>Maintain offline, immutable backups of critical systems and data</strong></h5><ul><li><p>Ensure that backups for essential operational systems are stored offline and tested regularly for restoration integrity. State-backed ransomware groups increasingly target backup infrastructure to maximise leverage, making air-gapped copies a non-negotiable defence layer.</p></li></ul><h5><strong>Engage with national cybersecurity agencies and threat intelligence sharing</strong></h5><ul><li><p>Register with CISA, NCSC, or equivalent national agencies to receive timely threat advisories and indicator-of-compromise feeds relevant to your sector. Participate in industry-specific information sharing and analysis centres to benefit from collective early warning intelligence.</p></li></ul><div><hr></div><h2>Quick snippet stories</h2><ol><li><p><strong>Asia&#8217;s Tech Boom Masks Deeper Oil Crisis Vulnerability</strong> <br>Asia&#8217;s technology-driven economic growth is masking significant exposure to the ongoing global oil crisis, with energy-intensive manufacturing and logistics costs rising sharply. The risk is that governments, buoyed by strong tech sector performance, delay necessary energy diversification and fiscal buffers, leaving economies dangerously exposed if oil disruptions deepen or tech demand softens simultaneously. <a href="https://www.cnn.com/2026/05/12/tech/tech-boom-oil-crisis-asia-economy-warning-intl-hnk-dst">Main link to resource</a></p></li><li><p><strong>Malaysia Warns of Silent Supply Chain Shockwaves</strong> <br>Malaysia&#8217;s Trade Minister Tengku Zafrul has warned that supply chain disruptions are hitting the nation in waves that are difficult to detect until damage is done. The concern is that cascading second and third-order effects on Malaysian manufacturers and exporters are being underestimated, with smaller firms particularly vulnerable to input shortages and margin compression before policymakers can intervene effectively. <a href="https://newswav.com/article/the-silent-tsunami-tengku-zafrul-warns-of-supply-chain-shockwaves-hitting-m-A2605_I5fzyH">Main link to resource</a></p></li><li><p><strong>US-China Rare Earth Deal Delivers Limited Relief</strong> <br>A recent US-China rare earth agreement offers only marginal supply chain relief as Beijing retains tight export controls over critical minerals essential to defence, electronics, and clean energy industries. The risk remains that strategic dependency on Chinese rare earth processing persists despite diplomatic optics, leaving Western manufacturers exposed to future supply weaponisation during geopolitical escalation. <a href="https://moderndiplomacy.eu/2026/05/18/us-china-rare-earth-deal-offers-limited-relief-as-beijing-maintains-tight-export-controls/">Main link to resource</a></p></li><li><p><strong>Tariff Uncertainty Set to Intensify for Agricultural Exporters</strong> <br>New Zealand&#8217;s agricultural sector faces renewed tariff volatility as global trade negotiations stall and retaliatory measures accelerate. The risk is that exporters who adjusted to the initial tariff environment may be caught off guard by a second wave of escalation, compressing margins further and disrupting established market access strategies at a time when input costs are already elevated. <a href="https://www.farmersweekly.co.nz/markets/tariff-ride-may-be-about-to-pick-up-speed-again/">Main link to resource</a></p></li><li><p><strong>Political Risk Shifts From War Zones to Contested Systems</strong> <br>Willis warns that political risk is migrating from traditional conflict zones into contested economic and regulatory systems, including trade networks, sanctions regimes, and digital infrastructure governance. The implication is that businesses previously insulated from geopolitical exposure now face disruption through regulatory fragmentation, sanctions overreach, and the politicisation of supply chains, requiring a fundamental rethink of where political risk actually resides. <a href="https://www.insurancebusinessmag.com/uk/news/business-resilience/political-risk-shifts-from-war-zones-to-contested-systems-willis-warns-574974.aspx">Main link to resource</a></p></li></ol><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><h2>Coming soon at Unbreakable Ventures</h2><div class="native-video-embed" data-component-name="VideoPlaceholder" data-attrs="{&quot;mediaUploadId&quot;:&quot;2dce9f46-f46d-404e-9ad1-bcbf07cc985c&quot;,&quot;duration&quot;:null}"></div><p>We are excited to share some new releases and improvements for our fortnightly update. These include an interactive flow chart of industry-specific threats, characterised through our core threat categories. This will allow you to see how stories we&#8217;ve been monitoring for those two criteria fluctuate over time.</p><p>Additionally, we will share our <em>Disruption Risk</em> chart that shows the specific events happening within the selected industry. For example, it will show the count of how many significant cyber attacks have affected ports, or how tariffs are impacting trade, giving you a visual overview of this week&#8217;s threats.</p><p>And finally, we have noticed that hundreds of the stories we&#8217;re not able to squeeze into our updates are going to waste. So we will provide a small widget in these articles, allowing you to view external articles on stories that didn&#8217;t make it into the update.</p><p>Watch this space for these fresh updates, and make sure to subscribe to get the most out of them.</p><div><hr></div><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unbreakable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/breaking-point-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/breaking-point-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/breaking-point-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item><item><title><![CDATA[Ctrl Alt Delete | Risk Updates for Weeks of 22 April - 6 May '26]]></title><description><![CDATA[Threat concerns this week: The AI blame game hiding human negligence. Fiji a key cartel hub. And 5 quick fires on reinsurance shifts, shadow supply chains and mining failures.]]></description><link>https://www.unbreakableventures.com/p/ctrl-alt-delete-risk-updates-for</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/ctrl-alt-delete-risk-updates-for</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Wed, 06 May 2026 04:59:46 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/196504240/af89d5a3c410c4a72334661d68a14563.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!HLEb!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57339aca-335f-4505-9ec3-7677478f0c2b_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!HLEb!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57339aca-335f-4505-9ec3-7677478f0c2b_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!HLEb!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57339aca-335f-4505-9ec3-7677478f0c2b_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!HLEb!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57339aca-335f-4505-9ec3-7677478f0c2b_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!HLEb!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57339aca-335f-4505-9ec3-7677478f0c2b_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!HLEb!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57339aca-335f-4505-9ec3-7677478f0c2b_1200x720.jpeg" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/57339aca-335f-4505-9ec3-7677478f0c2b_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:null,&quot;width&quot;:null,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:760199,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/196504240?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57339aca-335f-4505-9ec3-7677478f0c2b_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!HLEb!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57339aca-335f-4505-9ec3-7677478f0c2b_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!HLEb!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57339aca-335f-4505-9ec3-7677478f0c2b_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!HLEb!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57339aca-335f-4505-9ec3-7677478f0c2b_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!HLEb!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57339aca-335f-4505-9ec3-7677478f0c2b_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p>Hello &#128075; get a brew on because <strong>these are the top emerging risks between April 22nd, and May 6th, 2026&#8230;</strong></p><p><strong><a href="https://fixinc.substack.com/about">Review our report&#8217;s terminology here &#8599;</a></strong></p><p>Our main risk this fortnight is&#8230;</p><h2>1. <strong>Technological: AI Blame Game Masks Human Negligence</strong></h2><ul><li><p>An AI chatbot built on Anthropic&#8217;s Claude model deleted an entire company database after being given overly broad instructions, wiping out critical business data for a small firm and raising urgent questions about how organisations govern autonomous AI tool use. The incident, reported by The Guardian, has sparked a wave of media coverage framing the AI itself as the culprit, but the deeper lesson is about human oversight failures at every stage of the chain.</p></li><li><p>The root cause of this incident is not a rogue AI but a series of human decisions: someone chose to connect an AI tool directly to a live production database, someone failed to implement adequate safeguards or backup protocols, and someone issued instructions without sufficient specificity or constraint. At each of these junctures, a human being either actively decided or passively neglected to enforce basic data protection and operational controls.</p></li><li><p>This pattern mirrors virtually every major cyber incident in history. From the 2017 Equifax breach to the 2020 SolarWinds attack, post-incident analysis consistently reveals that human error, negligence, or poor governance was the enabling condition. AI tools like Claude are powerful but fundamentally lack judgment about organisational context, data criticality, or irreversibility of actions. That judgment must come from the humans who deploy them.</p></li><li><p>The trend of employees bypassing corporate AI policies is already well documented in banking sectors across Southeast Asia. In Malaysia, Thailand, and Vietnam, bank workers have been found using large language models on personal laptops to process sensitive financial data, circumventing their employers&#8217; formal AI usage restrictions. These shadow AI practices expose institutions to data leakage, regulatory breach, and reputational damage, and they are driven by the same root cause: insufficient human governance, training, and enforcement.</p></li><li><p>As organisations accelerate AI adoption, the gap between the speed of deployment and the maturity of internal governance frameworks is widening. Until resilience thinking, AI literacy, and clear accountability structures catch up, incidents like this will multiply. The technology is not the threat. The threat is the assumption that powerful tools can be deployed without proportionately powerful oversight.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.theguardian.com/technology/2026/apr/29/claude-ai-deletes-firm-database">Claude AI deletes firm&#8217;s database in incident that has shaken AI community | The Guardian | April 2026</a></p></li><li><p><a href="https://www.technologyreview.com/2026/03/15/1093200/when-ai-goes-wrong-human-factors/">When AI Goes Wrong: The Human Factors Behind Autonomous System Failures | MIT Technology Review | March 2026</a></p></li><li><p><a href="https://hbr.org/2026/02/shadow-ai-how-employees-are-bypassing-corporate-ai-policies">Shadow AI: How Employees Are Bypassing Corporate AI Policies | Harvard Business Review | February 2026</a></p></li><li><p><a href="https://asia.nikkei.com/Business/Finance/Southeast-Asian-banks-grapple-with-unauthorized-AI-use-by-staff">Southeast Asian Banks Grapple with Unauthorised AI Use by Staff | Nikkei Asia | January 2026</a></p></li><li><p><a href="https://www.weforum.org/stories/2025/12/the-real-cybersecurity-threat-is-human-error/">The Real Cybersecurity Threat Is Human Error, Not Technology | World Economic Forum | December 2025</a></p></li><li><p><a href="https://www2.deloitte.com/us/en/insights/topics/emerging-technologies/ai-governance-gap.html">AI Governance Gap: Why Organisations Are Deploying Faster Than They Can Govern | Deloitte Insights | March 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Small and medium-sized businesses adopting AI tools without dedicated IT governance:</strong> This incident is a direct warning. SMEs often lack the internal expertise or resources to implement proper sandboxing, backup systems, and access controls when integrating AI into workflows. The temptation to connect powerful AI tools directly to critical systems without adequate safeguards is highest where technical staffing is thinnest, and the consequences of a single error can be existential for a small firm.</p></li><li><p><strong>Financial institutions and regulated industries in Southeast Asia and globally:</strong> The documented pattern of bank employees in Malaysia, Thailand, and Vietnam using personal devices and unsanctioned LLMs to process sensitive data represents an active, ongoing regulatory and data security risk. If your organisation has not audited how staff are actually using AI tools, as opposed to how policy says they should, you are likely already exposed.</p></li><li><p><strong>Chief Information Security Officers and IT leadership across all sectors:</strong> Every AI tool connected to internal systems represents a new attack surface and a new vector for accidental data destruction. If your AI governance framework was written before 2025, it is almost certainly inadequate for the current generation of autonomous agent-capable models that can execute multi-step actions on live systems.</p></li><li><p><strong>Boards of directors and senior executives with fiduciary responsibility:</strong> Liability for AI-caused damage does not rest with the AI vendor. It rests with the organisation that deployed the tool and the decision-makers who approved or failed to govern its use. Courts and regulators will increasingly look to board-level accountability when AI tools cause material harm.</p></li><li><p><strong>Employees using AI tools in their daily work:</strong> Individual workers are often the last line of defence. If you are issuing instructions to an AI tool that has access to sensitive or irreplaceable data, the responsibility for understanding what that tool can do, and what it might do if your instructions are ambiguous, falls partly on you. The excuse that &#8220;the AI did it&#8221; will not protect careers or organisations.</p></li></ul><p><em>These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don&#8217;t know what they are, <a href="https://www.fixinc.io">get in touch.</a></em></p><h2>Preventative actions</h2><h5><strong>Never connect AI tools directly to production databases or critical systems without sandboxing</strong></h5><ul><li><p>Establish a mandatory architecture rule: AI tools must operate in isolated environments with read-only access to production data by default. Any write or delete capability must require explicit human authorisation through a separate approval workflow, not a natural language prompt. Backup and rollback procedures should be tested regularly and must be in place before any AI integration goes live.</p></li></ul><h5><strong>Conduct an immediate shadow AI audit across your organisation</strong></h5><ul><li><p>Survey and technically audit how employees are actually using AI tools, including on personal devices, through browser-based interfaces, and via third-party plugins. The gap between official policy and actual practice is where risk lives. Implement monitoring tools that can detect when sensitive data is being uploaded to external AI services, and pair enforcement with education rather than relying solely on prohibition.</p></li></ul><h5><strong>Build AI literacy programmes that emphasise human accountability, not AI fear</strong></h5><ul><li><p>Training should focus not on demonising AI but on building genuine understanding of how these tools work, where they fail, and what safeguards are non-negotiable. Every employee who interacts with an AI system should understand the concept of irreversibility, the importance of specificity in instructions, and their personal accountability for outcomes. Frame AI as a power tool: immensely useful, but dangerous without training and respect.</p></li></ul><h5><strong>Establish clear escalation and incident response protocols for AI-related failures</strong></h5><ul><li><p>Organisations should have a documented playbook for what to do when an AI tool causes unintended harm, including data destruction, data leakage, or erroneous outputs that affect customers or operations. This playbook should include immediate containment steps, communication templates, regulatory notification timelines, and a post-incident review process that feeds back into governance improvements.</p></li></ul><h5><strong>Embed AI governance into existing risk management and compliance frameworks</strong></h5><ul><li><p>AI oversight should not be a standalone initiative. It should be integrated into enterprise risk management, internal audit cycles, and compliance programmes. Assign clear ownership at the executive level, include AI risk in board reporting, and ensure that governance evolves at the same pace as the technology being deployed. What was adequate governance six months ago is likely insufficient today.</p></li></ul><div><hr></div><h2>2. <strong>Geopolitical: Pacific Drug Superhighway Threatens Regional Stability</strong></h2><ul><li><p>Fiji has transformed from a low-crime tourist destination into a critical transit hub on what law enforcement and analysts now call the Pacific &#8220;drug superhighway,&#8221; a network of maritime routes linking Latin American cocaine and methamphetamine producers, principally Mexico&#8217;s Sinaloa cartel and Ecuadorian trafficking networks, to the lucrative consumer markets of Australia and New Zealand. Multi-tonne seizures in Fijian waters and on Fijian soil have escalated from kilograms in the late 2010s to 4.8 tonnes of methamphetamine in January 2024 and 2.64 tonnes of cocaine in January 2026, representing a structural shift in transnational organised crime that is overwhelming Pacific Island law enforcement capacity.</p></li><li><p>The crisis extends far beyond drug trafficking. Fiji is now experiencing cascading social consequences including what UNAIDS data describes as one of the fastest-growing HIV epidemics in the world, with new diagnoses rising from 147 in 2020 to over 1,500 in 2024, driven substantially by intravenous drug use. Between January 2024 and August 2025, Fiji Police recorded over 3,000 drug-related arrests, the majority involving offenders aged 18 to 35, signalling a generational public health and social stability crisis.</p></li><li><p>State corruption is a defining feature of this crisis, not a side effect. Twenty-seven Fiji police officers were charged in 33 drug-related cases between January 2023 and October 2025. The country&#8217;s Counter Narcotics Bureau was effectively dissolved in September 2025 after officers from the unit itself were arrested for drug offences. Former Prime Minister Frank Bainimarama and former Police Commissioner Sitiveni Qiliho have been convicted of obstruction of justice, with allegations that a joint military-police drug raid near Nadi was actively stopped under Qiliho&#8217;s authority.</p></li><li><p>Australian and New Zealand organised crime networks, including the Comancheros, Alameddine network, and KVT gang, are exploiting Pacific Island states as operational bases, recruitment grounds, and transit points. Australia&#8217;s &#8220;Section 501&#8221; deportation policy, which returns convicted criminals to their countries of origin or heritage, has been repeatedly identified by Pacific police chiefs as a primary accelerant of gang proliferation across the region, effectively exporting Australian organised crime infrastructure into nations with limited law enforcement capacity.</p></li><li><p>Regional and international responses are scaling but remain outpaced by the threat. The Australian-funded Pacific Policing Initiative, endorsed in August 2024 at AU$400 million over five years, is the centrepiece of the multilateral response, complemented by formal US DEA engagement in Fiji since mid-2025 and the UNODC&#8217;s landmark Pacific Transnational Organised Crime report. The January 2026 Vatia cocaine bust, a joint Fiji Police, AFP, and DEA operation, demonstrated improved intelligence-sharing capability, but Fiji&#8217;s Police Minister has labelled the situation a &#8220;national emergency&#8221; and Prime Minister Rabuka publicly considered but ultimately declined to declare a formal State of Emergency in May 2026.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://newlinesmag.com/reportage/tracking-the-pacific-drug-highway/">Tracking the Pacific Drug Highway | New Lines Magazine | 2026</a></p></li><li><p><a href="https://www.rnz.co.nz/news/pacific/594161/fiji-considers-state-of-emergency-over-drugs-and-gangs-as-police-and-military-crackdown-ramps-up">Fiji considers state of emergency over drugs and gangs as police and military crackdown ramps up | RNZ | April 2026</a></p></li><li><p><a href="https://www.unodc.org/unodc/en/press/releases/2024/October/unodc-report-exposes-escalating-threat-of-organized-crime-in-the-pacific.html">UNODC report exposes escalating threat of organized crime in the Pacific | UNODC | October 2024</a></p></li><li><p><a href="https://www.thejakartapost.com/world/2024/10/09/pacific-island-nations-swamped-by-global-drug-trade.html">Pacific island nations swamped by global drug trade | AFP via Jakarta Post | October 2024</a></p></li><li><p><a href="https://www.lowyinstitute.org/the-interpreter/pacific-islands-become-collateral-damage-drug-superhighway">The Pacific Islands become collateral damage on drug superhighway | Lowy Institute | 2025</a></p></li><li><p><a href="https://www.lowyinstitute.org/the-interpreter/fiji-s-cocaine-seizure-shows-pacific-learning-fight-back">Fiji&#8217;s cocaine seizure shows the Pacific is learning to fight back | Lowy Institute | January 2026</a></p></li><li><p><a href="https://www.youtube.com/watch?v=WWh7PZtrYrs">ABC Foreign Correspondent &#8220;Cartel Paradise&#8221; Parts 1 and 2 | ABC Australia | April 2026</a></p></li><li><p><a href="https://www.occrp.org/en/news/fiji-police-probe-senior-officers-over-alleged-links-to-drug-traffickers">Fiji Police probe senior officers over alleged links to drug traffickers | OCCRP | 2025</a></p></li><li><p><a href="https://thediplomat.com/2024/08/pacific-islands-agree-on-270-million-pacific-policing-initiative/">Pacific Islands agree on $270M Pacific Policing Initiative | The Diplomat | August 2024</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Tourism operators, resort chains, and travel insurers with Pacific Island exposure:</strong> Fiji&#8217;s positioning as a safe, idyllic destination is under direct threat. The combination of drug-related violent crime, police corruption, potential states of emergency, and military roadblocks materially changes the risk profile for tourism investment, guest safety, and insurance underwriting across the region. Reputational contagion may spread to neighbouring Pacific Island destinations even if their direct exposure is lower.</p></li><li><p><strong>Australian and New Zealand communities, particularly Pacific Islander diaspora populations:</strong> The demand side of this crisis sits in Sydney, Melbourne, Auckland, and Christchurch. Australian and New Zealand drug consumption, described by the AFP as an &#8220;insatiable appetite,&#8221; is the economic engine powering the destruction of Pacific Island societies. Diaspora communities face the double burden of watching their homelands destabilised while their young people in Australia and New Zealand are recruited by outlaw motorcycle gangs and syndicate networks like the KVT and Comancheros.</p></li><li><p><strong>Maritime logistics, shipping, and port operators in the Pacific:</strong> The discovery of narco-submarines off Solomon Islands, ship-to-ship drug transfers outside Fiji&#8217;s exclusive economic zone, and cocaine concealed in shipping containers at Pacific ports means that legitimate maritime operators face heightened regulatory scrutiny, potential criminal liability for unwitting involvement, and increased insurance costs. The Pacific maritime domain is now an active theatre of transnational crime.</p></li><li><p><strong>Pacific Island governments and their security institutions:</strong> The Fiji experience demonstrates that organised crime does not merely transit through weak states; it actively corrupts them. The dissolution of Fiji&#8217;s Counter Narcotics Bureau, the conviction of a former police commissioner, and the investigation of senior officers should be treated as a warning that no Pacific Island security institution can be assumed to be free of infiltration. The corruption risk scales with the value of the drugs moving through each jurisdiction.</p></li><li><p><strong>International development agencies and donor governments:</strong> Billions of dollars in development aid flow to the Pacific region annually. If organised crime is corrupting the very state institutions that development programmes rely on for implementation, the effectiveness of that aid is compromised. Development strategy must now integrate organised crime as a first-order threat to governance, public health, and economic stability across the Pacific.</p></li><li><p><strong>Global health organisations and HIV/AIDS response agencies:</strong> Fiji&#8217;s HIV epidemic, with diagnoses increasing roughly tenfold in four years and 33 babies born with HIV in the first half of 2025 alone, is a direct consequence of the methamphetamine crisis and represents a public health emergency that is not receiving proportionate international attention or funding.</p></li></ul><h2>Preventative actions</h2><h5><strong>Reassess Pacific regional risk profiles beyond traditional natural disaster and climate frameworks</strong></h5><ul><li><p>Risk managers, insurers, and corporate strategists with Pacific exposure should immediately update their risk models to incorporate transnational organised crime as a structural, not episodic, threat. The Pacific drug highway is not a temporary disruption; it is a permanent feature of the regional risk landscape driven by immovable economic incentives: sky-high Australian and New Zealand street prices for cocaine and methamphetamine. Scenario planning should model escalation pathways including further state corruption, expanded cartel territorial presence, and the potential for violent inter-syndicate competition in island nations with minimal security capacity.</p></li></ul><h5><strong>Advocate for reform of Australia&#8217;s Section 501 deportation policy</strong></h5><ul><li><p>The policy of deporting convicted criminals to Pacific Island nations has been identified by multiple Pacific police commissioners and transnational crime analysts as one of the single greatest accelerants of organised crime proliferation in the region. Organisations with regional interests should engage with policy forums and government consultations to push for alternatives that do not simply export criminal networks into jurisdictions with a fraction of Australia&#8217;s law enforcement resources. At minimum, deportation should be accompanied by structured intelligence-sharing with receiving nations and funded post-deportation monitoring programmes.</p></li></ul><h5><strong>Strengthen maritime domain awareness and due diligence for Pacific shipping operations</strong></h5><ul><li><p>Any organisation operating vessels, managing ports, or routing cargo through the Pacific should implement enhanced due diligence protocols including crew vetting, cargo anomaly detection, and real-time reporting to regional coordination centres such as the Pacific Transnational Crime Coordination Centre and the Pacific Fusion Centre. The discovery of narco-submarines and ship-to-ship transfers outside exclusive economic zones means the threat operates in waters where no single nation has effective surveillance, making industry self-reporting and cooperation with naval patrols essential.</p></li></ul><h5><strong>Fund and support institutional integrity programmes in Pacific law enforcement</strong></h5><ul><li><p>The AU$400 million Pacific Policing Initiative is a necessary but insufficient response if the institutions it strengthens are themselves compromised. Donor governments and multilateral agencies should condition funding on transparent integrity vetting, independent anti-corruption oversight, and whistleblower protection mechanisms. The Fiji Counter Narcotics Bureau collapse is a case study in what happens when capability is built without corresponding accountability architecture.</p></li></ul><h5><strong>Integrate public health response with counter-narcotics strategy</strong></h5><ul><li><p>Fiji&#8217;s HIV epidemic cannot be addressed in isolation from the drug crisis that is driving it. International health organisations, donor governments, and Pacific Island health ministries should develop integrated response plans that combine harm reduction, treatment access, and community education with enforcement and interdiction efforts. The current approach of treating drug trafficking and its public health consequences as separate problems is failing.</p></li></ul><h2>Quick snippet stories</h2><ol><li><p><strong>Bushfire Destroys $1.8 Million Wine Business, Exposing Underinsurance Risk<br></strong>An Australian couple lost their entire wine business to bushfire, turning a $1.8 million investment to ash. The story underscores a persistent and under-discussed risk: many small agricultural and rural businesses carry insufficient insurance to cover full asset replacement, particularly for bespoke operations like vineyards where rebuilding costs exceed market valuations. As bushfire seasons intensify under changing climate conditions, small business owners in fire-prone regions should conduct annual insurance adequacy reviews, ensure policies cover not just structures but stock, lost revenue, and business interruption, and maintain defensible space and emergency response plans as both physical and financial safeguards. <a href="https://www.sbs.com.au/news/small-business-secrets/article/bushfire-turned-a-couples-dollar-1-8-million-wine-dream-to-ash/x6fmctwhz">Main link to resource</a></p></li><li><p><strong>Singapore Manufacturing Grows, but Conflict-Driven Cost Inflation Persists<br></strong>Singapore&#8217;s factory activity continues to expand, but the ongoing Iran conflict is inflating input costs and disrupting supply chains across the manufacturing sector. The risk lies not in contraction but in margin erosion: manufacturers absorbing higher raw material, energy, and logistics costs may sustain production volumes while profitability deteriorates, a pattern that can mask vulnerability until a demand shock exposes it. Businesses reliant on Middle Eastern energy flows or shipping routes through contested waters should lock in supply contracts where possible, diversify sourcing, and stress-test financial resilience against sustained cost elevation rather than assuming conflict-driven inflation is temporary. <a href="https://www.straitstimes.com/business/economy/singapore-factory-activity-expands-though-iran-war-continues-to-inflate-costs-disrupt-supply">Main link to resource</a></p></li><li><p><strong>When Supply Chains Go Dark, Risk Compounds Invisibly<br></strong>Research from the London School of Economics highlights a growing and underappreciated threat: supply chain opacity, where disruptions in lower-tier suppliers go undetected until they cascade into visible failures. The core risk is that most organisations lack visibility beyond their immediate, first-tier suppliers, meaning that a factory closure, sanctions exposure, or natural disaster three or four tiers deep can trigger production halts with zero early warning. Companies should invest in multi-tier supply chain mapping tools, require key suppliers to disclose their own critical dependencies, and build buffer inventory for components with concentrated or opaque sourcing. <a href="https://blogs.lse.ac.uk/businessreview/2026/04/28/what-happens-when-supply-chains-go-dark/">Main link to resource</a></p></li><li><p><strong>Reinsurance Costs Signal Structural Shift in Climate Risk Pricing<br></strong>Carrier Management reports that reinsurance pricing is hardening further as insurers and reinsurers reprice portfolios in response to escalating natural catastrophe losses. The risk for businesses is not just higher premiums but potential coverage withdrawal from high-exposure regions, leaving assets effectively uninsurable. This pricing shift reflects a structural reassessment of climate risk, not a cyclical market correction, meaning organisations in exposed geographies should engage insurers proactively, invest in physical resilience measures that improve insurability, and explore parametric or alternative risk transfer mechanisms before traditional coverage becomes unavailable or unaffordable. <a href="https://www.carriermanagement.com/news/2026/04/30/287384.htm">Main link to resource</a></p></li><li><p><strong>Mining Sector Recovers Cents on the Dollar from Insurance Claims<br></strong>Mining Magazine reports that mining companies are recovering only a fraction of insured losses from major claims, highlighting a widening gap between assumed coverage and actual payouts. The risk is that mining operators are making capital allocation and investment decisions based on insurance protection that may not materialise when needed, particularly for complex, multi-peril events involving environmental liability, business interruption, and regulatory shutdown. Mining executives and risk managers should conduct forensic reviews of policy wordings, engage specialist loss adjusters before incidents occur, and consider whether self-insurance reserves or captive structures provide more reliable protection for high-severity, low-frequency events. <a href="https://www.miningmagazine.com/management/news-analysis/4530729/mining-insurance-recovers-cents-dollar">Main link to resource</a></p></li></ol><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><div><hr></div><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unbreakable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/ctrl-alt-delete-risk-updates-for?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/ctrl-alt-delete-risk-updates-for?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/ctrl-alt-delete-risk-updates-for?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item><item><title><![CDATA[How the Iran War Ended Up in Your Bedroom]]></title><description><![CDATA[A Malaysian company makes one in five of the world&#8217;s condoms. In five years, it has been hit by three different geopolitical crises. The pattern says more about modern supply chains than headlines do.]]></description><link>https://www.unbreakableventures.com/p/how-the-iran-war-ended-up-in-your</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/how-the-iran-war-ended-up-in-your</guid><dc:creator><![CDATA[Umaima Farhan]]></dc:creator><pubDate>Wed, 29 Apr 2026 09:01:06 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!4Glg!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!4Glg!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!4Glg!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!4Glg!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!4Glg!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!4Glg!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!4Glg!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:522121,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/195835213?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!4Glg!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!4Glg!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!4Glg!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!4Glg!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99f50c69-cd8c-4632-bcb8-d06f84b5dacc_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>The length of this piece provides the respect this story deserves. But not everyone has time to digest it fully. That&#8217;s why in this article, the Unbreakable Ventures team has created the <em><strong>Karex Intelligence Map</strong></em>.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;http://karex-mindmap-699305360676-ap-southeast-2-an.s3-website-ap-southeast-2.amazonaws.com/&quot;,&quot;text&quot;:&quot;Explore the Mindmap&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="http://karex-mindmap-699305360676-ap-southeast-2-an.s3-website-ap-southeast-2.amazonaws.com/"><span>Explore the Mindmap</span></a></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!oA8Q!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbb43058-07a4-4810-9d2c-95ac818e7cd6_1280x832.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!oA8Q!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbb43058-07a4-4810-9d2c-95ac818e7cd6_1280x832.jpeg 424w, https://substackcdn.com/image/fetch/$s_!oA8Q!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbb43058-07a4-4810-9d2c-95ac818e7cd6_1280x832.jpeg 848w, https://substackcdn.com/image/fetch/$s_!oA8Q!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbb43058-07a4-4810-9d2c-95ac818e7cd6_1280x832.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!oA8Q!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbb43058-07a4-4810-9d2c-95ac818e7cd6_1280x832.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!oA8Q!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbb43058-07a4-4810-9d2c-95ac818e7cd6_1280x832.jpeg" width="1280" height="832" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/dbb43058-07a4-4810-9d2c-95ac818e7cd6_1280x832.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:832,&quot;width&quot;:1280,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:317024,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/195835213?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbb43058-07a4-4810-9d2c-95ac818e7cd6_1280x832.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!oA8Q!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbb43058-07a4-4810-9d2c-95ac818e7cd6_1280x832.jpeg 424w, https://substackcdn.com/image/fetch/$s_!oA8Q!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbb43058-07a4-4810-9d2c-95ac818e7cd6_1280x832.jpeg 848w, https://substackcdn.com/image/fetch/$s_!oA8Q!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbb43058-07a4-4810-9d2c-95ac818e7cd6_1280x832.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!oA8Q!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdbb43058-07a4-4810-9d2c-95ac818e7cd6_1280x832.jpeg 1456w" sizes="100vw"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a><figcaption class="image-caption">Unbreakable Ventures Karex Mindmap to support this article.</figcaption></figure></div><p>The map has seven branches: <strong>The Trigger, The Pattern, The Company, The Moat, The Health Impact, The Backstop, and The Unreported</strong>. Each one breaks down into smaller sections you can click through. The article and the map cover the same ground in different shapes. The article tells you the story; the map shows you the connections.</p><p>If you only have five minutes, click through the map. If you have twenty, read the article. If you have thirty, do both.</p><div><hr></div><p>There is a factory in Port Klang, Malaysia, you have probably never heard of. It makes one out of every five condoms worldwide. And on April 21<sup>st</sup>, 2026, three sentences from its CEO to a Reuters reporter rippled through pharmacies from Auckland to Dubai, Lagos, and Kuala Lumpur.</p><p>The company is <a href="https://www.karex.com.my">Karex Berhad</a>. The CEO is Goh Miah Kiat, known to everyone in his industry as MK. The story he just told the world about a war four thousand kilometres away is, if you read it carefully, also a story about why the modern global economy keeps breaking in the same place.</p><p>This is not Karex&#8217;s first crisis. It is their third in five years.</p><p>In 2020, the <a href="https://qz.com/2111029/the-worlds-largest-condom-maker-had-a-surprisingly-bad-pandemic">COVID-19 pandemic</a> shut down their factories. Sales fell 40 per cent over two years. In 2020, the company posted its first full-year loss since going public on Bursa Malaysia, the countries stock exchange. MK had bet, publicly; that lockdown would drive demand up. Instead, it cratered.</p><p>In 2022, Russia invaded Ukraine. Russia happens to be a major producer of ammonia, which preserves latex, and of synthetic rubber precursors. Karex&#8217;s <a href="https://www.insage.com.my/Upload/Docs/KAREX/KAREX%20-%20Chairman's%20Statement%202022.pdf#view=Full&amp;pagemode=bookmarks">FY2022 annual report named the war directly</a>, citing inflationary pressures and supply chain disruption. The company set a record for revenue and a record for losses in the same financial year.</p><p>In February 2026, Iran went to war with the United States and closed The Strait of Hormuz. By April, Karex was telling <a href="https://www.reuters.com/business/healthcare-pharmaceuticals/worlds-top-condom-maker-karex-raise-prices-sharply-iran-war-strains-supply-chain-2026-04-21/">Reuters</a> it would raise prices 20 to 30 per cent, perhaps more. MK said current shipments were taking &#8220;close to two months.&#8221;</p><p>Three different geopolitical events. Three direct hits on one factory. There is no structural reform between any of them. But there is a fundamental lesson in dealing with concurrent crises.</p><h2><strong>Why a 33km of ocean sets the price of latex</strong></h2><p>To understand how a tanker dispute in the Persian Gulf reaches a Wellington pharmacy, we should follow the chemistry.</p><p>Latex condoms need Russia&#8217;s ammonia. Non-latex condoms use nitrile, which is made from butadiene, which is made from naphtha. Roughly 60 to 70 per cent of Asia&#8217;s naphtha <a href="https://www.coface.com/news-economy-and-insights/petrochemicals-asian-producers-are-the-most-vulnerable-to-unrest-in-the-middle-east">transits the Strait of Hormuz</a>, arriving from Gulf countries. Lubricants are silicone-based, and also petrochemical. The foil that wraps each condom individually is aluminum, much of it produced in the UAE using cheap Gulf energy.</p><p>The result is Karex&#8217;s price list moves whenever something breaks in the Gulf or Eastern Europe. According to figures cited to <a href="https://www.cnn.com/2026/04/21/business/condom-karex-prices-iran-war">CNN</a> by Davin Wedel, who runs Karex&#8217;s US subsidiary Global Protection Corp, synthetic rubber is up 30 per cent, nitrile up 100 per cent, silicone oil up 25 per cent, and packaging foil up 20 to 30 per cent. Wedel told CNN the situation was &#8220;adding fuel to the fire&#8221; given existing US tariffs.</p><p>For those in the Gulf, this is an awkward truth: your region produces the chemistry that makes most of the world&#8217;s condoms possible. For ASEAN, Malaysia is the manufacturing hub the rest of the world does not notice until it stops working. For New Zealand, the price you will pay at the pharmacy in three to six months is being set right now on a vessel that may or may not arrive.</p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Thanks for reading Unbreakable Ventures! If you enjoy this type of content, consider subscribing for free. No spam, ever.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><h2><strong>Karex&#8217;s largely unreported influence</strong></h2><p>The chairwoman of Karex&#8217;s board is Professor Dato&#8217; Dr. Adeeba Kamarulzaman. She is the President of <a href="https://www.monash.edu.my/">Monash University Malaysia</a>. She is also a former President of the International AIDS Society, the chairperson of the Malaysian AIDS Foundation, a member of the WHO Science Council, and a member of the UNAIDS Advisory Group.</p><p>She chairs the board of the company at the centre of the global condom supply crisis. She also advises the international institutions most affected by Karex&#8217;s pricing decisions on HIV prevention commodities.</p><p>Both roles are fully public. Neither is a secret. They have simply not been connected by any outlet covering the price hike.</p><p>It matters because the HIV picture is already grim before condoms get more expensive. A March 2025 modelling study published in <a href="https://pubmed.ncbi.nlm.nih.gov/40157378/">The Lancet HIV</a> projected that an anticipated 24 per cent average reduction in international aid combined with discontinued PEPFAR support could mean between 4.43 million and 10.75 million additional new HIV infections, and between 770,000 and 2.93 million extra deaths, between 2025 and 2030 across low- and middle-income countries. The researchers noted infection rates would be 30 to 60 per cent higher in <a href="https://www.aidsmap.com/news/jul-2025/us-funding-cuts-cause-immediate-drops-numbers-testing-and-hiv-treatment">key populations</a> such as sex workers, men who have sex with men, and people who inject drugs.</p><p>Stockpiles were already thin. UNAIDS reported in May 2025 that around a quarter of countries surveyed <a href="https://www.unaids.org/en/resources/presscentre/featurestories/2025/may/hiv-commodity-availability-and-management-risks">held six months or less of condom stock</a>. That is the buffer Karex&#8217;s price hike now lands on top of.</p><p>The usual contingency, scaling up PrEP (pre-exposure prophylaxis) to substitute for condom-based prevention, is also wobbling. The same PEPFAR pause that emptied condom programmes also disrupted PrEP delivery in sub-Saharan Africa.</p><p>A separate <a href="https://www.thelancet.com/journals/lanhiv/article/PIIS2352-3018(25)00192-4/fulltext">Lancet HIV modelling study</a> published in October 2025 estimated that a one-year pause of PEPFAR-funded PrEP could result in 15,739 new HIV infections over five years. You cannot replace one disrupted prevention tool with another disrupted prevention tool.</p><p>This is the room the Karex chairwoman walks into when she joins a UNAIDS Advisory Group meeting.</p><h2><strong>The product no one is writing about</strong></h2><p>As with most crisis events, there are connections that influence the other.</p><p>Karex owns Satin Oral Dams through its US subsidiary, Global Protection Corp. Dental dams are made from the same latex and nitrile facing the same supply disruption. They are used during oral sex for STI and HIV prevention, particularly among LGBTQ communities and women.</p><p>The price hike hits dental dams. Nitrile is up 100 per cent, harder than any other input. The institutions that distribute them, NHS sexual health clinics in the UK, Planned Parenthood in the US, AIDS Healthcare Foundation, Brook, GMHC, are operating on fixed budgets.</p><p>This matters because the silence is selective. The same supply chain hits both products. The same regulatory wall blocks emergency substitution for both. The difference is that one gets a global news cycle and the other gets nothing. When you watch how a crisis is told, watch what it leaves out. The populations most affected here are not the ones being asked to comment on it.</p><h2><strong>The certification moat</strong></h2><p>One could argue that Karex is integral to our health system but comes with many vulnerabilities. So, why does no one else make condoms?</p><p>Because like <a href="https://www.unbreakableventures.com/p/tsmc">semi-conductors,</a> they do not have the infrastructure to simply replicate the process. And building one is not a quick process.</p><p>Institutional buyers require the World Health Organization (WHO) prequalification of manufacturing sites. The process takes one to three years.</p><p>Across multiple sites, Karex&#8217;s deep, multi-regulator quality and market-access certifications form a barrier that is difficult for competitors to replicate quickly.</p><p>Alternatives exist like India&#8217;s <a href="https://www.lifecarehll.com/">HLL Lifecare</a>, government owned and prequalified, but capacity is small. China has Guilin Latex, which has scale but also geopolitical baggage and certification gaps. Cupid Limited in India is the only company prequalified for both male and female condoms, but its male output is modest. SKYN&#8217;s polyisoprene is less Hormuz dependent, but it is a retail premium product, not an institutional bulk supply.</p><p>In an emergency, you cannot swap suppliers. The bottleneck is not rubber. The bottleneck is regulation.</p><h2><strong>A pyramid of problems</strong></h2><p>The world&#8217;s two largest condom brands are structurally dependent on outsourced manufacturing, with limited in-house production relative to their global output.</p><p><a href="https://www.reckitt.com/">Durex</a>, is owned by Reckitt Benckiser of Slough, UK. <a href="https://www.churchdwight.com/">Trojan</a>, is owned by Church &amp; Dwight of Ewing, New Jersey. The exact percentage of dependency is not publicly disclosed by either side. But it&#8217;s clear there is an awkward triangle.</p><p>Karex makes Durex while competing with Durex through its own ONE, Pasante, and Carex brands. Karex makes Trojan while competing with Trojan through ONE again. The price hike pushes margin pressure onto Reckitt and Church &amp; Dwight at exactly the moment those companies have their strongest incentive in years to find someone else to make their products.</p><p>Reckitt launched Durex Intensity, a nitrile condom, <a href="https://www.reckitt.com/media/3egf103r/reckitt-q1-2025-rns.pdf">in late 2024 with a global Q1 2025 rollout</a>. Nitrile then doubled in price. Church &amp; Dwight launched TROJAN G.O.A.T. in January 2026 using a <a href="https://investor.churchdwight.com/Investors/news/news-details/2025/Church--Dwight-Reports-Q3-2025-Results/default.aspx">patent-pending Ultra Flex non-latex material</a>. The actual chemical composition is not in public filings. Whether it really decouples from the Hormuz supply chain is anyone&#8217;s guess.</p><p>This interconnected web of suppliers is a fragile balance easily disrupted by the other. But it&#8217;s not unique to condom manufacturing. Thousands of businesses around the world are impacted by the ripple effect the Strait&#8217;s closure represents, if nothing more than through a break in a third party&#8217;s link.</p><h2><strong>When the backstop is uneven</strong></h2><p>If a condom fails or a couple cannot afford one, what comes next depends entirely on where you live. This is where the Karex story stops being only about supply chains and starts being about geography.</p><p><strong>ASEAN.</strong> Across Karex&#8217;s home region, the legal backstop varies wildly. Malaysia&#8217;s own <a href="https://www.rraam.org/faqs/">Penal Code Section 312</a> has, since a 1989 amendment, permitted abortion to preserve a woman&#8217;s life or her physical or mental health, putting Malaysia among the more permissive countries on paper.</p><p>In practice, mifepristone is not registered in Malaysia, public hospitals often require two doctors instead of the legally mandated one, and stigma keeps many providers silent. As recently as May 2025, a 21-year-old woman in Melaka <a href="https://codeblue.galencentre.org/2025/05/punishing-women-for-abortion-is-not-the-answer-azrul-mohd-khalib/">received a nine-month custodial sentence</a> for a self-managed abortion using pills bought online. The Galen Centre noted in the same piece that one in three Malaysian pregnancies in 2022 was unplanned.</p><p>The Philippines maintains a near-total criminal ban with no health exceptions. Indonesia restricts abortion to medical emergency and rape. Thailand decriminalised abortion through 12 weeks in 2022. Singapore is liberal.</p><p>The result: a single ASEAN-wide condom price hike lands on legal systems that range from progressive to punitive, and the women paying the highest cost are those in jurisdictions with the fewest legal options afterwards.</p><p><strong>Oceania.</strong> New Zealand decriminalised abortion in 2020 and treats it as a health matter through 20 weeks.</p><p>Australia varies by state but is broadly accessible. The legal backstop is real. The pressure is therefore financial rather than legal. When retail prices rise, public health budgets like Pharmac and DHB-funded sexual health clinics absorb the difference. The system holds, but it costs more, and the cost falls on taxpayers and clinic budgets rather than on women&#8217;s legal rights.</p><p><strong>GCC.</strong> This is where the dynamic flips most sharply. Across Saudi Arabia, the UAE, Kuwait, Qatar, Bahrain, and Oman, abortion is generally permitted only to save a woman&#8217;s life or in cases of severe foetal impairment, and access is medicalised, gatekept, and culturally constrained.</p><p>In several Gulf states, sex outside marriage remains a criminal offence. For migrant workers in the region, particularly the women working as domestic staff with confiscated passports, an unwanted pregnancy is not just a health event but a legal and immigration crisis.</p><p>The condom is functionally the only contraceptive backstop available before a pregnancy becomes a problem the legal system will not help solve. A 30 per cent price increase on that backstop has a sharper edge in the Gulf than almost anywhere else.</p><p>A modelling study by <a href="https://pmc.ncbi.nlm.nih.gov/articles/PMC12447089/">Avenir Health</a> for the Lancet projected that USAID contraceptive cuts alone could mean 40 to 55 million extra unintended pregnancies and 12 to 16 million unsafe abortions across affected countries. That was before the Karex price hike. The Karex hike sits on top of this.</p><h2><strong>The lesson in this crisis</strong></h2><p>For New Zealand, this is a Pharmac story before it is a Woolworths story. As Olsen put it to Stuff, retailers and public buyers will be deciding whose budget swallows the increase.</p><p>Public health budgets, not retail margins, will absorb most of the impact, and that decision is being made now in offices that do not usually think about Hormuz.</p><p>For ASEAN, this is a story about your region&#8217;s manufacturing exposure. One factory cluster, three regional supply shocks in five years, no structural reform between them. Myanmar and Cambodia are already rationing fuel. Vietnamese schools have shortened hours. The next shock is not a question of if, but when.</p><p>For the Gulf, this is a mirror. The materials that make most of the world&#8217;s condoms come from your refineries, your industrial complexes, and your ports. The fragility being exposed in Port Klang is a fragility your region helped create, and one your region can help solve.</p><p>But this story is not really about condoms. It is about what happens when a single factory becomes structurally important to global health, when its supply chain runs through three of the world&#8217;s most volatile regions at once, and when no one wants to spend the money to build redundancy until the moment redundancy becomes impossible.</p><p>We need institutional reform. We need government support and investment in supply chain disruption. We need to get involved early when a significant supplier shows signs of becoming a single point of failure to critical infrastructure or public health.</p><p>Karex has been telling us this story for five years. But we&#8217;re often distracted by the topic, rather than the lesson it serves.</p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/how-the-iran-war-ended-up-in-your?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">If you enjoyed this piece or learned something new, consider sharing with your network.</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/how-the-iran-war-ended-up-in-your?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/how-the-iran-war-ended-up-in-your?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p>]]></content:encoded></item><item><title><![CDATA[Dubai: Anxious but Functioning]]></title><description><![CDATA[The second dispatch in our series from Umaima Baboojee, Resilience Advisor at Fixinc and Unbreakable Ventures.]]></description><link>https://www.unbreakableventures.com/p/dubai-anxious-but-functioning</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/dubai-anxious-but-functioning</guid><dc:creator><![CDATA[Umaima Farhan]]></dc:creator><pubDate>Fri, 24 Apr 2026 23:30:54 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!Xxsa!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!Xxsa!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!Xxsa!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!Xxsa!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!Xxsa!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!Xxsa!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!Xxsa!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:600467,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/195000338?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!Xxsa!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!Xxsa!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!Xxsa!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!Xxsa!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F205b8d68-5194-4fb2-98c6-f1f9ba264695_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><em>Umaima is based on the ground in Dubai. What follows is drawn from her correspondence over the past fortnight following on from her first piece, </em><a href="https://www.unbreakableventures.com/p/the-iran-war-from-dubai-what-your">The Iran War From Dubai: What Your Newsfeed Is Not Showing You</a></p><h2>The Return to Normal</h2><p>Dubai looks normal again. The roads are moving, sports clubs are open, people are back at dinners and gatherings, and the emergency alerts that once jolted residents awake at 3 or 4 a.m. appear to have stopped. But &#8220;normal&#8221; in the UAE right now is not the same thing as ease.</p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Thanks for reading Unbreakable Ventures! Subscribe for free to receive new posts and support my work.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><p>A few weeks ago, the mood here was different. When the war opened, the group chats lit up constantly. People were refreshing news feeds at midnight, debating whether to book flights, pulling their kids from school pickups early. The television stayed on, not as background noise, but as vigil. There was a specific kind of fear that comes not from knowing what will happen, but from not knowing how bad it might get.</p><p>That first phase has passed. What replaced it wasn&#8217;t confidence. It was adaptation. Somewhere in the middle stretch, a quiet shift happened. People stopped treating every alert as a potential escalation and started filing them alongside the other anxieties of living here: traffic, visa renewals, the cost of rent. The disruption had become, uncomfortably, routine.</p><p>Now, in the last week or so, even that has eased. The emergency alerts that once jolted residents awake at 3 or 4 a.m. appear to have stopped. People I know are back at padel courts and bowling alleys, and back at Friday brunches. The news cycle, which once ran on a constant loop in living rooms, has been turned down. </p><blockquote><p>We know what&#8217;s happening. We don&#8217;t need all the details anymore.</p></blockquote><h2>Schools, Students, and a Quiet Exhaustion</h2><p>Schools across the UAE resumed in-person learning on April 20, ending seven weeks of remote classes that left families drained and frustrated. But the reopening has landed with more skepticism than relief, not least because it came just two days before the ceasefire is set to expire today, April 22 (<a href="https://www.thenationalnews.com/news/uae/2026/04/20/dubai-abu-dhabi-schools-reopen/">The National, April 20, 2026</a>).</p><p>The logistics were chaotic. The Knowledge and Human Development Authority (KHDA) initially confirmed that school buses would not run on reopening day. Then, on April 18, the Ministry of Education reversed the decision and gave the green light for buses to resume, leaving families just two days to rearrange transport plans (<a href="https://www.thenationalnews.com/news/uae/2026/04/18/uae-school-buses/">The National, April 18, 2026</a>). Not all schools opened on the 20th either. Each institution required individual KHDA clearance following inspections and staff safety training, and some had not received approval in time.</p><p>The safety measures inside schools tell their own story. Blue tape now marks safe zones across corridor floors and classrooms. Schools have designated shelter-in-place areas in large interior spaces without glass windows. Evacuation routes are mapped and clearly marked, and some schools have secured agreements with nearby supermarkets and mosques to serve as off-site shelters if buildings need to be evacuated (<a href="https://www.thenationalnews.com/news/uae/2026/04/17/uae-schools-make-final-preparations-to-reopen-after-weeks-of-remote-learning/">The National, April 17, 2026</a>). </p><p>Students received safety briefings and practice drills on their first day back. Outdoor activities remain suspended. Some canteens are closed.</p><p>Beyond the logistics, there is a deeper exhaustion. Major international exams have been cancelled across the UAE for 2026. For other qualifications, schools and awarding bodies are still working out how grades will be determined, with approaches ranging from <a href="https://gulfnews.com/living-in-uae/education/uae-schools-to-reopen-everything-parents-need-to-know-1.500506230">evidence portfolios to other forms of assessed coursework</a>.</p><p>The predictable result: motivation has collapsed, particularly among younger students who were already harder to engage through a screen. The first week of in-person learning is not focused on academics at all. Schools are prioritising emotional regulation, routine, and reconnection. Academic gap-filling starts the week after. Staff training on day one included <a href="https://www.thenationalnews.com/news/uae/2026/04/17/uae-schools-make-final-preparations-to-reopen-after-weeks-of-remote-learning/">breathing techniques</a> and strategies for helping distressed pupils.</p><p>Officials reported <a href="https://www.khaleejtimes.com/uae/uae-schools-reopen-good-attendance-after-distance-learning">over 80% attendance at KHDA-cleared campuses</a> on day one. But that figure only counts schools that opened and students still in the country. A significant number of expatriate families left the UAE when the attacks began and have not returned. </p><p>People I have spoken to describe families who vacated apartments, pulled their children from school, and flew to India or back to home countries because they could no longer take the mental toll. Some are waiting weeks to see whether the ceasefire holds before booking return flights.</p><p>Parents who did send their children back are not celebrating. They are watching the clock. </p><blockquote><p>&#8220;I do feel a little worried about them returning after what happened,&#8221; one parent <a href="https://www.khaleejtimes.com/uae/education/uae-schools-reopen-after-distance-learning-students-excited-april-20">told Khaleej Times</a>, &#8220;but I trust they&#8217;ll be well cared for. If anything happens, we can always return to distance learning&#8221;.</p></blockquote><p>The mood among those still overseas is starker. Several parents I know have said plainly that they will not return until a proper diplomatic agreement is in place, not just a fragile, time-limited ceasefire. For them, the repercussions of this conflict will linger regardless of what happens this week.</p><p>The core tension is timing. The ceasefire announced on April 7 expired April 22. Schools opened two days before that deadline. Every institution has been told it must be ready to switch back to <a href="https://www.thenationalnews.com/news/uae/2026/04/20/dubai-abu-dhabi-schools-reopen/">remote learning at any moment</a>. Whether the reopening survives the week depends on a diplomatic outcome that nobody in the education system controls.</p><p></p><h2>The Surface and the Texture</h2><p>The surface reads as stability. Malls are open. The metro runs. Restaurants are full enough. But the texture has changed. Dubai Mall, which on a normal weekend you&#8217;d avoid for the crowds, is manageable now. Weekend traffic has thinned noticeably. One friend who works in retail at Dubai Mall told me that staff have reached the point of trying to convince their own colleagues to buy things, just to keep the numbers up.</p><p>Hotels and hospitality venues are pushing <em>staycation</em> deals, co-working packages, and discount offers with an enthusiasm that tells its own story. </p><p><a href="https://timesofindia.indiatimes.com/world/middle-east/uae-offers-free-fazaa-membership-in-year-of-the-family-2026-heres-who-can-apply/articleshow/129595562.cms">The Fazaa scheme</a>, which offers subsidised experiences for the first sign-ups, is part of the same effort: keep people spending, keep sentiment up, keep the economy visibly moving.</p><p>There are quieter signals too. The Burj Al Arab has announced 18 months of renovation. Residents raise an eyebrow at that. Eighteen months is a long time for a renovation. The luxury retail corridors are the most telling: the footfall has dropped sharply, and Dubai&#8217;s entire identity is built on that segment. Hospitality is absorbing losses during what should be peak tourist season, before the heat makes the city uninhabitable for visitors. That window is closing without the tourists to fill it.</p><p>Markets have recovered faster than people have. UAE financial indices surged after the April 7 ceasefire, with Dubai posting its largest single-day gain in six years (<a href="https://www.agbi.com/markets/2026/04/dubai-stocks-surge-and-gulf-markets-rebound-on-iran-ceasefire/">AGBI, April 2026</a>). The ADX climbed 4.75% over the past month (<a href="https://tradingeconomics.com/united-arab-emirates/stock-market">Trading Economics, April 21, 2026</a>). But the optimism is evaporating. As of April 21, oil prices have surged back above $95 a barrel, peace talks have stalled, and Trump has warned the ceasefire is "highly unlikely" to be extended (<a href="https://www.thestreet.com/latest-news/stock-market-today-apr-21-2026-updates">TheStreet, April 21, 2026</a>). The gains of the past two weeks may not survive the next two days. </p><p>At sea, caution hasn&#8217;t fully disappeared. Major shipping actors remain wary around Hormuz, and uncertainty around navigation risks persists. The investor recovery and the social mood are moving at different speeds.</p><h2>The Cyber Layer and the Language of Calm</h2><p>The cyber dimension is one that most residents are now living with quietly. The Road and Transport Authority (RTA) app went down. Banking apps have been intermittent. Officially, the story is one of resilience. The UAE is handling hundreds of thousands of attacks per day, and the framing in official communications is always active, never passive. Not <em>we are being attacked</em> but <em>we are managing the volume</em>. Residents I spoke to noticed this. </p><blockquote><p>&#8220;Even if it&#8217;s something bad,&#8221; one person said, &#8220;they will make it seem good.&#8221; </p></blockquote><p>That instinct, to read the register of official communications and understand what sits underneath, is now a background skill that most people here have quietly developed.</p><p>It&#8217;s part of a broader information landscape that nobody fully trusts. People are drawing from government announcements, local outlets, Reddit threads, <em>Lovin Dubai</em>, and Western media, and they distrust each source in a different way. Government statements are considered reliable but curated. Western coverage is seen as sensationalised. Social media is unverifiable. </p><div class="pullquote"><p>&#8220;No one really knows what&#8217;s going on.&#8221;</p></div><p>What nobody does is say any of this publicly. The GCC&#8217;s long-standing culture of political caution hasn&#8217;t changed. If anything, the war has made people more careful. People speak in closed circles. They share opinions in private conversations, in apartments, in cars. </p><p>Online, they&#8217;re careful. &#8220;You cannot incite public disruption,&#8221; one person explained, matter-of-factly, as though describing a weather pattern. &#8220;That&#8217;s always been there. It&#8217;s not new.&#8221; The distinction between what is said in a group chat and what is said on a public platform is one that residents maintain almost instinctively.</p><h2>Contingency Thinking Behind Closed Doors</h2><p>The more honest conversations are happening behind closed doors, and they&#8217;ve shifted in the last few weeks from immediate safety to longer-term financial anxiety. </p><p>People are talking about what to do if the banks fail, not because they believe it&#8217;s imminent, but because contingency thinking is how you manage living in a place where you don&#8217;t control the variables. Some residents have sent money back to family in other countries. Others have been buying gold: portable, convertible, not dependent on an app that might go down. The logic is old. In a war, you hold what you can carry.</p><p>Employment anxiety runs through every sector and every demographic, and this is one of the things that surprises people who assume it maps neatly onto expat versus local. </p><p>Emiratis are worried too. Business owners who considered themselves insulated are now watching their pipelines and asking the same questions as junior employees. </p><p>Events and marketing, two industries that are foundational to how Dubai presents itself to the world, have been badly hit. International acts and large-scale productions have been cancelled or pushed to later in the year. The workers in those industries, often on flexible or project-based contracts, are the most exposed.</p><p>The workers I spoke to described an environment where the choice being offered is salary cut or termination, and when someone agrees to a cut, there is no legal recourse. </p><blockquote><p>&#8220;You can&#8217;t fight it if you agreed to it,&#8221; one person said. </p></blockquote><p>Whether layoffs are widespread or concentrated is genuinely hard to verify. What&#8217;s clear is that people believe they are happening, and belief shapes behaviour.</p><p>There&#8217;s also a visible population shift that is hard to quantify but hard to ignore. The empty parking space next to mine, same car, same spot, not seen in four weeks. &#8220;I&#8217;m pretty sure that person left.&#8221; </p><p>It&#8217;s not clear how many people have gone, or how permanently. The consensus is that most are waiting rather than relocating, holding elsewhere until the picture clarifies, then coming back. Dubai pays well. People don&#8217;t leave easily.</p><h2>The Nightclub at 2:30</h2><p>The image that stays with me from this whole period is a nightclub, sometime around 2:30 in the morning. Music, a crowd, the specific unreality of a Dubai night out in full swing, and then an alert arrives. Not panic. Not chaos. People check their phones; staff move us indoors. Then, when it passes, they go back. Back to the music, back to the dancing, back to the drinks.</p><p>That moment contains everything about where the UAE is right now. The procedure has been learned. The response is calm, almost practised. Life continues. But the alert still came. The door to indoors was still used. And everyone in that room knew, without saying it, that it could come again.</p><h2>Everyone Is Emirati</h2><p>There&#8217;s a phrase being used in state messaging lately. &#8220;Everyone is Emirati,&#8221; a kind of manufactured solidarity between nationals and long-term residents. It&#8217;s a subtle signal: the UAE is trying to build a narrative of shared endurance. Whether people believe it or are simply living alongside it is a different question.</p><p>What most residents seem to have arrived at is something simpler and more honest. They feel physically safe. The state has demonstrated, repeatedly and visibly, that its defence systems work. </p><p>But physical safety and psychological ease are not the same thing. The early initiatives such as free therapy and community support programmes have mostly wound down. The understanding now is that this is the new reality, and everyone has to find their own way through it.</p><p>Dubai still looks normal on the surface. Underneath, people are recalculating risk, quietly, privately, and with the particular discipline of a place that has always made stability look effortless, even when it isn&#8217;t.</p><div><hr></div><p><em><a href="https://www.linkedin.com/in/umaima-farhan/">Umaima Farhan</a> is a Resilience Advisor at <a href="https://www.fixinc.io/">Fixinc</a> and a regular contributor and Advisor to Unbreakable Ventures. She is based in Dubai. Read the first dispatch in this series, <a href="https://www.unbreakableventures.com/p/the-iran-war-from-dubai-what-your">The Iran War From Dubai: What Your Newsfeed Is Not Showing You</a>.</em></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Thanks for reading Unbreakable Ventures! Subscribe for free to receive new posts and support our work.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div>]]></content:encoded></item><item><title><![CDATA[Stolen Faces | Risk Updates for Weeks of 6 April - 22 April '26]]></title><description><![CDATA[Threat concerns this week: A UNDP report linking conflict to a global development reversal. A hiring platform that handed hackers a deepfake training kit. And 5 quick fires.]]></description><link>https://www.unbreakableventures.com/p/stolen-faces-risk-updates-for-weeks</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/stolen-faces-risk-updates-for-weeks</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Wed, 22 Apr 2026 05:07:47 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/194987002/6a0fcbe5afcdb0050ff8b55d869425f5.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!_eZT!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1c0676fe-2301-4ceb-9f2f-c04d34410c34_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!_eZT!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1c0676fe-2301-4ceb-9f2f-c04d34410c34_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!_eZT!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1c0676fe-2301-4ceb-9f2f-c04d34410c34_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!_eZT!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1c0676fe-2301-4ceb-9f2f-c04d34410c34_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!_eZT!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1c0676fe-2301-4ceb-9f2f-c04d34410c34_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!_eZT!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1c0676fe-2301-4ceb-9f2f-c04d34410c34_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/1c0676fe-2301-4ceb-9f2f-c04d34410c34_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:386047,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/194987002?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1c0676fe-2301-4ceb-9f2f-c04d34410c34_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!_eZT!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1c0676fe-2301-4ceb-9f2f-c04d34410c34_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!_eZT!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1c0676fe-2301-4ceb-9f2f-c04d34410c34_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!_eZT!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1c0676fe-2301-4ceb-9f2f-c04d34410c34_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!_eZT!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1c0676fe-2301-4ceb-9f2f-c04d34410c34_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Hello &#128075; get a brew on because <strong>these are the top emerging risks between April 6th, and April 22nd, 2026&#8230;</strong></p><p><strong><a href="https://fixinc.substack.com/about">Review our report&#8217;s terminology here &#8599;</a></strong></p><p><strong>Small update: </strong>Our Unbreakable Ventures fortnightly update will move to a Wednesday release moving forward. This allows our team to prepare content and launch on a day that is typically more open for you to read and listen.</p><p>Our main risk this fortnight is&#8230;</p><h2>1. <strong>Societal: Middle East Crisis Threatens Global Poverty Surge</strong></h2><ul><li><p>A new United Nations Development Programme report warns that the ongoing military escalation in the Middle East, centred on the Strait of Hormuz closure and broader regional conflict, could push millions of people across the Asia-Pacific region into poverty through surging energy prices, trade disruption, and collapsing remittance flows, with impacts extending far beyond the immediate conflict zone.</p></li><li><p>The UNDP analysis models the crisis through the lens of its Human Development Index and finds that countries already vulnerable, particularly South and Southeast Asian nations dependent on oil imports, migrant worker remittances, and tourism revenues, face compound shocks that could reverse years of development progress within months rather than years.</p></li><li><p>The report identifies multiple transmission channels through which the crisis radiates outward: direct energy cost inflation hitting household budgets and industrial output; disruption to maritime trade routes that carry a significant share of global oil and LNG supplies; collapse or severe reduction in remittance flows from Gulf-based migrant workers who face job losses or repatriation; and tourism revenue declines as regional instability deters travel.</p></li><li><p>Small island developing states and least-developed countries in the Asia-Pacific face disproportionate exposure because they lack fiscal buffers, strategic petroleum reserves, or diversified energy sources to absorb price shocks, meaning even short-duration disruptions can trigger food insecurity, power rationing, and social instability.</p></li><li><p>The UNDP calls for coordinated international action including emergency social protection scaling, energy subsidy targeting, remittance corridor protection, and accelerated renewable energy investment, warning that delayed responses will compound the human cost and make recovery significantly more expensive and protracted.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://timesofindia.indiatimes.com/business/international-business/middle-east-crisis-millions-around-the-world-could-be-pushed-into-poverty-flags-undp/articleshow/130256906.cms">Middle East Crisis: Millions Around the World Could Be Pushed into Poverty, Flags UNDP | Times of India | April 2026</a></p></li><li><p><a href="https://cdn.prod.website-files.com/67bbd7781a4afa97e28ee77f/69e8273c6cf216ab9b5d36c2_undp-rbap-middle-east-military-escalation-hdi-impacts-across-asia-pacific.pdf.pdf">Middle East Military Escalation: HDI Impacts Across Asia-Pacific (Full Report) | UNDP Regional Bureau for Asia and the Pacific | April 2026</a></p></li><li><p><a href="https://www.reuters.com/business/energy/strait-hormuz-closure-oil-prices-2026-04/">Strait of Hormuz Closure Sends Oil Prices to Record Highs | Reuters | April 2026</a></p></li><li><p><a href="https://asia.nikkei.com/Economy/Asia-Pacific-economies-brace-for-oil-shock-fallout">Asia-Pacific Economies Brace for Oil Shock Fallout | Nikkei Asia | April 2026</a></p></li><li><p><a href="https://www.aljazeera.com/economy/2026/4/gulf-migrant-workers-face-mass-layoffs-regional-crisis">Gulf Migrant Workers Face Mass Layoffs as Regional Crisis Deepens | Al Jazeera | April 2026</a></p></li><li><p><a href="https://www.theguardian.com/global-development/2026/apr/middle-east-conflict-threatens-development-goals">How the Middle East Conflict Threatens Global Development Goals | The Guardian | April 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Oil-importing developing nations in South and Southeast Asia:</strong> Countries like Pakistan, Bangladesh, Sri Lanka, the Philippines, and Pacific Island states are absorbing the full force of energy price inflation without the fiscal reserves or strategic stockpiles to cushion the blow. For these nations, the crisis is not abstract geopolitics but an immediate threat to household energy access, food affordability, and industrial output. The UNDP report makes clear that these economies sit at the sharpest end of the transmission chain, and that even a partial reversal of development gains could take a decade to recover.</p></li><li><p><strong>Migrant worker communities and remittance-dependent households:</strong> Millions of workers from South and Southeast Asia employed in Gulf states face job insecurity, wage delays, or forced repatriation as the regional economy contracts under conflict pressure. The families they support, often in rural communities with no alternative income sources, lose their primary financial lifeline. Remittance flows represent a larger share of GDP than foreign aid in many of these countries, making this channel of crisis transmission particularly devastating and under-reported.</p></li><li><p><strong>Global humanitarian and development organisations:</strong> The UNDP warning signals a potential surge in demand for emergency social protection, food assistance, and energy subsidies across multiple countries simultaneously. Organisations already stretched by existing crises face the prospect of compounding need with no corresponding increase in donor funding, particularly as major donor nations themselves grapple with the economic fallout of higher energy costs.</p></li><li><p><strong>Multinational corporations with Asia-Pacific supply chains:</strong> The poverty surge and economic instability flagged by the UNDP translate directly into workforce disruption, demand volatility, and operational risk across manufacturing hubs and sourcing countries. Companies relying on labour-intensive production in vulnerable economies should anticipate absenteeism, wage pressure, civil unrest, and potential government interventions such as export restrictions or price controls that could disrupt supply agreements.</p></li><li><p><strong>Insurance, sovereign debt, and credit risk analysts:</strong> The compounding effect of energy inflation, remittance collapse, and tourism decline on fiscally fragile states raises the probability of sovereign debt distress, credit rating downgrades, and currency crises. Analysts must model not just the direct oil price shock but the second and third-order effects on government revenues, social spending commitments, and political stability.</p></li></ul><p><em>These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don&#8217;t know what they are, <a href="https://www.fixinc.io">get in touch.</a></em></p><h2>Preventative actions</h2><h5><strong>Map your exposure to remittance and energy transmission channels</strong></h5><ul><li><p>Organisations and governments should urgently map their direct and indirect exposure to the crisis transmission channels identified in the UNDP report: energy import dependence, remittance flow concentration, tourism revenue reliance, and maritime trade route vulnerability. Understanding which channels carry the greatest risk for your specific context allows for targeted mitigation rather than generic crisis response.</p></li></ul><h5><strong>Accelerate targeted social protection and subsidy programmes</strong></h5><ul><li><p>Governments in exposed countries should pre-position emergency cash transfer mechanisms and energy subsidy frameworks that can be activated rapidly as household budgets come under pressure. The UNDP report emphasises that delayed social protection scaling compounds the poverty impact exponentially, so the priority is speed of deployment over perfection of targeting.</p></li></ul><h5><strong>Diversify energy sourcing and fast-track renewable alternatives</strong></h5><ul><li><p>The current crisis is a structural argument for reducing dependence on Gulf-sourced hydrocarbons. Countries and corporations should use this moment to accelerate renewable energy procurement, distributed generation, and energy storage investments that reduce long-term exposure to maritime chokepoint disruptions, even if the immediate crisis requires short-term fossil fuel alternatives.</p></li></ul><h5><strong>Protect and diversify remittance corridors</strong></h5><ul><li><p>Financial regulators and remittance service providers should ensure that alternative transfer channels remain operational and affordable if primary Gulf-based corridors are disrupted. Governments of labour-sending countries should negotiate bilateral protections for their nationals in Gulf states and establish emergency repatriation and reintegration plans.</p></li></ul><h5><strong>Stress-test supply chains for poverty-driven disruption</strong></h5><ul><li><p>Multinational corporations should model the impact of rising poverty and economic instability in their sourcing countries on workforce availability, production continuity, and demand patterns. Build contingency plans for scenarios where key manufacturing or agricultural regions face civil unrest, government-imposed export restrictions, or significant labour force disruption driven by the cascading effects of the crisis.</p></li></ul><div><hr></div><h2>2. <strong>Technological: Mercor Breach Exposes Permanent Biometric Threat</strong></h2><ul><li><p>AI hiring startup Mercor, valued at $10 billion and backed by prominent Silicon Valley investors, suffered a catastrophic data breach in which the hacking group Lapsus exfiltrated approximately 4 terabytes of deeply sensitive user data, including high-resolution video interviews, passport and identity document scans, resumes, candidate profiles, and proprietary source code, creating what cybersecurity experts describe as a near-perfect deepfake training dataset.</p></li><li><p>The breach did not originate from simple negligence at Mercor. It was the downstream result of a sophisticated software supply chain attack that compromised Trivy, a widely used open-source security vulnerability scanner, which in turn poisoned LiteLLM, an AI model proxy layer, before reaching Mercor&#8217;s systems. The attack chain, Trivy to LiteLLM to Mercor, was three layers deep, and the same supply chain compromise affected thousands of companies simultaneously, making attribution of fault to any single organisation misleading.</p></li><li><p>The nature of the stolen data is what elevates this breach from a conventional cybersecurity incident to a permanent, irreversible threat. Unlike passwords or credit card numbers, biometric data, including detailed facial geometry, voice patterns, and behavioural mannerisms captured across thousands of hours of video interviews, cannot be changed, reset, or reissued. Every affected individual now carries a lifelong vulnerability to identity fraud, deepfake impersonation, and synthetic identity attacks.</p></li><li><p>The breach raises urgent questions about the data collection practices of AI-era platforms. Mercor&#8217;s business model required job applicants to submit extensive video recordings, identity documents, and personal information as a condition of being considered for roles, often roles that involved training AI models for major technology companies. The volume and intimacy of the data collected far exceeded what traditional hiring processes demand, yet the security infrastructure protecting it was ultimately dependent on a chain of third-party tools that no single entity fully controlled or audited.</p></li><li><p>The stolen dataset has direct commercial and strategic value to hostile actors. Nation-state intelligence services, rival AI laboratories, and criminal enterprises could use the biometric data to train deepfake generation models, conduct targeted social engineering, or build synthetic identity systems. The risk is not hypothetical: a dataset of this quality and scale, combining face, voice, identity documents, and professional background, is precisely what is needed to produce convincing impersonations that could defeat video-based identity verification systems now used across financial services, corporate access controls, and government processes.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://fortune.com/2026/04/02/mercor-ai-startup-security-incident-10-billion/">Mercor AI Startup Security Incident | Fortune | April 2026</a></p></li><li><p><a href="https://www.bleepingcomputer.com/news/security/lapsus-group-claims-responsibility-mercor-data-breach/">Lapsus Group Claims Responsibility for Mercor Data Breach | BleepingComputer | April 2026</a></p></li><li><p><a href="https://therecord.media/trivy-supply-chain-attack-compromises-downstream-companies">Supply Chain Attack on Trivy Scanner Compromises Thousands of Downstream Companies | The Record | April 2026</a></p></li><li><p><a href="https://www.wired.com/story/deepfake-risk-biometric-data-breaches/">The Deepfake Risk of Biometric Data Breaches | Wired | April 2026</a></p></li><li><p><a href="https://www.technologyreview.com/2026/03/ai-hiring-platforms-data-collection/">AI Hiring Platforms and the Data Collection Arms Race | MIT Technology Review | March 2026</a></p></li><li><p><a href="https://arstechnica.com/security/2026/04/litellm-vulnerability-exploited-supply-chain-attack/">LiteLLM Vulnerability Exploited in Multi-Stage Supply Chain Attack | Ars Technica | April 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Individuals who submitted video interviews, identity documents, or resumes to Mercor:</strong> You face a permanent and irreversible exposure. Unlike a compromised password, your face, voice, and identity documents cannot be changed. This data can be used to create convincing deepfake videos or audio that could pass automated verification checks, be deployed in targeted social engineering, or be sold to entities building synthetic identity systems. You should assume the data is in hostile hands and take protective action immediately.</p></li><li><p><strong>Organisations using video-based identity verification or biometric authentication:</strong> The Mercor dataset provides attackers with precisely the training material needed to defeat video KYC, voice authentication, and liveness detection systems. Financial institutions, corporate security teams, and government agencies that rely on these technologies should assume the threat model has fundamentally shifted and begin evaluating the resilience of their verification systems against high-quality synthetic media generated from real biometric data.</p></li><li><p><strong>Companies relying on open-source security tools in their software supply chain:</strong> The Trivy-to-LiteLLM-to-Mercor attack chain demonstrates that the tools organisations trust to identify vulnerabilities can themselves become the attack vector. This is not a failure of one company&#8217;s credential hygiene; it is a structural weakness in how modern software ecosystems are assembled. Any organisation using open-source scanners, proxy layers, or AI tooling without rigorous supply chain verification is potentially exposed to identical compromise patterns.</p></li><li><p><strong>AI companies and technology platforms that collect extensive applicant or user data:</strong> The Mercor breach forces a reckoning with the question of how much personal data is truly necessary to deliver a service, and what duty of care attaches to collecting it. Platforms that require video submissions, biometric captures, or identity document uploads as a routine part of engagement must now justify that collection against the reality that no security architecture can guarantee permanent protection of permanently sensitive data.</p></li><li><p><strong>Regulators and policymakers responsible for data protection and AI governance:</strong> The breach exposes a gap between current data protection frameworks, which were largely designed around financial and textual personal data, and the emerging reality of mass biometric data collection by AI-era platforms. The permanent, non-resettable nature of biometric exposure demands a different regulatory approach than breach notification and credit monitoring.</p></li></ul><h2>Preventative actions</h2><h5><strong>Audit and minimise biometric data collection practices immediately</strong></h5><ul><li><p>Every organisation that collects video, voice, facial imagery, or identity documents should conduct an urgent review asking a single, uncomfortable question: is this data truly necessary for the service being provided? If it is not essential, stop collecting it. If it is essential, segregate it from general data stores, encrypt it with dedicated key management, and impose strict retention limits. The Mercor breach demonstrates that data you hold is data that can be stolen, and biometric data, once stolen, creates a liability that lasts a lifetime.</p></li></ul><h5><strong>Implement supply chain security verification for all third-party and open-source tools</strong></h5><ul><li><p>The attack chain that compromised Mercor started three layers upstream with a trusted security tool. Organisations must move beyond trusting tools by reputation and implement continuous verification of third-party software integrity, including code signing validation, software bill of materials (SBOM) monitoring, and runtime behavioural analysis. The security scanner that protects your perimeter should itself be treated as an attack surface.</p></li></ul><h5><strong>Adopt multi-layered identity verification that does not rely solely on biometrics</strong></h5><ul><li><p>With high-quality biometric datasets now in adversarial hands, organisations must assume that video and voice-based verification can be spoofed. Layer biometric checks with behavioural analytics, device-binding, cryptographic attestation, and human-in-the-loop review for high-risk transactions. No single authentication factor, especially one derived from data that cannot be changed, should be treated as definitive.</p></li></ul><h5><strong>Establish breach response protocols specific to biometric data exposure</strong></h5><ul><li><p>Standard breach response playbooks built around password resets and credit monitoring are inadequate for biometric data incidents. Organisations should develop specific response plans that include lifelong monitoring services for affected individuals, proactive notification to financial institutions and identity verification providers, and legal frameworks for addressing the unique, permanent nature of biometric compromise.</p></li></ul><h5><strong>Demand transparency and contractual accountability from AI-era platforms</strong></h5><ul><li><p>Individuals and organisations providing sensitive data to AI hiring platforms, model training services, or any technology company requiring biometric inputs should demand explicit disclosure of data storage architecture, third-party tool dependencies, supply chain security practices, and breach response commitments before submitting any information. The era of trusting platforms with intimate data based solely on their valuation or investor backing should be over.</p></li></ul><div><hr></div><h2>Quick snippet stories</h2><ol><li><p><strong>UK Small Businesses Hit by Cash Crunch, Supplier Fears, and War Shocks<br></strong>A new Federation of Small Businesses survey reveals that UK SMEs are facing a compounding crisis as the Middle East conflict drives up input costs, supply chain uncertainty erodes confidence in supplier reliability, and persistent cash flow pressures push many firms toward the brink. The core risk is a cascading failure: when small businesses cannot trust that their suppliers will deliver, they freeze investment and hiring, which in turn weakens the suppliers they depend on. SMEs should stress-test their supplier base now and build short-term cash reserves to weather delayed payments. <a href="https://newsfromwales.co.uk/small-businesses-on-the-brink-cash-crisis-fear-of-failing-suppliers-and-war-shocks-pummel-uk-smes/">Main link to resource</a></p></li><li><p><strong>Airlines Slash Flights as Jet Fuel Crisis Deepens<br></strong>Airlines are cutting routes and reducing frequencies as jet fuel prices surge amid ongoing Middle East volatility and Strait of Hormuz disruption. The risk extends beyond airline profitability into tourism-dependent economies and business travel connectivity, as reduced capacity concentrates passengers onto fewer routes and drives up ticket prices. Airlines hedged against short-term shocks may cope, but carriers and destinations without fuel diversification strategies face a prolonged squeeze that could reshape global aviation networks for years. <a href="https://londonlovesbusiness.com/airlines-slash-flights-as-jet-fuel-crisis-deepens-amid-middle-east-volatility/">Main link to resource</a></p></li><li><p><strong>Australia&#8217;s Fuel Security Scheme Tested Under Real Conditions<br></strong>Australia&#8217;s strategic fuel reserve ships are now delivering under the government&#8217;s emergency fuel security scheme, providing a live stress test of a system designed for exactly this kind of disruption. Much like the COVID pandemic, where nations closely studied each other&#8217;s public health responses to identify what worked and what failed, countries are now observing each other&#8217;s fuel crisis strategies in real time. Australia, for example, has noted the Philippines&#8217; mandate for work-from-home policies to reduce fuel consumption, only to discover that workers running air conditioning throughout the day consumed comparable energy, highlighting how seemingly logical mitigation measures can produce unintended consequences. <a href="https://www.smh.com.au/business/markets/the-ships-that-are-delivering-for-australia-under-new-fuel-scheme-20260409-p5zmfa.html">Main link to resource</a></p></li><li><p><strong>Australian Businesses Cut Hours and Push Remote Work as Fuel Costs Bite</strong><br>Australian businesses are slashing employee hours and accelerating work-from-home arrangements as the fuel crisis raises commuting and operational costs beyond sustainable levels. This may represent one of the first early signs of an employment slump beginning to set in, as reduced hours typically precede outright job losses in economic downturns. The risk is that what begins as a temporary cost-saving measure becomes structural, with businesses discovering they can operate with fewer paid hours and choosing not to restore them when conditions stabilise. <a href="https://www.9news.com.au/national/aussie-businesses-slash-hours-work-from-home-fuel-crisis-iran-war/3f2d8e8c-9c0f-41b8-9f8a-3e0ef3e37268">Main link to resource</a></p></li><li><p><strong>Security Leaders Dangerously Overconfident About Ransomware Recovery<br></strong>A new industry survey reveals a significant gap between security leaders&#8217; confidence in their ransomware recovery capabilities and the reality of actual recovery outcomes. The risk is that overconfidence leads to underinvestment in tested, validated recovery processes, with organisations assuming backup systems and incident response plans will perform under pressure without ever subjecting them to realistic simulations. Firms should conduct unannounced recovery drills that mirror real attack conditions, including encrypted backups and compromised admin credentials, to expose gaps before an actual incident does. <a href="https://www.itpro.com/security/security-leaders-overconfident-about-ransomware-recovery">Main link to resource</a></p></li></ol><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><div><hr></div><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unbreakable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/stolen-faces-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/stolen-faces-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/stolen-faces-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item><item><title><![CDATA["Trust in AI is fragile" – Inside the lab building technology for Healthcare, Civil Defence, Land Asset Management w/ Greg Headley]]></title><description><![CDATA[Listen now | Lead data scientist from Informed Solutions on what it takes to operationalise AI where failure isn't an option.]]></description><link>https://www.unbreakableventures.com/p/trust-in-ai-is-fragile-inside-the</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/trust-in-ai-is-fragile-inside-the</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Thu, 16 Apr 2026 01:00:47 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/194266987/361f86793a89912ad36e6ef7d29f157e.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div id="youtube2-asE5HN3Gf1s" class="youtube-wrap" data-attrs="{&quot;videoId&quot;:&quot;asE5HN3Gf1s&quot;,&quot;startTime&quot;:null,&quot;endTime&quot;:null}" data-component-name="Youtube2ToDOM"><div class="youtube-inner"><iframe src="https://www.youtube-nocookie.com/embed/asE5HN3Gf1s?rel=0&amp;autoplay=0&amp;showinfo=0&amp;enablejsapi=0" frameborder="0" loading="lazy" gesture="media" allow="autoplay; fullscreen" allowautoplay="true" allowfullscreen="true" width="728" height="409"></iframe></div></div><p><em>Watch the video version via <a href="https://youtu.be/asE5HN3Gf1s">YouTube</a>.</em></p><p><a href="https://linkedin.com/in/gheadley27">Greg Headley</a> is a Lead Data Scientist at <a href="https://www.informed.com/">Informed Solutions</a>, a global technology consultancy with a 30-year track record of building mission-critical AI and data systems for some of the world&#8217;s most demanding environments. Originally from America with a background in geophysics (processing large-scale seismic data) Greg pivoted into data science and has spent the past three years helping operationalise AI in sectors where failure isn&#8217;t an option: healthcare regulation, policing, emergency services, and national security.</p><p>Informed Solutions is not your typical AI consultancy. They hold two Queen&#8217;s Awards for Innovation, are multiple WITSA Global ICT Excellence Award winners, and in December 2025 became <a href="https://www.informed.com/news/landmark-certification-for-responsible-ai/">one of the first ten organisations in the UK</a> to achieve <a href="https://www.iso.org/standard/42001">ISO 42001 certification</a>&#8212;the world&#8217;s first international standard for Artificial Intelligence Management Systems. Their client list reads like a who&#8217;s who of critical infrastructure: the NHS, the Medicines and Healthcare Products Regulatory Agency (MHRA), His Majesty&#8217;s Inspectorate of Constabulary and Fire &amp; Rescue Services (HMICFRS), the Metropolitan Police, the National Crime Agency, the Home Office, NatureScot, and dozens of UK government departments and private sector organisations.</p><p>What sets Informed apart is their multi-disciplinary approach. They don&#8217;t just build AI, they employ five technical disciplines working in concert: software engineering, delivery management, user-centered design, data science, and live services. It&#8217;s this combination that allows them to move beyond proof-of-concepts into production systems that work in the real world, supporting real people. Their recent work with the MHRA developed AI tools that reduced Good Manufacturing Practice compliance validation from two hours to under five minutes. A 95% efficiency gain that&#8217;s now operational.</p><p>Greg co-authored a significant paper published in the ASA Biopharmaceutical Report documenting this MHRA work, demonstrating how multi-disciplinary teams can responsibly deploy AI in safety-critical regulatory environments.</p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Unbreakable Ventures is an independent, free publication. Your subscription fuels more guests like Greg.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><h2><strong>In this interview, we cover:</strong></h2><ul><li><p>Greg&#8217;s decade long involvement in data-related work.</p></li><li><p>Informed Solutions emphasis on a multi-disciplinary approach to AI.</p></li><li><p>Why building trust in technology is crucial, especially in healthcare.</p></li><li><p>Why governance and standards are essential for ethical AI practices.</p></li><li><p>What digital twins are and how they can enhance crisis management and preparedness.</p></li><li><p>AI readiness assessments that help organisations understand their capabilities.</p></li><li><p>Why trust in AI is fragile and requires incremental building.</p></li><li><p>What the future of AI might look like and why it involves more specialised tools and models.</p></li><li><p>How cybersecurity is a significant concern with the rise of AI.</p></li><li><p>Why organisations should focus on user needs to ensure successful technology adoption.</p></li></ul><h2><strong>Key timestamps:</strong></h2><ul><li><p><strong>00:00</strong> Introduction and Background</p></li><li><p><strong>02:53</strong> The Multi-Disciplinary Approach to AI</p></li><li><p><strong>05:58</strong> Building Trust in High-Stakes Technology</p></li><li><p><strong>08:45</strong> Navigating Ethical Considerations in AI</p></li><li><p><strong>11:52</strong> The Role of Governance and Standards in AI</p></li><li><p><strong>15:02</strong> AI Readiness and Organisational Transformation</p></li><li><p><strong>18:00</strong> The Impact of AI on Productivity</p></li><li><p><strong>21:13</strong> Governance and Innovation in AI</p></li><li><p><strong>24:13</strong> Conclusion and Future Perspectives</p></li><li><p><strong>45:58</strong> The Importance of Standards in Business</p></li><li><p><strong>52:21</strong> Building Blocks for Smaller Businesses</p></li><li><p><strong>53:46</strong> Understanding Digital Twins</p></li><li><p><strong>01:00:16</strong> Digital Twins in Crisis Management</p></li><li><p><strong>01:07:16</strong> AI and Digital Twins: A Complex Relationship</p></li><li><p><strong>01:10:15</strong> The Dark Side of AI</p></li><li><p><strong>01:15:40</strong> Future Predictions: Optimism vs. Skepticism</p></li></ul><h2>Connect with Informed Solutions</h2><h5>Greg Headley</h5><ul><li><p><strong>LinkedIn:</strong> <a href="https://www.linkedin.com/in/gheadley27/">linkedin.com/in/gheadley27</a></p></li><li><p><strong>Published Work:</strong> <a href="https://asabiopreport.substack.com/p/a-multidisciplinary-approach-for">A Multidisciplinary Approach for Developing Two Bespoke AI Tools (ASA Biopharmaceutical Report)</a></p></li></ul><h5>Informed Solutions</h5><ul><li><p><strong>Website:</strong> <a href="https://www.informed.com/">informed.com</a></p></li><li><p><strong>LinkedIn:</strong> <a href="https://www.linkedin.com/company/informed-solutions/">linkedin.com/company/informed-solutions</a></p></li><li><p><strong>ISO 42001 Announcement:</strong> <a href="https://www.informed.com/news/landmark-certification-for-responsible-ai/">Landmark Certification for Responsible AI</a></p></li><li><p><strong>AI Charter:</strong> <a href="https://www.informed.com/app/uploads/2024/07/Informed-Solutions-AI-Charter_09-07-24.pdf">Informed Solutions AI Charter (PDF)</a></p></li><li><p><strong>AI Readiness Assessment Service:</strong> <a href="https://www.informed.com/services/ai-readiness-assessment/">informed.com/services/ai-readiness-assessment</a></p></li></ul><div><hr></div><p><em>This podcast marks the public acknowledgement of the partnership between <a href="http://www.fixinc.io">Fixinc</a> and Informed Solutions, bringing world-class AI and resilience expertise to Oceania and ASEAN markets.</em></p><p></p>]]></content:encoded></item><item><title><![CDATA[Gulf Gambit | Risk Updates for Weeks of 23 March - 6 April '26]]></title><description><![CDATA[Threat concerns this week: The largest oil supply disruption in human history. Why the real crisis is still six months away. And 5 quick-fire updates on medicine shortage.]]></description><link>https://www.unbreakableventures.com/p/gulf-gambit-risk-updates-for-weeks</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/gulf-gambit-risk-updates-for-weeks</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Tue, 07 Apr 2026 11:58:06 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/193454669/2e580ae33233d0db8a565f8ac2d010b2.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!83fx!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9bf88210-526d-432c-8885-f826af4e6bcf_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!83fx!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9bf88210-526d-432c-8885-f826af4e6bcf_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!83fx!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9bf88210-526d-432c-8885-f826af4e6bcf_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!83fx!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9bf88210-526d-432c-8885-f826af4e6bcf_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!83fx!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9bf88210-526d-432c-8885-f826af4e6bcf_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!83fx!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9bf88210-526d-432c-8885-f826af4e6bcf_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/9bf88210-526d-432c-8885-f826af4e6bcf_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:595884,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/193454669?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9bf88210-526d-432c-8885-f826af4e6bcf_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!83fx!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9bf88210-526d-432c-8885-f826af4e6bcf_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!83fx!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9bf88210-526d-432c-8885-f826af4e6bcf_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!83fx!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9bf88210-526d-432c-8885-f826af4e6bcf_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!83fx!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9bf88210-526d-432c-8885-f826af4e6bcf_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Hello &#128075; get a brew on because <strong>these are the top emerging risks between March 23rd, and April 6th, 2026&#8230;</strong></p><p><strong><a href="https://fixinc.substack.com/about">Review our report&#8217;s terminology here &#8599;</a></strong></p><p>Our main risk this fortnight is&#8230;</p><h2>1. <strong>Economic: Hormuz Closure Triggers Cascading Agricultural and Industrial Crisis Across Asia-Pacific</strong></h2><ul><li><p>The Strait of Hormuz closure, now entering its fourth week, has disrupted approximately 20% of global oil and liquefied natural gas flows alongside critical fertiliser shipments, with Goldman Sachs warning of severe agricultural inflation and supply crunches affecting food production across Asia, Oceania, and beyond.</p><p>Fertiliser supply disruption threatens the entire 2026-2027 agricultural cycle across ASEAN nations, Australia, and New Zealand, as the Gulf states supply over 30% of global nitrogen and phosphate fertiliser exports, with planting seasons for key crops in the Southern Hemisphere beginning within the next three to five months.</p></li><li><p>Australian grain and cattle producers face compounding pressures from rising fuel costs for farm machinery and transport, fertiliser shortages affecting soil preparation for winter planting, and increasing feed costs for livestock operations, with industry bodies warning of production contractions visible in late 2026 harvests.</p></li><li><p>New Zealand&#8217;s agricultural export sector, contributing approximately 80% of goods exports, confronts rising input costs across dairy, meat, and horticulture operations, with fertiliser-dependent pastoral farming particularly vulnerable to supply disruptions arriving during critical autumn application windows.</p><p>Southeast Asian rice production across Thailand, Vietnam, and Indonesia faces fertiliser access constraints that could reduce yields during upcoming planting cycles, threatening regional food security and potentially triggering export restrictions that amplify global supply tightness.</p></li><li><p>The timeline for economic impact follows a predictable cascade: fuel and energy price increases visible immediately, fertiliser supply constraints affecting agricultural planning within four to eight weeks, reduced agricultural output and food price inflation materialising six to twelve months from initial disruption, and sustained cost-of-living pressures affecting consumer spending and business confidence through 2027.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.firstpost.com/business/hormuz-chokepoint-disruption-may-trigger-agri-inflation-and-supply-crunch-goldman-sachs-13993741.html">Hormuz Chokepoint Disruption May Trigger Agri-Inflation and Supply Crunch: Goldman Sachs | Firstpost | April 2026]</a></p></li><li><p><a href="https://www.reuters.com">Global Fertiliser Markets Face Supply Shock from Gulf Disruption | Reuters | April 2026</a></p></li><li><p><a href="https://www.abc.net.au">Australia Warns of Agricultural Input Crisis as Strait Closure Extends | ABC News | April 2026</a></p></li><li><p><a href="https://asia.nikkei.com">ASEAN Food Security Concerns Mount Amid Middle East Tensions | Nikkei Asia | March 2026</a></p></li><li><p><a href="https://www.rnz.co.nz">New Zealand Farming Sector Prepares for Input Cost Surge | Radio New Zealand | April 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Agricultural producers and food manufacturers: </strong>Operations dependent on synthetic fertilisers face immediate procurement challenges and price escalation, with those lacking contracted supply or alternative sourcing facing potential input shortages during critical application and planting windows over the coming months.</p></li><li><p><strong>Employers across all sectors: </strong>Cost-of-living pressures from food and energy inflation will erode employee purchasing power, driving wage pressure, workforce retention challenges, and productivity impacts as workers experience financial stress, with effects intensifying through late 2026 and into 2027.</p></li><li><p><strong>Consumer-facing businesses: </strong>Discretionary spending will contract as households redirect budgets toward essential food and energy costs, with retail, hospitality, tourism, and entertainment sectors facing demand compression that may not align with current revenue projections.</p></li><li><p><strong>Businesses relying on business confidence: </strong>Investment decisions, contract commitments, and expansion plans across the economy face hesitation as uncertainty over input costs, consumer demand, and macroeconomic trajectory creates decision paralysis among business leaders and financial institutions.</p></li><li><p><strong>Supply chain managers in manufacturing and construction: </strong>Industries dependent on petrochemical derivatives, plastics, synthetic materials, and energy-intensive processes face both direct cost increases and indirect impacts through supplier stress and potential defaults.</p></li></ul><h2>Preventative actions</h2><h5><strong>Model twelve-month cost scenarios now</strong></h5><ul><li><p>Build financial projections incorporating sustained energy and food inflation through 2027. Stress-test margins, cash reserves, and credit facilities against scenarios where input costs rise 15-30% and consumer demand contracts. Identify break-even points and decision triggers for operational adjustments.</p></li></ul><h5><strong>Engage suppliers on fertiliser and fuel forward contracts</strong></h5><ul><li><p>Where operationally relevant, explore locking in supply agreements or forward pricing before spot market escalation fully materialises. Accept premium pricing today to avoid potential unavailability or extreme pricing six months forward.</p></li></ul><h5><strong>Prepare employee cost-of-living response strategies</strong></h5><ul><li><p>Develop contingency plans for wage adjustment discussions, benefit enhancements, or targeted support programmes that may become necessary as inflation erodes real incomes. Proactive communication about organisational awareness and response planning supports retention during uncertainty.</p></li></ul><h5><strong>Diversify supplier geography for critical inputs</strong></h5><ul><li><p>Assess whether alternative fertiliser sources from North America, Russia, or North Africa could provide supply continuity despite higher transport costs or geopolitical complexity. Partial diversification reduces total exposure even if complete substitution proves impossible.</p></li></ul><h5><strong>Communicate proactively with stakeholders about timeline expectations</strong></h5><ul><li><p>Ensure boards, investors, and leadership teams understand that current disruption impacts will intensify rather than resolve over the coming months. Set appropriate expectations for 2027 planning cycles reflecting probable rather than optimistic assumptions.</p></li></ul><div><hr></div><h2>2. <strong>Geopolitical: UAE Positions Crisis Response as Competitive Edge</strong></h2><ul><li><p>The UAE is leveraging current regional instability to strengthen its position as a global business hub, with government-backed initiatives accelerating digital infrastructure, supply chain diversification, and crisis-tested operational frameworks that differentiate it from competitors still reacting to disruption.</p></li><li><p>Dubai&#8217;s free zones and Abu Dhabi&#8217;s industrial clusters are actively recruiting businesses seeking to relocate operations away from higher-risk jurisdictions, with streamlined licensing processes now measured in days rather than weeks and regulatory sandboxes expanding across fintech, healthcare technology, and advanced manufacturing.</p></li><li><p>The Emirates&#8217; sovereign wealth funds are deploying capital into supply chain resilience infrastructure, including expanded port automation, warehousing capacity, and logistics technology platforms designed to reduce dependency on single-corridor shipping routes affected by ongoing regional tensions.</p></li><li><p>Government-backed business continuity programmes now offer subsidised crisis management consulting, operational resilience assessments, and access to shared infrastructure facilities for small and medium enterprises lacking resources for independent contingency planning.</p></li><li><p>The strategy explicitly targets businesses reconsidering regional headquarters locations, with incentive packages bundling tax advantages, talent visa streamlining, and guaranteed infrastructure access during regional disruption events.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.khaleejtimes.com/business-technology-review/turning-crisis-into-capability-the-uaes-business-advantage">Turning Crisis into Capability: The UAE's Business Advantage | Khaleej Times | April 2026</a></p></li><li><p><a href="https://www.arabianbusiness.com">UAE Strengthens Position as Regional Business Hub Amid Middle East Tensions | Arabian Business | March 2026</a></p></li><li><p><a href="https://www.gulfnews.com">Dubai Free Zones Report Record Business Registrations in Q1 2026 | Gulf News | April 2026</a></p></li><li><p><a href="https://www.thenationalnews.com">Abu Dhabi Industrial Strategy Accelerates Amid Regional Disruption | The National | March 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Regional headquarters decision-makers: </strong>Organisations currently evaluating Middle East or Asia-Pacific hub locations face a narrowing window to secure preferential terms, as early movers lock in infrastructure access, regulatory approvals, and talent pools that late entrants will find constrained or unavailable.</p></li><li><p><strong>Competitors to UAE-based businesses: </strong>Companies competing against UAE-headquartered rivals may face structural cost disadvantages as crisis-tested operations, streamlined logistics, and government-backed resilience programmes translate into faster market response and lower operational friction during ongoing regional instability.</p></li><li><p><strong>Supply chain strategists: </strong>Businesses without Gulf Cooperation Council logistics nodes face increased vulnerability as shipping route disruptions favour companies with diversified regional distribution networks and pre-positioned inventory in crisis-resilient jurisdictions.</p></li><li><p><strong>Talent acquisition teams: </strong>Organisations competing for internationally mobile professionals should anticipate talent migration toward UAE locations offering stability, infrastructure access, and quality-of-life advantages that become more attractive as alternative regional centres experience disruption.</p></li></ul><p><em>These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don&#8217;t know what they are, <a href="https://www.fixinc.io">get in touch.</a></em></p><h2>Preventative actions</h2><h5><strong>Evaluate regional hub strategy against crisis resilience criteria</strong></h5><ul><li><p>Assess whether current headquarters and operational centre locations provide adequate business continuity during sustained regional instability. Map dependencies on infrastructure, logistics corridors, and regulatory environments that may face disruption. Consider whether competitive disadvantages are emerging against rivals positioned in crisis-resilient jurisdictions.</p></li></ul><p><strong>Engage UAE trade and investment authorities</strong></p><ul><li><p>If regional diversification aligns with strategic objectives, establish preliminary discussions with relevant free zone authorities and investment promotion agencies before preferential terms and infrastructure access become constrained. Early engagement provides optionality without commitment.</p></li></ul><p><strong>Stress-test supply chain resilience against Gulf region scenarios</strong></p><ul><li><p>Model operational impacts of sustained logistics disruption through traditional corridors. Identify whether pre-positioned inventory, alternative distribution nodes, or diversified supplier relationships would provide meaningful competitive advantage during extended regional instability.</p></li></ul><div><hr></div><h2>Quick snippet stories</h2><ol><li><p><strong>EU Faces Largest Oil Supply Disruption in History<br></strong>The European Union confronts what energy experts describe as the largest oil supply disruption in market history, with Iran&#8217;s control of the Strait of Hormuz blocking 15-20% of global oil and natural gas flows. While Brussels prepares measures including reduced electricity taxes and grid tariffs, analysts warn Europe is not being sufficiently transparent with populations about crisis severity. Asian nations including Japan, South Korea, India, and Southeast Asian countries face immediate supply disruptions, with delayed impacts reaching European consumers within weeks to months. The crisis builds on 2022 Russian energy tensions, with diminishing alternative supplies as Asian allies increasingly reconsider Russian energy purchases, potentially forcing Europe toward the paradox of renewed Moscow dependency.<br><a href="https://www.france24.com/en/tv-shows/a-propos/20260331-eu-faces-largest-oil-supply-disruption-in-history-energy-expert-says">Main link to resource</a></p></li><li><p><strong>Jubilant FoodWorks Addresses LPG Supply Constraints Amid Middle East Tensions<br></strong>Domino&#8217;s Pizza operator Jubilant FoodWorks has disclosed operational adjustments responding to LPG supply constraints from Middle East disruptions, highlighting how energy dependencies ripple through consumer-facing businesses. The risk extends beyond direct fuel costs to operational continuity, as food service, manufacturing, and retail operations dependent on consistent gas supplies face potential service interruptions. Businesses should audit energy supply chains, identify single-source dependencies, and explore alternative fuel arrangements or operational modifications before constraints intensify.<br><a href="https://scanx.trade/stock-market-news/companies/jubilant-foodworks-addresses-lpg-supply-constraints-amid-middle-east-tensions/36248321)">Main link to resource</a></p></li><li><p><strong>UK Weeks Away from Medicine Shortages as Supply Chains Strain<br></strong>British healthcare faces potential medicine shortages within weeks as Middle East conflict disrupts pharmaceutical supply chains dependent on Asian manufacturing and Gulf shipping routes. The risk extends beyond developed nations, as reduced global supply and increased Western stockpiling may devastate third-world countries heavily reliant on international medical support. When wealthy nations experience scarcity, political pressure to prioritise domestic populations intensifies, potentially redirecting supplies away from nations lacking manufacturing capacity or purchasing power. Organisations should assess medical supply dependencies, identify critical medications requiring stockpiling, and consider implications for workforce health.<br><a href="https://www.theguardian.com/business/2026/mar/28/uk-weeks-away-medicine-shortages-iran-war-impacts-experts-warn">Main link to resource</a></p></li><li><p><strong>Business Interruption Coverage Gaps Exposed by Escalating Global Disruption<br></strong>Current global instability reveals significant gaps in traditional business interruption insurance, with many policies excluding war, civil unrest, cyber events, or supply chain failures from coverage. Businesses assuming insurance provides adequate protection during crisis events may face substantial uninsured losses when claims are denied on policy exclusion grounds. The risk compounds as interconnected disruptions trigger cascading failures across multiple coverage categories. Organisations should conduct immediate policy reviews with brokers, identify exclusion gaps, and assess whether supplementary coverage or increased reserves are necessary given current global conditions.<br><a href="https://truckandfreight.co.za/navigating-uncertainty-rethinking-business-interruption-coverage-in-a-changing-world/">Main link to resource</a></p></li><li><p><strong>New Zealand Tourism Faces Delayed Crisis as Input Costs Surge<br></strong>New Zealand tourism operators report sharp increases in business costs as global disruption flows through supply chains, yet industry response may underestimate the crisis timeline. Tourism Industry Aotearoa&#8217;s chief executive describing the current summer season&#8217;s minimal impact as &#8220;a bit of a blessing&#8221; misses the critical point: the full effects of the Iran conflict and oil crisis will not materialise for six to nine months. This places maximum impact during the Southern Hemisphere summer of 2027, not the current or upcoming ski season. Businesses planning for 2027 summer operations should model significantly elevated input costs and potential demand compression from household budget constraints.<br><a href="https://www.rnz.co.nz/news/business/591019/tourism-industry-leader-says-businesses-are-experiencing-sharp-increase-in-business-costs">Main link to resource</a></p></li></ol><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><div><hr></div><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unbreakable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/gulf-gambit-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/gulf-gambit-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/gulf-gambit-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item><item><title><![CDATA[Audit Assault | Risk Updates for Weeks of 9 March - 23 March '26]]></title><description><![CDATA[Threat concerns this week: Why insurers are showing up unannounced at your door. Data centers under fire in the Middle East. And 5 quick-fire updates on shipping chaos and supply chain pressure.]]></description><link>https://www.unbreakableventures.com/p/audit-assault-risk-updates-for-weeks</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/audit-assault-risk-updates-for-weeks</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Mon, 23 Mar 2026 11:51:24 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/191830347/765e37ffe28bc2cc757627e4770d46f3.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!D91X!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0dabdaa-d04a-4f0a-a365-7bce13f769b7_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!D91X!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0dabdaa-d04a-4f0a-a365-7bce13f769b7_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!D91X!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0dabdaa-d04a-4f0a-a365-7bce13f769b7_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!D91X!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0dabdaa-d04a-4f0a-a365-7bce13f769b7_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!D91X!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0dabdaa-d04a-4f0a-a365-7bce13f769b7_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!D91X!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0dabdaa-d04a-4f0a-a365-7bce13f769b7_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/d0dabdaa-d04a-4f0a-a365-7bce13f769b7_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:638745,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/191830347?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0dabdaa-d04a-4f0a-a365-7bce13f769b7_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!D91X!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0dabdaa-d04a-4f0a-a365-7bce13f769b7_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!D91X!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0dabdaa-d04a-4f0a-a365-7bce13f769b7_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!D91X!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0dabdaa-d04a-4f0a-a365-7bce13f769b7_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!D91X!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0dabdaa-d04a-4f0a-a365-7bce13f769b7_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Hello &#128075; get a brew on because <strong>these are the top emerging risks between March 9th, and March 23rd, 2026&#8230;</strong></p><p><strong><a href="https://fixinc.substack.com/about">Review our report&#8217;s terminology here &#8599;</a></strong></p><p>Our main risk this fortnight is&#8230;</p><h2>1. Economic: Insurance Audits Intensify as Businesses Scramble to Prove Resilience</h2><ul><li><p><a href="https://www.fixinc.io/">Fixinc</a> (owner of Unbreakable Ventures) has observed a marked increase in the frequency, intensity, and on-site presence of insurance audits across their Australian and New Zealand client base over the past three months, with scrutiny previously reserved for $500M+ ARR businesses now extending to smaller organisations.</p></li><li><p>Insurers are conducting on-site audits to scrutinise business continuity plans, business impact analyses, emergency management procedures, and cyber resilience documentation, moving beyond traditional remote reviews to hands-on verification of operational resilience.</p></li><li><p>Fixinc has identified auditor competency concerns in several cases, where insurance auditors conducting reviews lack adequate training in business continuity frameworks and methodologies, creating risks of incorrect advice, delayed resilience programs, and potentially flawed premium assessments.</p></li><li><p>The 2026 Allianz Risk Barometer confirms cyber incidents remain the number one global business risk for the fifth consecutive year, with business interruption ranking third, while only 3% of respondents view their supply chains as &#8220;very resilient&#8221; amid mounting geopolitical pressures.</p></li><li><p>Australian insurers increasingly refuse coverage or impose premium increases for businesses unable to prove baseline security standards, with the Australian Cyber Security Centre&#8217;s Essential 8 becoming the de facto standard for insurer assessment of security posture and the cyber insurance market projected to grow from USD 467 million to nearly USD 2 billion by 2034.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.businessinsurance.com/perspectives-policyholders-face-complex-recovery-environment/)">Perspectives: Policyholders Face Complex Recovery Environment | Business Insurance | February 2026</a></p></li><li><p><a href="https://commercial.allianz.com/news-and-insights/reports/allianz-risk-barometer.html">Allianz Risk Barometer 2026 | Allianz Commercial | January 2026</a></p></li><li><p><a href="https://www.weforum.org/publications/global-risks-report-2026/)">Global Risks Report 2026 | World Economic Forum | January 2026</a></p></li><li><p><a href="https://www.insurancebusinessmag.com/au/news/cyber/australias-cyber-posture-shows-progress--but-gaps-in-controls-and-reporting-keep-insurers-on-alert-565166.aspx">Australia's Cyber Posture Shows Progress but Gaps in Controls and Reporting Keep Insurers on Alert | Insurance Business Magazine | February 2026</a></p></li><li><p><a href="https://www.cyberpulse.com.au/2026/02/25/cyber-insurance-in-australia/">Cyber Insurance in Australia: 2026 Trends | CyberPulse | February 2026</a></p></li><li><p><a href="https://www.dig-in.com/opinion/the-business-insurance-market-is-more-technical-in-2026">The Business Insurance Market Is More Technical in 2026 | Digital Insurance | January 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Universities and higher education institutions:<br></strong>These organisations face heightened scrutiny due to complex stakeholder environments, significant research data holdings, and increasingly targeted cyber threats. Fixinc has directly observed intensified audit activity in this sector across Australia and New Zealand, with auditors examining emergency management procedures and business impact analyses in granular detail.</p></li><li><p><strong>Ports, logistics, and supply chain operators:<br></strong>The WEF Global Risks Report 2026 identifies geoeconomic confrontation and supply chain vulnerability as top-tier risks, with logistics sectors facing differentiated impacts from geopolitical instability. Insurers are closely examining business continuity documentation for critical infrastructure operators, and Fixinc has observed on-site audits specifically targeting these organisations.</p></li><li><p><strong>Critical infrastructure and energy sectors:<br></strong>Both the Allianz Risk Barometer and WEF report highlight energy and critical infrastructure as high-risk categories for 2026. Regulatory frameworks including Australia&#8217;s SOCI Act layer compliance requirements that insurers increasingly reference during underwriting assessments.</p></li><li><p><strong>Financial services and healthcare:<br></strong>Industries subject to stringent data protection regulations face dual pressure from compliance audits and insurance underwriting scrutiny. Business interruption losses from cyber events now rival direct incident response costs, making demonstrated resilience critical to coverage terms.</p></li><li><p><strong>Mid-market businesses assuming exemption:<br></strong>While on-premise audits currently appear reserved for larger organisations, documentation and evidence requirements are extending to smaller businesses. The assumption that only major enterprises face intensive scrutiny no longer holds.</p></li></ul><p><em>These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don&#8217;t know what they are, <a href="https://www.fixinc.io">get in touch.</a></em></p><h2>Preventative actions</h2><h5><strong>Prepare evidence before the audit arrives</strong></h5><ul><li><p>Review and document your business continuity plans, business impact analyses, emergency management procedures, and cyber resilience posture now rather than waiting for insurer notification. Ensure documentation is current, tested, and evidence-based with clear version control and records of most recent exercises. Fixinc will be publishing a detailed guide on preparing for and managing insurance audits in the coming days, view their blog <a href="https://www.fixinc.io/blog/home">here</a>.</p></li></ul><h5><strong>Understand auditor assessment criteria</strong></h5><ul><li><p>Map the typical areas insurers review including risk management frameworks, incident response plans, backup and recovery procedures, supply chain resilience, and governance documentation. The Australian Cyber Security Centre&#8217;s Essential 8 has become the de facto standard for security posture assessment. Ensure you can demonstrate these are operational and tested, not merely documented.</p></li></ul><h5><strong>Challenge findings that contradict best practice</strong></h5><ul><li><p>If an auditor provides feedback that contradicts established business continuity frameworks or your existing resilience methodology, question it directly. Request clarification on the methodology and standards being applied. Fixinc has observed instances where their advisory team has had to guide auditors through best-practice processes, indicating auditor training may not match senior resilience professional standards.</p></li></ul><h5><strong>Request real-time feedback throughout the process</strong></h5><ul><li><p>Do not wait until the audit is complete to understand findings. Ask auditors what they are identifying as they review your documentation, allowing you to address concerns immediately and avoid surprises that could impact premium negotiations or coverage terms.</p></li></ul><h5><strong>Calculate resource requirements and plan capacity</strong></h5><ul><li><p>Audits consume significant internal resources, pushing teams to capacity while managing daily responsibilities alongside audit requirements. Factor this drain into team planning and consider whether external advisory support is needed to manage the audit process without derailing operations or existing resilience programs.</p></li></ul><h5><strong>Demand transparency on resilience-premium linkage</strong></h5><ul><li><p>Strong resilience should directly improve your premium position. If renewal reflects increased premiums despite robust documentation and demonstrated processes, require your insurer to explain the assessment methodology. The connection between resilience investment and insurance outcomes should be explicit and auditable.</p></li></ul><div><hr></div><h2>2. <strong>Technological: Data Centre Strikes Force Businesses to Confront Third-Party Infrastructure Fragility</strong></h2><ul><li><p>Military strikes on data centres during the ongoing Middle East conflict have created unprecedented legal and policy questions about the status of civilian cloud infrastructure during armed conflict, with AWS, Google Cloud, and Microsoft Azure facilities in the region facing potential targeting as dual-use infrastructure.</p></li><li><p>The concentration of global business operations on a small number of cloud providers means a successful strike on major data centres could cascade disruptions far beyond direct customers, affecting third and fourth-party suppliers who rely on the same infrastructure and creating downstream ripple effects across interconnected supply chains.</p></li><li><p>International humanitarian law traditionally protected civilian infrastructure, but the increasing military and intelligence reliance on commercial cloud services has blurred distinctions, with some legal scholars arguing data centres processing military communications may lose protected status under the law of armed conflict.</p></li><li><p>AWS operates data centres across multiple global regions specifically to provide redundancy, yet threat actors increasingly view major cloud providers as strategic targets whose disruption could simultaneously impact government, financial, healthcare, and critical infrastructure systems worldwide.</p></li><li><p>Businesses must now consider whether conflict in the Middle East or other regions could affect their infrastructure through indirect pathways, as a data centre they do not directly use may host critical services for their suppliers, payment processors, or logistics partners.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.techpolicy.press/the-legal-and-policy-fallout-from-data-center-strikes-in-the-middle-east-war/)">The Legal and Policy Fallout From Data Center Strikes in the Middle East War | Tech Policy Press | March 2026</a></p></li><li><p><a href="https://www.weforum.org/publications/global-risks-report-2026/)">Global Risks Report 2026 | World Economic Forum | January 2026</a></p></li><li><p><a href="https://commercial.allianz.com/news-and-insights/reports/allianz-risk-barometer.html">Allianz Risk Barometer 2026: Cyber Incidents Top Global Business Risks | Allianz Commercial | January 2026</a></p></li><li><p><a href="https://harvardnsj.org/articles/cloud-infrastructure-armed-conflict/)">Cloud Infrastructure and Armed Conflict: Emerging Legal Questions | Harvard National Security Journal | February 2026</a></p></li><li><p><a href="https://www.gartner.com/en/documents/data-centre-concentration-risk">Data Centre Concentration Risk and Business Continuity | Gartner Research | January 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Cloud-dependent businesses without geographic redundancy:<br></strong>Organisations relying on single-region cloud deployments face acute risk if that region experiences conflict-related disruption. Even well-established providers like AWS cannot guarantee availability if facilities become military targets, and businesses must understand their actual infrastructure footprint rather than assuming provider resilience.</p></li><li><p><strong>Companies with complex third-party supply chains:<br></strong>Your direct cloud provider may be resilient, but your payment processor, logistics partner, CRM vendor, or accounting software provider may not be. A data centre strike affecting services you do not directly use can still cascade through your supply chain, disrupting operations through fourth and fifth-party dependencies you may not have mapped.</p></li><li><p><strong>Financial services and critical infrastructure operators:<br></strong>These sectors face heightened regulatory scrutiny around operational resilience and must demonstrate they have identified and mitigated concentration risks in their technology supply chains. Regulators increasingly expect documented evidence of third-party infrastructure resilience testing.</p></li><li><p><strong>Businesses with Middle East regional exposure:<br></strong>Organisations with operations, customers, or suppliers in the Gulf region face direct exposure to infrastructure disruption from ongoing conflict. However, global businesses must also consider whether Middle East data centres host any services in their extended supply chain, as geographic distance does not guarantee insulation from regional infrastructure attacks.</p></li></ul><h2>Preventative actions</h2><h5><strong>Map your complete infrastructure dependency chain</strong></h5><ul><li><p>Identify not only your direct cloud providers but the infrastructure dependencies of your critical third-party services including payment processors, logistics platforms, communication tools, and SaaS applications. Understand which data centre regions these services use and whether concentration risks exist that could create correlated failures during a regional disruption event.</p></li></ul><h5><strong>Test for unlikely but possible scenarios</strong></h5><ul><li><p>Conduct tabletop exercises specifically modelling scenarios where major cloud infrastructure goes offline due to conflict, cyberattack, or physical damage. Many businesses have never tested for simultaneous loss of multiple cloud services, yet this scenario is now plausible given the targeting of data centres as strategic infrastructure.</p></li></ul><h5><strong>Demand transparency from cloud providers and vendors</strong></h5><ul><li><p>Request documentation from your cloud providers and critical SaaS vendors about their geographic distribution, redundancy architecture, and continuity plans for regional infrastructure loss. Evaluate whether contractual SLAs address conflict-related disruptions or contain force majeure exclusions that would leave you unprotected.</p></li></ul><h5><strong>Implement geographic and provider diversification</strong></h5><ul><li><p>Where feasible, architect systems to operate across multiple cloud providers and geographic regions. While this increases complexity and cost, concentration on single providers or regions creates systemic risk that may be unacceptable for critical business functions.</p></li></ul><h5><strong>Establish offline fallback procedures</strong></h5><ul><li><p>Identify which business processes could continue with degraded or offline cloud services and document manual or alternative procedures. For functions that cannot operate without cloud infrastructure, ensure leadership understands the recovery time implications of extended outages measured in days or weeks rather than hours.</p></li></ul><div><hr></div><h2>Quick snippet stories</h2><ol><li><p><strong>Strait of Hormuz Shipping Crisis Shows No Signs of Resolution<br></strong>Tanker attacks in the Strait of Hormuz continue to compound global shipping disruptions, with Iran maintaining mobile oil infrastructure positions as the conflict with the United States extends into its fourth week. The critical risk for businesses is the absence of any diplomatic pathway to resolution, meaning each passing week doubles the compounding economic impacts through sustained high oil prices, shipping delays, insurance premium spikes, and supply chain bottlenecks that ripple far beyond the energy sector.<br><a href="https://www.gdnonline.com/Details/1378291/Shipping-disruption-deepens-after-tanker-attacks-in-Hormuz-">Main link to resource</a></p></li><li><p><strong>Global Businesses Maintain Gulf Investment Despite War Volatility<br></strong>Despite ongoing regional conflict and shipping disruptions, multinational companies continue expressing strong confidence in Gulf markets for long-term investment and expansion. The apparent contradiction reflects recognition that Middle East economies offer significant growth opportunities that outlast current instability, with businesses differentiating between short-term operational challenges and fundamental market potential while building enhanced contingency planning into their regional strategies.<br><a href="https://www.thenationalnews.com/business/2026/03/12/global-companies-express-confidence-in-gulf-markets-despite-war-disruption/)">Main link to resource</a></p></li><li><p><strong>Domain Expiry Phishing Campaign Targets Australian Businesses<br></strong>MailGuard has identified a phishing campaign impersonating Vodien that sends fraudulent domain expiry notices designed to harvest payment card details from Australian businesses. The risk extends beyond credential theft to potential domain hijacking if victims provide login credentials, enabling attackers to redirect business web traffic, intercept emails, and conduct further fraud using legitimate company domains as cover for malicious activity.<br><a href="https://www.mailguard.com.au/blog/vodien-domain-expiry-scam-email-targets-payment-card-details">Main link to resource</a></p></li><li><p><strong>Asian Manufacturing Faces Oil Supply Knock-On Effects<br></strong>Morgan Stanley warns that ongoing oil supply disruptions will cascade across key Asian sectors including manufacturing, transportation, and chemicals production, with knock-on effects extending to consumer goods pricing and export competitiveness. Businesses dependent on Asian manufacturing in their supply chains should anticipate production delays, cost increases, and potential component shortages as energy costs flow through regional industrial capacity over coming months.<br><a href="https://www.latestly.com/agency-news/business-news-oil-supply-disruption-to-have-knock-on-effects-across-key-sectors-in-asia-morgan-stanley-7354737.html">Main link to resource</a></p></li><li><p><strong>China Warns Regional Escalation Threatens Global Economic Stability<br></strong>China has urged an immediate halt to military operations in the Middle East, warning that regional escalation threatens global economic stability at a time when supply chains remain fragile from previous disruptions. The intervention signals Beijing&#8217;s concern that conflict-driven oil price spikes and shipping route closures could undermine Chinese economic recovery objectives, while simultaneously positioning China as a potential diplomatic intermediary seeking to preserve trade route access.<br><a href="https://www.businessupturn.com/trade-policy/china-urges-an-immediate-halt-to-military-operations-warning-that-regional-escalation-threatens-global-economic-stability/5386/)">Main link to resource</a></p></li></ol><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><div><hr></div><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unbreakable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/audit-assault-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/audit-assault-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/audit-assault-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item><item><title><![CDATA[The Iran War From Dubai: What Your Newsfeed Is Not Showing You]]></title><description><![CDATA[Ground-level reporting on crisis response, community resilience, and why the gap between media and reality matters for your business.]]></description><link>https://www.unbreakableventures.com/p/the-iran-war-from-dubai-what-your</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/the-iran-war-from-dubai-what-your</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Sat, 14 Mar 2026 00:30:42 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!bzR_!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bzR_!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bzR_!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!bzR_!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!bzR_!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!bzR_!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bzR_!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:692669,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/190369305?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!bzR_!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!bzR_!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!bzR_!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!bzR_!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7fa11225-6a04-41b3-91fa-4911cc4ccb08_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><em>This week, Unbreakable Ventures welcomes <a href="https://www.linkedin.com/in/umaima-farhan/">Umaima Farhan</a> as our newest Resilience Advisor and a regular contributor to this publication. Umaima is based on the ground in Dubai and has been reporting directly to the <a href="https://www.fixinc.io">Fixinc</a> advisory team since the conflict began. What follows is drawn from that correspondence.</em></p><h2>The Gap</h2><p>On 2 March 2026, the UAE President Sheikh Mohamed bin Zayed Al Nahyan walked through Dubai Mall at 9pm. He was accompanied by Sheikh Hamdan bin Mohammed, Crown Prince of Dubai, Deputy Prime Minister, and Minister of Defence. They greeted shoppers. They posed for photos. They sat down for coffee after breaking their Ramadan fast. The Dubai Media Office posted the footage with a caption that translates roughly to: </p><blockquote><p>Do not worry, for the UAE is safe and secure, and its leadership is among its people and close to its nation.</p></blockquote><p>(<a href="https://gulfnews.com/uae/watch-uae-president-minister-of-defence-visit-dubai-mall-1.500461299">Gulf News</a>, <a href="https://www.thenationalnews.com/news/uae/2026/03/03/uae-president-greets-shoppers-in-dubai-mall-in-powerful-show-of-resilience-amid-iran-crisis/">The National</a>)</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!pWRP!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3cfb1f45-ca7c-4e98-99b4-d0d06287b5cb_900x600.webp" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!pWRP!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3cfb1f45-ca7c-4e98-99b4-d0d06287b5cb_900x600.webp 424w, https://substackcdn.com/image/fetch/$s_!pWRP!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3cfb1f45-ca7c-4e98-99b4-d0d06287b5cb_900x600.webp 848w, https://substackcdn.com/image/fetch/$s_!pWRP!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3cfb1f45-ca7c-4e98-99b4-d0d06287b5cb_900x600.webp 1272w, https://substackcdn.com/image/fetch/$s_!pWRP!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3cfb1f45-ca7c-4e98-99b4-d0d06287b5cb_900x600.webp 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!pWRP!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3cfb1f45-ca7c-4e98-99b4-d0d06287b5cb_900x600.webp" width="900" height="600" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/3cfb1f45-ca7c-4e98-99b4-d0d06287b5cb_900x600.webp&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:600,&quot;width&quot;:900,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:53702,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/webp&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/190369305?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3cfb1f45-ca7c-4e98-99b4-d0d06287b5cb_900x600.webp&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!pWRP!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3cfb1f45-ca7c-4e98-99b4-d0d06287b5cb_900x600.webp 424w, https://substackcdn.com/image/fetch/$s_!pWRP!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3cfb1f45-ca7c-4e98-99b4-d0d06287b5cb_900x600.webp 848w, https://substackcdn.com/image/fetch/$s_!pWRP!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3cfb1f45-ca7c-4e98-99b4-d0d06287b5cb_900x600.webp 1272w, https://substackcdn.com/image/fetch/$s_!pWRP!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3cfb1f45-ca7c-4e98-99b4-d0d06287b5cb_900x600.webp 1456w" sizes="100vw"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a><figcaption class="image-caption">UAE President His Highness Sheikh Mohamed bin Zayed Al Nahyan and Sheikh Hamdan bin Mohammed bin Rashid Al Maktoum, Crown Prince of Dubai, Deputy Prime Minister and Minister of Defence.</figcaption></figure></div><p>This happened on the same day the UAE Ministry of Defence confirmed it had intercepted 161 ballistic missiles, 645 drones, and 8 cruise missiles launched by Iran.</p><p>If you were scrolling your newsfeed outside the Middle East that day, you almost certainly did not see the Dubai Mall footage. You saw the missiles. You saw the fires near the Burj Khalifa and the Fairmont on Palm Jumeirah. You saw headlines declaring Dubai&#8217;s safe-haven image &#8220;shattered.&#8221; That framing was not entirely wrong. But it was incomplete. And incomplete framing during a crisis is where bad decisions are made.</p><h2>What the Feed Shows vs. What the Ground Shows</h2><p>Umaima&#8217;s sister lives in New York. She has been panicking. Her newsfeed is full of narratives framing this as a religious war, or a purely pre-emptive strike, without the context that escalation occurred while diplomatic negotiations with Iran were still ongoing in Geneva. US media coverage has also emphasised Dubai as unsafe and suggested foreign professionals are fleeing.</p><p>Umaima&#8217;s actual experience is different. Not safe in the abstract. Not without anxiety. But structured, managed, and continuing.</p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Is this content valuable to you? Subscribe and we&#8217;ll keep it up. It&#8217;s free, and always will be.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><p></p><p>Residents in her building receive instructions through a WhatsApp group chat run by a long-term resident. The UAE's government alert system sends two types of text message: one directing residents to seek evacuation, and a follow-up confirming the situation has passed. At the building level, the response varies. In Umaima's building, the fire alarm sounds if evacuation is required. Otherwise, the instruction is to continue with daily life.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!Pl50!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57a8759e-6113-4a9f-848d-1f65185835f7_1280x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!Pl50!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57a8759e-6113-4a9f-848d-1f65185835f7_1280x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!Pl50!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57a8759e-6113-4a9f-848d-1f65185835f7_1280x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!Pl50!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57a8759e-6113-4a9f-848d-1f65185835f7_1280x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!Pl50!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57a8759e-6113-4a9f-848d-1f65185835f7_1280x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!Pl50!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57a8759e-6113-4a9f-848d-1f65185835f7_1280x720.jpeg" width="1280" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/57a8759e-6113-4a9f-848d-1f65185835f7_1280x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1280,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:310103,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/190369305?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57a8759e-6113-4a9f-848d-1f65185835f7_1280x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!Pl50!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57a8759e-6113-4a9f-848d-1f65185835f7_1280x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!Pl50!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57a8759e-6113-4a9f-848d-1f65185835f7_1280x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!Pl50!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57a8759e-6113-4a9f-848d-1f65185835f7_1280x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!Pl50!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57a8759e-6113-4a9f-848d-1f65185835f7_1280x720.jpeg 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a><figcaption class="image-caption">The text message received on Umaima&#8217;s phone</figcaption></figure></div><p>The sounds are real. Umaima describes interceptions as a fast-moving object across the sky, a quick flash or burst of light, followed seconds later by a loud boom. Near her area by the World Trade Centre, she hears something once or twice a day. Some days, nothing at all. The Dubai Police sent a message warning that photographing, sharing, or reposting critical sites or unverified information can result in legal action.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!F3zU!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7838ce31-086b-455d-90ab-8ec08219a6b6_1280x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!F3zU!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7838ce31-086b-455d-90ab-8ec08219a6b6_1280x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!F3zU!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7838ce31-086b-455d-90ab-8ec08219a6b6_1280x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!F3zU!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7838ce31-086b-455d-90ab-8ec08219a6b6_1280x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!F3zU!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7838ce31-086b-455d-90ab-8ec08219a6b6_1280x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!F3zU!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7838ce31-086b-455d-90ab-8ec08219a6b6_1280x720.jpeg" width="1280" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/7838ce31-086b-455d-90ab-8ec08219a6b6_1280x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1280,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:436001,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/190369305?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7838ce31-086b-455d-90ab-8ec08219a6b6_1280x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!F3zU!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7838ce31-086b-455d-90ab-8ec08219a6b6_1280x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!F3zU!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7838ce31-086b-455d-90ab-8ec08219a6b6_1280x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!F3zU!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7838ce31-086b-455d-90ab-8ec08219a6b6_1280x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!F3zU!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7838ce31-086b-455d-90ab-8ec08219a6b6_1280x720.jpeg 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a><figcaption class="image-caption">An example of the local alert notifications</figcaption></figure></div><p>A drone struck the parking lot adjacent to the US Consulate in Dubai on 3 March. Secretary of State Marco Rubio confirmed no personnel were injured. (<a href="https://time.com/7382378/iran-war-us-consulate-drone-strike-retaliatory-attacks/">TIME</a>) Umaima&#8217;s helper was near the scene and told her the fire was quickly handled. Emergency services arrived fast, told the crowd to move back, and that was it. Most people continued with their day. In Dubai, the rules are strict, especially for expats. People do not exaggerate or create chaos.</p><p>Two days after the first strikes, Holi was celebrated in the streets of Dubai. People threw colours, danced, and marked the festival as they do every year. Not at the same scale. A massive event weeks earlier had drawn thousands, with an India-Pakistan cricket match as a centrepiece. The Holi celebrations during the conflict were smaller, quieter, mostly within friend groups and communities. But they happened. Ramadan continued. Iftaar events went ahead. A badminton group chat organised art therapy and sound therapy sessions led by a psychologist in the group. A charity drive collected donations for children injured in Iran.</p><p>None of this made the international newsfeed. The leadership walking through a shopping mall during an active missile defence operation tells you something about the actual threat level that no amount of headline writing can convey.</p><h2>The Business Continuity Picture</h2><p>The media narrative around Dubai&#8217;s economy focuses on cancellations, capital flight, and chaos. There is truth in that. Hotel bookings dropped over 50%. Emirates initially suspended operations before resuming at around 60% capacity by 6 March. Tourism is taking a significant hit.</p><p>But the operational picture on the ground is more measured than the headlines suggest.</p><p>Hedge funds and multinational firms in the Dubai International Financial Centre moved into contingency mode early. Many have since resumed fuller on-site operations while keeping flexible work options available. (<a href="https://news.bloomberglaw.com/private-equity/hedge-funds-banks-forced-into-contingency-mode-in-the-uae-1">Bloomberg Law</a>) DP World confirmed all Jebel Ali terminals were operating normally with enhanced safety measures. (<a href="https://www.khaleejtimes.com/business/all-jebel-ali-terminals-are-operating-normally-says-dp-world">Khaleej Times</a>) <a href="https://gulfnews.com/business/markets/ad-ports-says-uae-terminals-operating-normally-amid-tensions-1.500462891">AD Ports reported the same.</a> ADNOC confirmed onshore operations continued using emergency protocols and alternative export routes. (<a href="https://gulfnews.com/uae/adnoc-says-operations-continue-normally-despite-regional-developments-1.500466977">Gulf News</a>)</p><p>The UAE government warned 449 firms over price hikes since the conflict began, actively managing market stability as part of its continuity posture. (<a href="https://www.khaleejtimes.com/business/uae-warns-449-firms-for-hiking-prices-since-regional-military-conflict-began">Khaleej Times</a>)</p><p>Schools and universities moved to distance learning under a Ministry of Education directive, with a return date communicated through official channels, Khaleej Times, Gulf News, and Lovin Dubai on Instagram. The messaging was consistent. One directive, one date, one set of instructions. For context, after the Christchurch terrorist attack in 2019, Fixinc (publication owners of Unbreakable Ventures) observed schools across the city sending contradictory messages because the Ministry of Education provided no guidance. This caused significant unrest particularly from parents. Dubai&#8217;s coordinated approach here is notable.</p><p>The Dubai Metro kept running. Roads stayed open. No curfews were imposed. Transport infrastructure continued to function. The government communicated early that there was enough stock in the country for at least four to six months of food and basic necessities. Residents were asked not to panic-buy, and most followed that guidance.</p><p>Umaima&#8217;s father works in electronics and appliance trading. His company is navigating uncertainty around airspace closures affecting deliveries. Their US offices are supporting operations while the Dubai team manages the situation day by day. That is business continuity in practice. Not a press release. Not a framework diagram. A team adjusting in real time.</p><h2>The Water Question</h2><p>One of the sharper risks in any Gulf conflict is water. The UAE is heavily dependent on desalination. A targeted strike on key infrastructure would create a serious humanitarian problem.</p><p>But the picture is more resilient than some reporting suggests. The UAE has approximately 70 desalination plants across the country. A similar incident in Bahrain, where a drone strike damaged part of a desalination facility, did not disrupt the national water supply. The Financial Times reported that the UAE maintains around 45 days of strategic water reserves as a contingency buffer. (<a href="https://www.ft.com/content/f273fa16-ff7f-4207-a9ae-abce5de93144">Financial Times</a>)</p><p>The risk is real. Acknowledging the redundancy does not dismiss it. But reacting to a headline about two weeks of water supply without understanding the distributed nature of the infrastructure is exactly the kind of gap this article is about.</p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/the-iran-war-from-dubai-what-your?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help share this useful information with a friend of colleague. After all, resilience is about community and communication.</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/the-iran-war-from-dubai-what-your?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/the-iran-war-from-dubai-what-your?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><h2>The Information Architecture That Actually Works</h2><p>One of the most interesting findings from Umaima&#8217;s reporting is where people are actually getting their information. It is not government websites. It is not traditional news. It is Instagram and WhatsApp.</p><p>The two most widely followed sources in Dubai are @LovinDubai and @modgovae (the UAE Ministry of Defence). Updates are fast, trusted, and accessible. Emergency contact numbers were shared across community Instagram pages and reposted widely within the first hours of the conflict.</p><p>For the older generation, WhatsApp is the primary channel. Umaima&#8217;s grandparents in Kuwait rely on WhatsApp group chats where members flag information as &#8220;verified&#8221; or &#8220;unverified&#8221; themselves. During COVID, this same pattern played out. WhatsApp gives quick, digestible updates. News broadcasts feel overwhelming.</p><p>Meanwhile, the US Embassy&#8217;s crisis notification system required an American phone number to register. Umaima could only sign up because her sister lives in the US. The crisis intake form returned an error the first time she submitted it. These are not minor UX issues. For an American citizen in a conflict zone, the inability to register for emergency notifications is a critical failure of crisis communication.</p><div class="instagram-embed-wrap" data-attrs="{&quot;instagram_id&quot;:&quot;DVgjTxpjGGD&quot;,&quot;title&quot;:&quot;US Mission to the UAE on Instagram: \&quot;Repost from @secrubio X ac&#8230;&quot;,&quot;author_name&quot;:&quot;@usainuae&quot;,&quot;thumbnail_url&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/__ss-rehost__IG-meta-DVgjTxpjGGD.jpg&quot;,&quot;like_count&quot;:null,&quot;comment_count&quot;:null,&quot;profile_pic_url&quot;:null,&quot;follower_count&quot;:null,&quot;timestamp&quot;:null,&quot;belowTheFold&quot;:true}" data-component-name="InstagramToDOM"></div><p>The contrast is worth sitting with. The UAE&#8217;s Ministry of Defence is posting bilingual alerts on Instagram that reach millions within minutes. The US Embassy&#8217;s notification system does not work without a domestic phone number.</p><h2>What This Means For Your Business</h2><p><a href="https://www.fixinc.io/bio/brad-law">Brad Law</a>, Co-Founder and Head of Advisory at Fixinc, puts it simply: </p><blockquote><p>The way you structure your information management during a crisis could be the difference between a measured response and a costly misstep. It is never too late to ask within your organisation how developed your situational awareness strategy actually is.</p></blockquote><p>In practice, this comes down to three disciplines: <strong>collect, assess, act.</strong></p><p>Start with collection. Identify credible sources for obtaining information. First-hand insight is always the most valuable, as this article demonstrates through Umaima&#8217;s reporting from the ground. Maintain multiple channels for sourcing that information, because some will go offline or fail during a crisis. </p><blockquote><p>The US Embassy&#8217;s notification system is a case in point. Be prepared to distinguish between facts and assumptions from the outset, and establish how each will be handled. Log everything. If it is not recorded, it did not happen. </p><p>Then assess. Build mechanisms for evaluating incoming information against potential business impacts across people, operations, financial exposure, and regulatory obligations. Maintain a regular cadence for reassessment. What starts as an assumption on day one may become a verified fact by day three. Your response should evolve with the picture, not stay anchored to the first report you received.</p><p>Then act. Assessment without action is just commentary. Ensure that the information you have collected and evaluated generates clear outputs: situation reports, stakeholder briefings, media statements, or the activation of business continuity plans and IT disaster recovery. These are the tangible products of good situational awareness.</p><p>And then repeat. Collect, assess, act. Refine the picture as new information emerges. The situation in Dubai changed materially between the first weekend and the following Wednesday. Organisations that locked into a single response posture on day one and never revisited it were making decisions on stale intelligence by midweek.</p></blockquote><p>If your organisation has operations in the Gulf, employees based in the region, or supply chain dependencies that route through the Middle East, the lesson here is straightforward. Your crisis response should not be driven by your newsfeed.</p><p><strong>Establish direct, on-the-ground contacts.</strong> Umaima&#8217;s reporting has been more accurate, more timely, and more nuanced than anything published by international media in the first week. If you do not have someone in-country feeding you verified information, you are making decisions based on incomplete data.</p><p><strong>Verify before you react.</strong> The gap between what international media reports and what is happening on the ground is significant. A business that activated a full evacuation based on early headlines may have overreacted. A business that assumed everything was fine based on the same headlines may have underreacted. Neither position was informed.</p><p><strong>Watch the local channels.</strong> Instagram accounts like @LovinDubai and @modgovae are faster and more accurate than most wire services for on-the-ground updates in Dubai. WhatsApp group chats within buildings and communities are providing real-time, localised instructions. If your risk team is not monitoring these, they are missing the most relevant signal.</p><p><strong>Do not confuse media volume with threat severity. </strong>The fact that Holi celebrations continued in the streets, that the President and Minister of Defence walked through a shopping mall during active missile interceptions, and that the Metro kept running, does not mean the situation is not serious. It means the response is proportionate. Your response should be too.</p><h2>The Bigger Point</h2><p>Every crisis produces a gap between what the media reports and what is actually happening. That gap is where overreaction lives. It is where panic buys, unnecessary evacuations, and poorly timed decisions are born.</p><p>Umaima put it well: </p><blockquote><p>The general message people seem to be getting here in Dubai is that you should be cautious but not panic.</p></blockquote><p>That is the message for your business too. Be cautious. Monitor. Plan. Activate when the facts warrant it. But do not let a newsfeed written for clicks dictate your crisis response. The people who started this conflict are doing a worse job communicating with their own citizens than the local government managing the fallout. That should tell you something about where to place your trust.</p><p>The view from the ground is always clearer than the view from the feed.</p><div><hr></div><p><em>Umaima Farhan is a Resilience Advisor at Fixinc and a regular contributor to Unbreakable Ventures. She is based in Dubai.</em></p><p><em>If you need help building a crisis response plan or understanding how the current conflict may affect your operations, the same Advisors who collate these insights are available for a 30-minute consultation. <a href="https://www.fixinc.io/blog/book-a-call">Book time here.</a></em></p>]]></content:encoded></item><item><title><![CDATA[The Pin: How the Strait of Hormuz Could Burst the AI Bubble]]></title><description><![CDATA[The war in Iran, the closure of Hormuz, and the connection between natural gas powering your AI tools.]]></description><link>https://www.unbreakableventures.com/p/the-pin-how-the-strait-of-hormuz</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/the-pin-how-the-strait-of-hormuz</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Wed, 11 Mar 2026 21:28:35 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!zuSW!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!zuSW!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!zuSW!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!zuSW!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!zuSW!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!zuSW!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!zuSW!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:614349,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/190584692?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!zuSW!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!zuSW!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!zuSW!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!zuSW!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11964555-f12e-4f9a-a1f8-db78d6f3a3f6_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>In my previous piece, <a href="https://www.unbreakableventures.com/p/the-subprime-genai-crisis">The Subprime GenAI Crisis</a>, I laid out the financial fragility of the AI industry. The losses, the unsustainable burn rates, the circular funding. What I didn&#8217;t cover was the physical vulnerability. The thing that actually keeps the lights on.</p><p>This article connects two stories that the media is covering separately but almost nobody is linking together. The first: the US-Israeli war in Iran and the closure of the Strait of Hormuz. The second: the AI industry&#8217;s near-total dependence on natural gas to power data centres. When you draw a line between them, the picture is not pretty.</p><p>If you are a business leader, board member, or risk professional who has spent the last 18 months embedding AI into your operations because everyone told you to, this matters. A lot.</p><h2>The Strait</h2><p>Let&#8217;s start with the geography.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!JjtN!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8b7d648b-4387-49e1-a9ab-65d844d6039b_1400x934.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!JjtN!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8b7d648b-4387-49e1-a9ab-65d844d6039b_1400x934.jpeg 424w, https://substackcdn.com/image/fetch/$s_!JjtN!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8b7d648b-4387-49e1-a9ab-65d844d6039b_1400x934.jpeg 848w, https://substackcdn.com/image/fetch/$s_!JjtN!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8b7d648b-4387-49e1-a9ab-65d844d6039b_1400x934.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!JjtN!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8b7d648b-4387-49e1-a9ab-65d844d6039b_1400x934.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!JjtN!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8b7d648b-4387-49e1-a9ab-65d844d6039b_1400x934.jpeg" width="1400" height="934" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/8b7d648b-4387-49e1-a9ab-65d844d6039b_1400x934.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:934,&quot;width&quot;:1400,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:335666,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/190584692?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8b7d648b-4387-49e1-a9ab-65d844d6039b_1400x934.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!JjtN!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8b7d648b-4387-49e1-a9ab-65d844d6039b_1400x934.jpeg 424w, https://substackcdn.com/image/fetch/$s_!JjtN!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8b7d648b-4387-49e1-a9ab-65d844d6039b_1400x934.jpeg 848w, https://substackcdn.com/image/fetch/$s_!JjtN!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8b7d648b-4387-49e1-a9ab-65d844d6039b_1400x934.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!JjtN!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8b7d648b-4387-49e1-a9ab-65d844d6039b_1400x934.jpeg 1456w" sizes="100vw"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>The Strait of Hormuz is a narrow channel between Iran and Oman. At its narrowest, it&#8217;s 21 nautical miles wide. Around <a href="https://www.eia.gov/todayinenergy/detail.php?id=65504">20% of the world&#8217;s oil and a similar share of its liquefied natural gas</a> (LNG) flows through it every year.</p><p>On 28 February 2026, the US and Israel launched coordinated airstrikes on Iran under Operation Epic Fury. Iran retaliated with missile and drone attacks across the Gulf. Within hours, Iran&#8217;s Revolutionary Guard Corps declared the Strait closed, <a href="https://www.aljazeera.com/economy/2026/3/3/shutdown-of-hormuz-strait-raises-fears-of-soaring-oil-prices">warning that any vessel attempting to pass would be set &#8220;ablaze.&#8221;</a></p><p>By early March, <a href="https://en.wikipedia.org/wiki/2026_Strait_of_Hormuz_crisis">tanker traffic through the Strait had dropped to zero</a>. Protection and indemnity insurance was pulled. Major shipping companies including Maersk suspended all crossings. Over 150 ships sat anchored outside the strait with nowhere to go.</p><p>The result was immediate. Crude oil jumped from around $67 per barrel to nearly <a href="https://time.com/7383060/gas-prices-iran-war-oil/">$100 in under a week</a>. The US national average for petrol rose 14% in seven days. European natural gas futures <a href="https://www.cnbc.com/2026/03/02/iran-oil-gas-prices-strait-hormuz.html">surged over 40%</a> on the first Monday of the conflict.</p><p>Daniel Yergin, vice chair of S&amp;P Global and one of the world&#8217;s foremost energy historians, <a href="https://fortune.com/2026/03/08/oil-prices-nightmare-scenario-biggest-output-disruption-us-iran-war/">called it a &#8220;nightmare scenario&#8221;</a> and warned that the world is looking at the biggest disruption in oil production in history. Nobel-winning economist Paul Krugman wrote that the continued closure of the Strait represents <a href="https://paulkrugman.substack.com/p/dire-strait">a shock to world oil supplies bigger than the oil crises of the 1970s</a>.</p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Learning something new? How about subscribing and we&#8217;ll keep that up weekly.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><h2>Why It Won&#8217;t End Quickly</h2><p>As Ed Zitron lays out in his <a href="https://www.wheresyoured.at/the-beginning-of-history/">excellent newsletter piece on the situation</a>, there are essentially four ways this ends: Iran reopens the strait voluntarily, the security situation improves enough for ships to pass, the Iranian government is overthrown, or both sides reach a deal.</p><p>None of those looks imminent.</p><p>Trump has demanded unconditional surrender. Iran has chosen Khamenei&#8217;s son, reportedly a hardliner, as the new Supreme Leader. Iran&#8217;s Shahed drones are cheap, mass-produced, and effective enough that even <a href="https://www.wheresyoured.at/the-beginning-of-history/">Ukraine, with years of experience, still cannot fully counter them</a>. Robin Brooks of the Brookings Institution <a href="https://fortune.com/2026/03/08/oil-prices-nightmare-scenario-biggest-output-disruption-us-iran-war/">put it bluntly</a> on why this matters: all Iran needs is to sneak through a couple of drones to blow up <strong>one</strong> ship and the situation escalates from serious to catastrophic.</p><p>Iran are prepared for this conflict. Some academics have warned that the nation has prepared for a US attack for over two decades. Surrendering to any US demands is unlikely.</p><p>Krugman also flags a critical non-linearity: a two-week closure is far more than twice as damaging as a one-week closure. As producers shut down wells, restarting them <a href="https://www.aljazeera.com/news/2026/3/8/iran-war-threatens-prolonged-impact-on-energy-markets-as-oil-prices-rise">could take weeks or months</a>, regardless of when a ceasefire is reached. Iraq has already cut output by 60%. Kuwait and the UAE have followed. Qatar shut down its Ras Laffan LNG facility entirely after Iranian drone strikes hit its infrastructure.</p><p>That last point is the one that matters most for this article.</p><h2>The Fuel Behind AI</h2><p>Here is what few are connecting.</p><p>The AI data centre boom runs on natural gas. Not in theory. Not as a backup. As the primary fuel source, right now, today.</p><p>A <a href="https://www.axios.com/2026/02/04/ai-natural-gas-power-data-centers">February 2026 report from Cleanview</a> found that nearly 75% of planned on-site power equipment for data centres is natural gas. They identified 46 data centres building their own power generation, with a combined capacity of 56 gigawatts. Despite press releases touting renewables and nuclear, the equipment actually being installed is, in Cleanview&#8217;s words, &#8220;almost entirely gas-powered.&#8221;</p><p>The reason is simple. The grid cannot keep up. Getting connected to a local utility can take <a href="https://www.marketplace.org/story/2026/02/04/more-data-centers-plan-to-build-their-own-natural-gas-plants-for-power">up to five years</a>. Nuclear is 7 to 12 years out. Solar and wind cannot provide the firm, uninterrupted baseload power AI workloads demand. Natural gas can be deployed now. So that is what they are building.</p><p>The examples are everywhere:</p><ul><li><p><strong>Stargate Abilene</strong> (OpenAI/Oracle): Powered by <a href="https://www.datacenterdynamics.com/en/news/natural-gas-plant-planned-for-stargate-ai-data-center-campus-report/">over 1 GW of natural gas turbines</a>, largely off-grid.</p></li><li><p><strong>Stargate Shackelford County</strong> (OpenAI/Oracle): Entirely off-grid, running on <a href="https://www.constructionowners.com/news/oracle-and-openai-to-power-new-texas-data-center-off-the-grid">700 MW of natural gas generators</a> via Voltagrid.</p></li><li><p><strong>xAI Colossus</strong> (Elon Musk, Memphis): Powered by natural gas generators, with a <a href="https://innovatrix.eu/second-stargate-data-center-in-texas-will-be-powered-off-the-grid/">private gas plant planned in Mississippi</a>.</p></li><li><p><strong>Bloom Energy fuel cells</strong>: Natural gas-powered fuel cells deployed for <a href="https://www.axios.com/2026/02/06/bloom-energy-ai-data-centers-nvidia">Oracle, AEP, and Brookfield</a> data centres. Stock up over 400% in the past year.</p></li><li><p><strong>Permian Basin builds</strong>: Multiple off-grid natural gas data centres, including CloudBurst/Energy Transfer (1.2 GW) and the Nvidia-backed Poolside/CoreWeave Horizon campus (2 GW).</p></li></ul><p>The <a href="https://www.marketplace.org/story/2026/02/04/more-data-centers-plan-to-build-their-own-natural-gas-plants-for-power">Global Energy Monitor found</a> that proposals for new natural gas facilities in the US tripled in 2025 compared to the year before. The US is now planning over 250 gigawatts of new natural gas energy capacity. A large portion of that is being driven by data centres.</p><p>Natural gas is not a bridge fuel for AI. It is the foundation.</p><h2>The Collision</h2><p>So what happens when the primary fuel source for the AI boom is caught in the crosshairs of a global energy crisis? Perhaps we&#8217;re looking at the perfect storm. Perhaps this is the final act that will burst the inevitable bubble.</p><p>The direct impact on US natural gas prices has been relatively contained so far. On the first Monday of the conflict, US prices rose about 5%, compared to the 40-45% surge in Europe. That&#8217;s because the US is a net exporter of gas, not an importer. But as the <a href="https://www.ft.com/content/fb837a9d-6334-43da-a58d-cb9830dc68fe">Financial Times reports</a>, US LNG producers are now racing to redirect cargoes to take advantage of skyrocketing European and Asian prices, where LNG spot prices have <a href="https://www.cnbc.com/2026/03/09/theres-another-energy-market-that-may-get-hit-harder-than-oil-by-strait-of-hormuz-closure.html">nearly doubled</a>.</p><p>This is the mechanism that will hit American data centres. When US gas producers can sell to Europe at 50% higher prices, they will. Domestic supply gets tighter. Domestic prices rise. Scott Shelton of TP ICAP told the Financial Times </p><blockquote><p>Whatever we can put on a boat we are going to send.</p></blockquote><p> Saul Kavonic of MST Marquee was even clearer: </p><blockquote><p>Nothing can make up for the loss of Qatari LNG.</p></blockquote><p>Rapidan Energy, one of the most respected energy advisory firms, <a href="https://www.cnbc.com/2026/03/09/theres-another-energy-market-that-may-get-hit-harder-than-oil-by-strait-of-hormuz-closure.html">warned CNBC</a> that LNG could be hit harder than crude oil in the long run, because LNG production is more concentrated and harder to ramp up. Qatar&#8217;s Ras Laffan, which produces roughly a fifth of global LNG, is a single facility. It is now offline. QatarEnergy has delayed expansion plans until 2027.</p><p>Meanwhile, Counterpoint Research <a href="https://www.cnbc.com/2026/03/10/iran-war-semiconductor-memory-chip-impact.html">told CNBC</a> that electricity accounts for roughly half of a data centre&#8217;s operating expenses. If energy costs spike and stay elevated, data centre operators may be forced to cut capital spending and reduce demand for AI infrastructure.</p><p>Brad Gastwirth of Circular Technology <a href="https://www.fierce-network.com/cloud/iran-conflict-puts-global-data-centers-risk">put it plainly</a>: </p><blockquote><p>For the technology sector the immediate risk is not a direct interruption in semiconductor production but a broader inflationary impact through energy and transportation costs.</p></blockquote><p>The maths is not complicated. If the fuel behind AI gets significantly more expensive, everything downstream gets more expensive. Training runs. Inference. API calls. The subscriptions your company is paying for ChatGPT, Claude, Copilot. All of it.</p><p>Investor patience on profitable AI companies must run dry at some point. And conflict is an honest excuse to lean on cash, precious metals, and a sit and wait strategy. How will OpenAI and Anthropic function when investors simply go quiet but energy prices rise?</p><h2>The Gap in Reporting</h2><p>This brings us to a broader point about how this information reaches you.</p><p>In <em>The Black Swan</em>, Nassim Taleb makes the observation that journalists reporting in lockstep naturally causes opinion to converge and <em>dimensionality</em> to shrink. Everyone ends up using the same items as causes, telling the same story, landing on the same conclusions.</p><p>That is exactly what is happening here. Energy journalists are covering the Hormuz crisis. Tech journalists are covering AI data centre power. Few, if any, are drawing a line between the two. The result is that business leaders, risk professionals, and boards are making decisions about AI adoption without understanding that the energy supply powering these tools is under significant, sustained threat.</p><p>The media has spent two years telling you to adopt AI or get left behind. That same media is not yet telling you that the cost of running AI is about to get materially more expensive, with no clear timeline for resolution. At what point does the cost to use ChatGPT outweigh the return?</p><h2>What To Watch</h2><p>If you are responsible for technology strategy, operational resilience, or enterprise risk, here are the signals to monitor:</p><ul><li><p><strong>US natural gas spot prices.</strong> The Henry Hub benchmark is currently around $2.96 per MMBtu. If it pushes past $4 and sustains there, data centre operating costs will feel it.</p></li><li><p><strong>LNG export volumes from the US.</strong> As producers redirect gas to higher-priced markets in Europe and Asia, domestic supply will tighten.</p></li><li><p><strong>AI service pricing changes.</strong> Watch for adjustments to API pricing, subscription tiers, or usage caps from major providers. These will be the first visible signs of cost pressure.</p></li><li><p><strong>Data centre construction delays.</strong> Higher energy costs, higher materials costs, higher labour costs. Stargate is already <a href="https://www.wheresyoured.at/the-beginning-of-history/">behind schedule</a>. This will get worse.</p></li><li><p><strong>Fed interest rate signals.</strong> If energy-driven inflation forces rates up, the <a href="https://www.unbreakableventures.com/p/the-subprime-genai-crisis">entire debt structure underpinning AI infrastructure</a> becomes more fragile.</p></li></ul><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/the-pin-how-the-strait-of-hormuz?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Don&#8217;t be the only one to know this. Share with your colleagues and help them today.</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/the-pin-how-the-strait-of-hormuz?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/the-pin-how-the-strait-of-hormuz?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><h2>What To Do Now</h2><p>The advice here is not to rip out your AI tools tomorrow. It is to stress-test your assumptions.</p><p>If your organisation has made AI central to its operations, ask the uncomfortable question: </p><blockquote><p><strong>what happens if the cost of those tools doubles? What happens if API rate limits tighten? What happens if providers raise prices to cover their own rising costs, or worse, if some of these companies go under because their already-unsustainable economics get hit by an energy shock they never planned for?</strong></p></blockquote><p>Build optionality. Maintain manual or lower-tech fallbacks for critical workflows. Diversify your provider stack. And above all, stop making long-term strategic commitments based on the assumption that AI will remain cheap and abundant.</p><p>The media-driven FOMO that pushed everyone to embed AI into everything did not account for a war in the Middle East closing a 21-mile-wide strait. But the physical world does not care about hype cycles. Oil tankers are sitting still. Gas prices are climbing. The natural gas turbines running AI&#8217;s biggest data centres are about to get a lot more expensive to feed.</p><p>The bubble was already fragile. This might be the pin.</p><div><hr></div><p><em>Ollie Law is Co-Founder and Managing Director of <a href="https://fixinc.io">Fixinc</a>, a resilience advisory firm based in Oceania and ASEAN, and Editor-in-Chief of <a href="https://www.unbreakableventures.com">Unbreakable Ventures</a> and the UV podcast. He writes about risk, technology, and business.</em></p>]]></content:encoded></item><item><title><![CDATA[Quantum Countdown | Risk Updates for Weeks of 9 February - 9 March '26]]></title><description><![CDATA[Threat concerns this week: Why your encryption has an expiry date. Singapore SMEs fight for survival support. And 5 quick-fire threats on AI weapons and vendor failures.]]></description><link>https://www.unbreakableventures.com/p/quantum-countdown-risk-updates-for</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/quantum-countdown-risk-updates-for</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Tue, 10 Mar 2026 10:14:26 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/190478038/9865fa91a7fe14b805aa23c50c113903.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!ac4x!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3151c30a-df1a-4de4-bad6-a8fa247f8ad3_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!ac4x!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3151c30a-df1a-4de4-bad6-a8fa247f8ad3_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!ac4x!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3151c30a-df1a-4de4-bad6-a8fa247f8ad3_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!ac4x!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3151c30a-df1a-4de4-bad6-a8fa247f8ad3_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!ac4x!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3151c30a-df1a-4de4-bad6-a8fa247f8ad3_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!ac4x!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3151c30a-df1a-4de4-bad6-a8fa247f8ad3_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/3151c30a-df1a-4de4-bad6-a8fa247f8ad3_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:600649,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/190478038?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3151c30a-df1a-4de4-bad6-a8fa247f8ad3_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!ac4x!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3151c30a-df1a-4de4-bad6-a8fa247f8ad3_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!ac4x!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3151c30a-df1a-4de4-bad6-a8fa247f8ad3_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!ac4x!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3151c30a-df1a-4de4-bad6-a8fa247f8ad3_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!ac4x!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3151c30a-df1a-4de4-bad6-a8fa247f8ad3_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Hello &#128075; get a brew on because <strong>these are the top emerging risks between February 9th, and March 9th, 2026&#8230;</strong></p><p>We&#8217;ve been away for the last few weeks as some of our team deal with relocating across Asia. If you missed it, <a href="https://www.unbreakableventures.com/p/now-is-the-time-of-monsters-key-takeaways">check out our deep dive</a> on the World Economic Forum&#8217;s Global Risk Report 2026. Also coming up this month, we will take a look at the on-ground experience of the Iran conflict. Is what we&#8217;re seeing on media a true reflection of reality in the UAE?</p><p><strong><a href="https://fixinc.substack.com/about">Review our report&#8217;s terminology here &#8599;</a></strong></p><p>Our main risk this fortnight is&#8230;</p><h2>1. <strong>Technological: Your Encryption Has an Expiry Date</strong></h2><ul><li><p>Imagine a computer that doesn&#8217;t think in simple yes-or-no answers, but can explore millions of possibilities simultaneously. That&#8217;s quantum computing. Traditional computers process information as bits&#8212;either 0 or 1. Quantum computers use &#8220;qubits&#8221; that can exist as both 0 and 1 at the same time, a phenomenon called superposition. This allows them to solve certain complex problems exponentially faster than conventional machines. While still in early stages, quantum computers are advancing rapidly, and the encryption protecting virtually everything digital today was designed for a world where these machines didn&#8217;t exist.</p></li><li><p>Google&#8217;s latest announcement confirms what cryptographers have warned for years: quantum computers capable of breaking current encryption standards are no longer theoretical. They&#8217;re an engineering challenge with a visible timeline, potentially within the next decade.</p></li><li><p>The threat isn&#8217;t just future-facing. Adversaries are already harvesting encrypted data today using &#8220;harvest now, decrypt later&#8221; strategies, stockpiling sensitive communications, financial records, and state secrets to crack once quantum capability matures.</p></li><li><p>Current RSA and ECC encryption (the backbone of secure internet communications, banking systems, government networks, and corporate infrastructure) becomes mathematically trivial to break with sufficiently powerful quantum processors.</p></li><li><p>Most organisations operate on 3-5 year planning cycles while quantum-resistant migration requires 10-15 years of infrastructure overhaul, creating a dangerous gap between threat timelines and organisational preparedness.</p></li><li><p>NIST has already published post-quantum cryptographic standards, yet adoption remains minimal across industries that have spent decades building systems on encryption they assumed would remain secure indefinitely.</p></li><li><p>The challenge extends beyond technology replacement: organisations must audit every system, protocol, certificate, and data store touching cryptographic functions. A scope most have never fully mapped.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.cybersecurity-insiders.com/google-just-told-you-your-encryption-is-on-borrowed-time-most-organizations-wont-listen/">Google Just Told You Your Encryption Is on Borrowed Time | Cybersecurity Insiders | February 2026</a></p></li><li><p><a href="https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards">NIST Releases First 3 Finalized Post-Quantum Encryption Standards | NIST | August 2024</a></p></li><li><p><a href="https://research.ibm.com/quantum-computing">Quantum Computing Progress and Cryptographic Implications | IBM Research | 2025</a></p></li><li><p><a href="https://www.technologyreview.com/quantum-computing-encryption">Harvest Now, Decrypt Later: The Quantum Threat Timeline | MIT Technology Review | 2025</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Financial services and banking institutions: </strong>Your entire transaction security model&#8212;from customer authentication to interbank transfers&#8212;relies on encryption quantum computers will eventually break. Data encrypted today containing account details, transaction histories, and customer identities remains valuable for decades.</p></li><li><p><strong>Healthcare organisations holding long-term patient data: </strong>Medical records have indefinite sensitivity. Patient data encrypted today using current standards will remain sensitive in 15 years when quantum decryption becomes feasible, meaning today&#8217;s protection becomes tomorrow&#8217;s breach.</p></li><li><p><strong>Government contractors and defence suppliers: </strong>Nation-state adversaries are actively harvesting encrypted government communications now and they&#8217;re doing this quietly. If you handle classified information, strategic planning documents, or defence intellectual property, assume hostile actors are building archives for future decryption.</p></li><li><p><strong>Critical infrastructure operators: </strong>Energy grids, water systems, and telecommunications networks operate on multi-decade infrastructure cycles. Systems being deployed today will still be operational when quantum computers mature, requiring cryptographic agility built into current procurement decisions.</p></li><li><p><strong>Any organisation storing data with long-term confidentiality requirements: </strong>Trade secrets, legal documents, M&amp;A communications, intellectual property, anything requiring confidentiality beyond 2035 faces exposure risk from today&#8217;s encryption choices</p></li></ul><p><em>These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don&#8217;t know what they are, <a href="https://www.fixinc.io">get in touch.</a></em></p><h2>Preventative actions</h2><h5><strong>Conduct cryptographic asset inventory now</strong></h5><ul><li><p>Begin immediately mapping every cryptographic dependency across your infrastructure&#8212;certificates, encryption protocols, key management systems, and third-party services using cryptography. You cannot migrate what you haven&#8217;t catalogued, and most organisations drastically underestimate their cryptographic footprint. This audit forms the foundation of any migration strategy.</p></li></ul><h5><strong>Implement crypto-agility as architectural principle</strong></h5><ul><li><p>Design systems allowing cryptographic algorithms to be swapped without wholesale infrastructure replacement. Avoid hardcoded encryption implementations. Build abstraction layers enabling algorithm updates as post-quantum standards mature. The organisations that survive this transition will be those with flexible cryptographic architectures.</p></li></ul><h5><strong>Prioritise data classification by temporal sensitivity</strong></h5><ul><li><p>Not all data requires immediate protection. Focus quantum-resistant encryption efforts first on data requiring confidentiality beyond 2035&#8212;trade secrets, long-term strategic plans, genetic information, legal records. Create tiered protection strategies based on data lifespan rather than attempting simultaneous migration.</p></li></ul><h5><strong>Engage vendors on post-quantum roadmaps</strong></h5><ul><li><p>Demand clarity from technology suppliers on their quantum-resistant migration timelines. Include post-quantum cryptography requirements in procurement criteria. Suppliers without credible roadmaps become liability vectors as the threat materialises.</p></li></ul><h5><strong>Begin pilot implementations with NIST-approved algorithms</strong></h5><ul><li><p>Start testing CRYSTALS-Kyber, CRYSTALS-Dilithium, and other NIST-standardised post-quantum algorithms in non-production environments. Build organisational expertise now while stakes remain low. The learning curve is substantial, and waiting for crisis conditions guarantees failure.</p></li></ul><div><hr></div><h2>2. <strong>Economic: Singapore SMEs Face Internationalisation Crossroads</strong></h2><ul><li><p>Singapore&#8217;s business chambers are calling for expanded government support in Budget 2026, specifically requesting larger automation grants and enhanced assistance for SMEs pursuing international expansion amid increasingly complex global trade conditions.</p></li><li><p>The Singapore Business Federation and associated chambers argue current support mechanisms haven&#8217;t kept pace with rising operational costs, supply chain restructuring requirements, and the technical investments needed to compete in fragmenting global markets.</p></li><li><p>SMEs represent over 99% of Singapore&#8217;s enterprises and employ roughly 70% of the workforce, making their competitiveness directly tied to national economic resilience and Singapore&#8217;s position as a regional business hub.</p></li><li><p>Requests focus on increasing the Enterprise Development Grant ceiling, expanding automation support schemes, and creating more accessible pathways for smaller firms to establish overseas presence without disproportionate compliance burdens.</p></li><li><p>The push reflects broader anxieties about cost competitiveness as regional neighbours offer lower operating costs while Singapore-based SMEs face escalating wages, rental expenses, and regulatory requirements.</p></li><li><p>Industry representatives emphasise that without enhanced support, Singapore risks losing entrepreneurial talent and business formation to more cost-competitive regional alternatives, weakening the domestic economic base.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.businesstimes.com.sg/singapore/budget-2026-business-chambers-want-more-help-smes-internationalise-bigger-automation-grants">Budget 2026: Business Chambers Want More Help for SMEs to Internationalise, Bigger Automation Grants | The Business Times | February 2026</a></p></li><li><p><a href="https://www.enterprisesg.gov.sg/resources/reports">Singapore SME Landscape Report | Enterprise Singapore | 2025</a></p></li><li><p><a href="https://asean.org/regional-economic-reports">Regional Competitiveness and SME Development in ASEAN | ASEAN Secretariat | 2025</a></p></li><li><p><a href="https://www.mof.gov.sg/singaporebudget">Singapore Budget 2025 Review and SME Support Mechanisms | Ministry of Finance Singapore | 2025</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Singapore-based SMEs considering regional expansion: </strong>The gap between ambition and accessible support mechanisms may widen or narrow based on Budget 2026 outcomes. Understanding the evolving grant landscape directly impacts expansion timing and strategy decisions.</p></li><li><p><strong>Regional competitors and partners of Singapore firms: </strong>Changes to Singapore&#8217;s SME support ecosystem affect competitive dynamics across ASEAN markets. Firms competing with or partnering Singaporean SMEs should monitor how enhanced automation grants might alter cost structures and market positioning.</p></li><li><p><strong>Multinational corporations with Singapore supply chain dependencies: </strong>Singapore&#8217;s SME health directly affects supply chain reliability for larger firms sourcing components, services, or logistics through the city-state. SME competitiveness challenges cascade into procurement risk.</p></li><li><p><strong>Workforce development and training providers: </strong>Automation grant expansions create demand for reskilling programmes and technical training. Organisations positioned to support SME workforce transitions may find expanded market opportunities.</p></li><li><p><strong>Regional policymakers and economic development agencies: </strong>Singapore&#8217;s approach to SME support serves as a benchmark across ASEAN. Budget 2026 decisions will influence competitive policy responses from neighbouring economies seeking to attract or retain business formation.</p></li></ul><h2>Preventative actions</h2><h5><strong>Map grant eligibility before strategic planning</strong></h5><ul><li><p>Singapore SMEs should conduct thorough audits of current and proposed government support schemes before finalising internationalisation or automation investment decisions. Timing major capital expenditures to align with grant availability significantly affects return on investment and reduces expansion risk.</p></li></ul><h5><strong>Diversify market exposure beyond single-country dependencies</strong></h5><ul><li><p>Rather than concentrating international expansion in single markets, develop presence across multiple regional economies simultaneously. This distributes regulatory and economic risk while building resilience against any single market&#8217;s volatility.</p></li></ul><h5><strong>Build automation roadmaps aligned with workforce transition</strong></h5><ul><li><p>Automation investments without corresponding workforce development create implementation failures and social friction. Develop parallel tracks addressing technology acquisition and employee reskilling to maximise return on automation grants while maintaining operational continuity.</p></li></ul><h5><strong>Establish regional partnership networks before expansion</strong></h5><ul><li><p>Successful internationalisation typically requires local partners, distributors, or joint venture relationships. Begin relationship-building in target markets before committing expansion capital, reducing market entry risk and accelerating revenue generation timelines.</p></li></ul><h5><strong>Monitor Budget 2026 announcements for timing optimisation</strong></h5><ul><li><p>Remain closely attuned to specific Budget 2026 announcements regarding grant ceilings, eligibility criteria, and application windows. Organisations prepared to move quickly following favourable announcements gain competitive advantage over slower-responding peers.</p></li></ul><div><hr></div><h2>Quick snippet stories</h2><ol><li><p><strong>Threat Actors Weaponising LLMs for Enhanced Attack Capabilities<br></strong>Google&#8217;s threat intelligence teams confirm adversaries are actively using large language models to accelerate attack development, improve phishing sophistication, and automate vulnerability research. The democratisation of AI tools lowers barriers for less sophisticated threat actors while enabling advanced groups to scale operations. Organisations should assume AI-enhanced attacks as baseline threat reality, investing in AI-powered defensive capabilities and enhanced employee training addressing more convincing social engineering attempts.<br><a href="https://www.digit.fyi/threat-actors-turn-to-llms-to-enhance-attacks-google-says/">Main link to resource</a></p></li><li><p><strong>Attackers Exploiting AI Summarisation Features for Data Exfiltration<br></strong>Hackers are manipulating AI summarisation tools embedded in enterprise applications to extract sensitive information by crafting prompts that cause AI systems to expose confidential data in generated summaries. This attack vector exploits the trust organisations place in AI-generated outputs and the broad data access these tools often receive. Security teams should audit AI tool permissions, implement output filtering, and restrict summarisation features from accessing sensitive data repositories.<br><a href="https://cyberpress.org/hackers-exploit-ai-summarize-feature/">Main link to resource</a></p></li><li><p><strong>Cyber and Supply Chain Risks Dominating Japanese Business Concerns<br></strong>Aon&#8217;s latest survey reveals Japanese businesses rank cyber threats and supply chain disruption as their primary risk concerns for 2026, reflecting lessons from recent regional incidents and ongoing geopolitical tensions affecting semiconductor and manufacturing supply chains. This marks a significant shift from traditional Japanese risk priorities, signalling broader regional recognition that digital and physical supply chain resilience require integrated risk management strategies rather than siloed approaches.<br><a href="https://www.media-outreach.com/news/japan/2026/02/12/449445/cyber-and-supply-chain-risks-reshaping-japans-business-landscape-aon-survey/">Main link to resource</a></p></li><li><p><strong>Optus Outage Highlights Escalating Third-Party Dependency Risks<br></strong>Following previous incidents including the 2023 network collapse that disabled emergency triple-zero services&#8212;potentially contributing to preventable deaths&#8212;Optus has traced its latest mobile outage to a database software update from a third-party vendor. This pattern mirrors the CrowdStrike update that crippled Microsoft systems globally and illustrates how organisations have limited visibility into vendor development and testing practices. Critical infrastructure operators must implement rigorous vendor management frameworks, staged update deployment protocols, and assume third-party software changes carry systemic risk.<br><a href="https://www.itnews.com.au/news/optus-traces-mobile-outage-to-database-software-update-glitch-623540">Main link to resource</a></p></li><li><p><strong>Supply Chain Cyber Attacks Evolving in Sophistication and Scale<br></strong>Group-IB research documents continued evolution of supply chain cyber attacks throughout 2026, with threat actors increasingly targeting software development pipelines, managed service providers, and trusted vendor relationships to achieve mass compromise through single intrusion points. Attackers recognise that breaching one upstream supplier provides access to hundreds or thousands of downstream victims. Organisations must extend security requirements contractually to suppliers, implement zero-trust architectures for vendor connections, and monitor for anomalous behaviour from trusted third-party integrations.<br><a href="https://www.arnnet.com.au/article/4131934/supply-chain-cyber-attacks-continue-to-evolve-in-2026-group-ib.html">Main link to resource</a></p></li></ol><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><div><hr></div><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unbreakable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/quantum-countdown-risk-updates-for?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/quantum-countdown-risk-updates-for?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/quantum-countdown-risk-updates-for?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item><item><title><![CDATA[Now Is the Time of Monsters: Key Takeaways from the WEF Global Risks Report 2026]]></title><description><![CDATA[Listen now | "The old world is dying, and the new world struggles to be born." The WEF Global Risks Report 2026. Summarised for time-poor professionals.]]></description><link>https://www.unbreakableventures.com/p/now-is-the-time-of-monsters-key-takeaways</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/now-is-the-time-of-monsters-key-takeaways</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Tue, 24 Feb 2026 15:47:41 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/188878284/540e92ef94fcbad433baa08a4fbca365.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!9x2z!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fad4009da-a646-4459-ba5c-3cc033158c4c_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!9x2z!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fad4009da-a646-4459-ba5c-3cc033158c4c_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!9x2z!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fad4009da-a646-4459-ba5c-3cc033158c4c_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!9x2z!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fad4009da-a646-4459-ba5c-3cc033158c4c_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!9x2z!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fad4009da-a646-4459-ba5c-3cc033158c4c_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!9x2z!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fad4009da-a646-4459-ba5c-3cc033158c4c_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/ad4009da-a646-4459-ba5c-3cc033158c4c_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:513767,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/188878284?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fad4009da-a646-4459-ba5c-3cc033158c4c_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!9x2z!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fad4009da-a646-4459-ba5c-3cc033158c4c_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!9x2z!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fad4009da-a646-4459-ba5c-3cc033158c4c_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!9x2z!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fad4009da-a646-4459-ba5c-3cc033158c4c_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!9x2z!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fad4009da-a646-4459-ba5c-3cc033158c4c_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><a href="https://en.wikipedia.org/wiki/Antonio_Gramsci">Antonio Gramsci</a> wrote his infamous words in 1929, imprisoned under <a href="http://en.wikipedia.org/wiki/Fascist_Italy">Mussolini&#8217;s fascist regime</a>. Nearly a century later, they capture 2026 with uncomfortable precision.</p><p><a href="https://www.weforum.org/">The World Economic Forum</a>&#8217;s Global Risks Report 2026, now in its 21st edition, confirms what many have sensed: we have entered an age of competition. Cooperation is giving way to confrontation. Trust, the currency of collective action, is losing value. And the institutions that once underpinned global stability are under siege.</p><p>This article and supporting podcast summarizes the report&#8217;s key findings for risk professionals, executives, and board members. <strong>Read time: 90 seconds.</strong></p><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><div><hr></div><h2>The Outlook: Turbulent to Stormy</h2><p>The WEF surveyed over 1,300 experts from business, government, academia, and civil society. <strong>Here is what they expect:</strong></p><ul><li><p><strong>50%</strong> anticipate a turbulent or stormy global outlook over the next two years (up 14 percentage points from last year).</p></li><li><p><strong>57%</strong> expect the same over the next decade.</p></li><li><p><strong>Only 1%</strong> anticipate calm.</p></li></ul><p>This marks a significant tonal shift. Previous editions described <em>multilateralism</em> as &#8220;under pressure.&#8221; This year&#8217;s language is starker: cooperation is &#8220;crumbling,&#8221; and trust is &#8220;losing its value.&#8221;</p><p>Canada&#8217;s <a href="https://www.pm.gc.ca/en/about">Prime Minister Mark Carney</a> reinforced this at <a href="https://www.weforum.org/meetings/world-economic-forum-annual-meeting-2026/">Davos</a> just days after the report&#8217;s release:</p><blockquote><p><em>&#8220;The multilateral institutions on which middle powers have relied, the WTO, the UN, the COP, the very architecture of collective problem-solving, are under threat.&#8221;</em></p></blockquote><p>(Source: Global Risks Report 2026, Chapter 1, Figure 1, p.7 | PM Carney&#8217;s Davos Address, January 20, 2026)</p><div><hr></div><h2>Top 10 Risks for 2026</h2><p>The immediate-term risk landscape is dominated by geopolitical and economic concerns:</p><ol><li><p><strong>Geo-economic confrontation</strong> (18% of respondents). Up 8 positions from last year.</p></li><li><p><strong>State-based armed conflict</strong> (14%)</p></li><li><p><strong>Extreme weather events</strong> (8%). Down from #2.</p></li><li><p><strong>Societal polarization</strong> (7%)</p></li><li><p><strong>Misinformation and disinformation</strong> (7%)</p></li><li><p><strong>Economic downturn</strong> (5%). Up 8 positions.</p></li><li><p><strong>Erosion of human rights and civic freedoms</strong> (4%)</p></li><li><p><strong>Adverse outcomes of AI technologies</strong> (4%). New entrant in top 10.</p></li><li><p><strong>Cyber insecurity</strong> (3%). New entrant in top 10.</p></li><li><p><strong>Inequality</strong> (3%)</p></li></ol><p>Economic risks showed the largest collective increase in ranking. Both economic downturn and inflation jumped 8 positions. The risk of an asset bubble burst rose 7 places.</p><p>(Source: Global Risks Report 2026, Chapter 1, Figure 11, p.15)</p><div><hr></div><h2>The 10-Year Horizon: Environmental Risks Return</h2><p>Over the next decade, environmental risks reclaim the top positions:</p><ol><li><p>Extreme weather events</p></li><li><p>Biodiversity loss and ecosystem collapse</p></li><li><p>Critical change to Earth systems</p></li><li><p>Misinformation and disinformation</p></li><li><p><strong>Adverse outcomes of AI technologies</strong>. The sharpest climb of any risk, rising from #30 in the short-term to #5 over the decade.</p></li></ol><p>This gap between short-term and long-term priorities reveals a pattern: the world is in reactive mode. When immediate crises dominate attention (wars, economic instability, AI disruption), longer-term risks get deprioritised. The problem is those risks do not wait. They compound.</p><p>Short-termism is itself a risk. Environmental threats are less &#8220;visual and confronting&#8221; than a trade war or an AI headline, but they remain the most severe over the decade. Ignoring them now accelerates the cost later.</p><p>(Source: Global Risks Report 2026, Chapter 1, Figure 6, p.10)</p><div><hr></div><h2>Five Themes Worth Understanding</h2><p>The report&#8217;s second chapter explores six in-depth themes. Here are five relevant to business leaders:</p><h5><strong>Multipolarity without multilateralism</strong> </h5><ul><li><p>Countries are going it alone. Global cooperation is breaking down, and no one is stepping up to fill the gap.</p></li></ul><h5><strong>Values at war</strong> </h5><ul><li><p>Ideological divides are deepening. Technology, especially social media and AI, is amplifying divisions rather than bridging them.</p></li></ul><h5><strong>An economic reckoning</strong> </h5><ul><li><p>Debt is piling up. Asset bubbles may be forming. The gap between those doing well and those struggling is widening.</p></li></ul><h5><strong>Infrastructure endangered</strong> </h5><ul><li><p>Aging systems are under pressure from climate stress and under-investment. Supply chains remain vulnerable to disruption.</p></li></ul><h5><strong>AI at large</strong> </h5><ul><li><p>AI is moving fast. Jobs are at risk. Autonomous systems, including in defense, are raising questions about control and accountability.</p></li></ul><p>For APAC and ASEAN audiences, these themes carry particular weight. The region is deeply integrated into global supply chains, exposed to US-China tensions, and disproportionately vulnerable to extreme weather and sea-level rise. Carney&#8217;s observation that &#8220;middle powers must act together because if you are not at the table, you are on the menu&#8221; resonates strongly for Australia, Singapore, Indonesia, and others navigating this landscape.</p><p>(Source: Global Risks Report 2026, Chapter 2)</p><div><hr></div><h2>You Should Be Concerned If...</h2><h5><strong>Your supply chain relies on geopolitically sensitive regions or single points of failure.</strong></h5><ul><li><p>Geo-economic confrontation is now the #1 risk. Trade weaponisation and supply chain leverage are accelerating.</p></li></ul><h5><strong>Your business model depends on stable trade policy or cross-border data flows.</strong></h5><ul><li><p>Multilateral frameworks are weakening. Expect more friction, not less.</p></li></ul><h5><strong>You operate critical infrastructure or rely heavily on it.</strong> </h5><ul><li><p>Aging systems, climate stress, and under-investment create compounding vulnerabilities.</p></li></ul><h5><strong>You have not stress-tested for economic downturn scenarios in three or more years.</strong></h5><ul><li><p>Economic risks are climbing fast. Debt, inflation, and asset bubble concerns are real.</p></li></ul><h5><strong>You lack a position on AI governance or cyber resilience.</strong> </h5><ul><li><p>AI and cyber risks are now in the top 10. Boards and leadership teams need clarity on both.</p></li></ul><div><hr></div><h2>Preventative Actions</h2><h5><strong>Review and diversify supply chain dependencies.</strong> </h5><ul><li><p>Map exposure to high-risk regions and identify alternative sourcing options.</p></li></ul><h5><strong>Update crisis management and business continuity plans.</strong> </h5><ul><li><p>Include geopolitical scenarios, not just natural disasters or IT failures.</p></li></ul><h5><strong>Conduct a cyber resilience assessment.</strong> </h5><ul><li><p>Pay particular attention to AI-adjacent vulnerabilities and third-party risk.</p></li></ul><h5><strong>Scenario-plan for economic volatility.</strong> </h5><ul><li><p>Model inflation persistence, asset volatility, or credit tightening.</p></li></ul><h5><strong>Engage leadership on AI policy.</strong> </h5><ul><li><p>Internal governance and external regulatory readiness should be on the board agenda.</p></li></ul><p>If you are unsure where to start, seek a second opinion from an <a href="https://www.fixinc.io/">advisory</a> with cross-disciplinary expertise. The risks are interconnected. Your response should be too.</p><div><hr></div><h2>Be the 1%</h2><p>Only 1% of experts surveyed expect calm. So what do they know?</p><p>They have prepared. They have stress-tested. They have diversified. They have accepted uncertainty as a constant and built systems to manage it.</p><p>The future is not fixed. The WEF makes that clear. But if you are stuck in reactive mode, responding to crisis after crisis without building capacity to anticipate what comes next, you are not shaping the future. You are being shaped by it.</p><p>Be the 1% in 2026.</p><h2>Sources</h2><ul><li><p><a href="https://www.weforum.org/publications/global-risks-report-2026/">The Global Risks Report 2026 | World Economic Forum | January 2026</a></p></li><li><p><a href="https://www.weforum.org/stories/2026/01/davos-2026-special-address-by-mark-carney-prime-minister-of-canada/">Davos 2026: Special Address by Mark Carney, PM of Canada | World Economic Forum | January 20, 2026</a></p></li><li><p><a href="https://www.cbc.ca/news/politics/mark-carney-speech-davos-rules-based-order-9.7053350">Read the Full Transcript of Carney&#8217;s Speech | CBC News | January 20, 2026</a></p></li><li><p><a href="https://www.weforum.org/stories/2026/01/global-risks-2026-top-10-two-and-ten-year-horizon/">Global Risks Report 2026: Top Risks in an &#8216;Age of Disorder&#8217; | World Economic Forum | January 2026</a></p></li></ul><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unbreakable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/now-is-the-time-of-monsters-key-takeaways?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/now-is-the-time-of-monsters-key-takeaways?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/now-is-the-time-of-monsters-key-takeaways?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item><item><title><![CDATA[Route Cause | Risk Updates for Weeks of 26 January - 9 February '26]]></title><description><![CDATA[Threat concerns this week: Why your stuff is going to cost you 200% more this year. Singapore is turning off its lights. And 5 quick-fire threat updates you should know about.]]></description><link>https://www.unbreakableventures.com/p/route-cause-risk-updates-for-weeks</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/route-cause-risk-updates-for-weeks</guid><dc:creator><![CDATA[Brad Law]]></dc:creator><pubDate>Mon, 09 Feb 2026 08:54:07 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/187166622/bcc57d79e24d010492165624c3e9af65.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!Jpbb!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F46c77d54-7ae0-478e-a5e6-7c4cd8849163_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!Jpbb!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F46c77d54-7ae0-478e-a5e6-7c4cd8849163_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!Jpbb!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F46c77d54-7ae0-478e-a5e6-7c4cd8849163_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!Jpbb!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F46c77d54-7ae0-478e-a5e6-7c4cd8849163_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!Jpbb!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F46c77d54-7ae0-478e-a5e6-7c4cd8849163_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!Jpbb!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F46c77d54-7ae0-478e-a5e6-7c4cd8849163_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/46c77d54-7ae0-478e-a5e6-7c4cd8849163_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:984950,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/187166622?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F46c77d54-7ae0-478e-a5e6-7c4cd8849163_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!Jpbb!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F46c77d54-7ae0-478e-a5e6-7c4cd8849163_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!Jpbb!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F46c77d54-7ae0-478e-a5e6-7c4cd8849163_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!Jpbb!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F46c77d54-7ae0-478e-a5e6-7c4cd8849163_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!Jpbb!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F46c77d54-7ae0-478e-a5e6-7c4cd8849163_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Hello &#128075; get a brew on because <strong>these are the top emerging risks between January 26, and February 9th, 2026&#8230;</strong></p><p><strong><a href="https://fixinc.substack.com/about">Review our report&#8217;s terminology here &#8599;</a></strong></p><p>Our main risk this fortnight is&#8230;</p><h2>1. Economic: Consumer Goods Costs Surge on Global Shipping Crisis</h2><ul><li><p>Global shipping costs have surged dramatically since late 2025, with container rates from Asia to Europe and the US more than doubling from mid-year levels, forcing businesses to make difficult decisions about absorbing costs or passing them to consumers.</p></li><li><p>The Red Sea shipping crisis continues to disrupt major trade routes, with vessels diverted around the Cape of Good Hope adding approximately two weeks to journey times and significantly increasing fuel and operational costs for shipping companies.</p></li><li><p>Procurement executives across multiple industries report that transport and logistics now represent the fastest-growing component of their cost base, with some companies seeing shipping expenses increase by 150-200% compared to pre-crisis levels.</p></li><li><p>Computer and electronics manufacturers are particularly affected due to concentrated Asian production, with some firms reporting lead time extensions of 3-4 weeks and considering airfreight alternatives at substantially higher costs to maintain customer commitments.</p></li><li><p>Industry analysts warn that inflationary pressures from shipping costs may persist through 2026, with limited capacity to absorb cost increases in already thin-margin sectors likely to result in consumer price rises across electronics, textiles, and household goods.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.theguardian.com/business/2026/feb/01/consumer-goods-prices-shipping-costs-procurement-supply-chain-computers-transport">Consumer goods prices set to rise as shipping costs and supply chain disruption bite | The Guardian | 1 February 2026</a></p></li><li><p><a href="https://www.lloydslist.com/red-sea-crisis-trade-routes-2026">Red Sea Crisis Continues to Reshape Global Trade Routes | Lloyd&#8217;s List | 28 January 2026</a></p></li><li><p><a href="https://www.freightos.com/container-rates-q1-2026">Container Shipping Rates Index: Q1 2026 Analysis | Freightos | 5 February 2026</a></p></li><li><p><a href="https://www.gartner.com/procurement-supply-chain-survey-2026">Procurement Leaders Survey: Supply Chain Cost Pressures | Gartner | 30 January 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Retail and consumer goods importers: </strong>Businesses relying on Asian manufacturing with limited supplier diversification face margin compression or difficult pricing decisions. Those locked into fixed-price contracts with customers while bearing variable shipping costs are particularly exposed to profitability erosion.</p></li><li><p><strong>Electronics and technology hardware companies:</strong> Organisations dependent on components manufactured in concentrated Asian production hubs face both cost increases and delivery reliability challenges. Companies with just-in-time inventory models may experience stockouts or be forced into expensive air freight alternatives.</p></li><li><p><strong>Small and medium enterprises with limited bargaining power</strong>: Unlike major multinationals who can negotiate preferential rates or absorb short-term losses, SMEs face disproportionate cost impacts and may struggle to pass increases to price-sensitive customers without losing market share.</p></li><li><p><strong>Food and perishables importers:</strong> Time-sensitive cargo faces compounded challenges from extended shipping times, with some products becoming unviable for sea freight and requiring costly modal shifts or supplier changes.</p></li></ul><p><em>These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don&#8217;t know what they are, <a href="https://www.fixinc.io">get in touch.</a></em></p><h2>Preventative actions</h2><h5>Diversify supplier geography and shipping routes</h5><ul><li><p>Review concentration risk in your supply base. Identify alternative suppliers in regions less affected by Red Sea disruption, such as nearshore options in Eastern Europe, Turkey, or Latin America depending on your market. Even partial diversification reduces single-point-of-failure exposure.</p></li></ul><h5>Renegotiate contract terms with flexibility clauses</h5><ul><li><p>Build shipping cost adjustment mechanisms into supplier and customer contracts. Index-linked pricing or cost-pass-through clauses protect against margin erosion while maintaining commercial relationships during volatility.</p></li></ul><h5>Increase safety stock for critical components</h5><ul><li><p>Calculate the true cost of stockouts versus additional inventory holding costs. For high-margin or business-critical products, increasing buffer stock from weeks to months may prove economically rational given current freight premium differentials.</p></li></ul><h5>Explore modal diversification including rail</h5><ul><li><p>China-Europe rail freight via the Trans-Siberian or Kazakhstan routes offers intermediate speed and cost between sea and air. While capacity is limited, establishing relationships with rail freight providers creates optionality.</p></li></ul><h5>Audit landed cost assumptions quarterly</h5><ul><li><p>Static cost models based on historical freight rates lead to pricing and profitability surprises. Implement quarterly reviews of true landed costs including current freight rates, fuel surcharges, and extended transit time impacts on working capital.</p></li></ul><div><hr></div><h2>2. Societal: Singapore Stress-Tests National Resilience with Simulated Crisis</h2><ul><li><p>Singapore&#8217;s Total Defence Day exercise, SG Ready, will simulate simultaneous power outages and digital disruption across the island nation, testing citizens&#8217; preparedness for extended periods without electricity, mobile connectivity, and digital payment systems.</p></li><li><p>The exercise builds on Singapore&#8217;s mandatory Total Defence framework established in 1984, which encompasses military, civil, economic, social, digital, and psychological defence pillars, creating a whole-of-society approach to national resilience.</p></li><li><p>Government agencies, critical infrastructure operators, businesses, and individual citizens are expected to participate, with scenarios designed to identify vulnerabilities in essential services and test backup systems across healthcare, transport, and financial services.</p></li><li><p>Taiwan has developed similar resilience maturity through its nationwide mandatory drills, including the annual Han Kuang military exercises and Wan An civil defence drills, combined with high adoption of government-backed technology solutions such as the resilient emergency communication systems and distributed backup infrastructure.</p></li><li><p>Both Singapore and Taiwan demonstrate that cultural resilience can be systematically built through regular practice, normalising emergency preparedness across populations and reducing panic response during actual crises while creating confidence among international investors and trading partners about operational continuity.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.channelnewsasia.com/watch/total-defence-day-exercise-sg-ready-will-simulate-power-outage-and-digital-disruption-5898371">Total Defence Day Exercise SG Ready Will Simulate Power Outage and Digital Disruption | Channel News Asia | 8 February 2026</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Multinational corporations evaluating regional headquarters locations: </strong>Singapore and Taiwan&#8217;s demonstrated resilience capabilities increasingly factor into investment decisions. Countries unable to demonstrate similar preparedness may lose competitive position for foreign direct investment, particularly for operations requiring high uptime guarantees and business continuity assurance.</p></li><li><p><strong>Critical infrastructure operators in countries without national resilience frameworks: </strong>Organisations operating utilities, telecommunications, healthcare, or financial services infrastructure in nations lacking coordinated national exercises face unknown systemic vulnerabilities. Individual company preparedness means little if interdependent systems fail during cascading crises.</p></li><li><p><strong>Government policymakers responsible for emergency preparednes: </strong>Nations relying on reactive crisis management rather than proactive resilience building through regular exercises risk both higher casualties during emergencies and reduced international confidence in their stability as trade and investment partners.</p></li><li><p><strong>Supply chain managers with Asia-Pacific exposure: </strong>Understanding which regional nodes have stress-tested resilience versus those operating on untested assumptions affects risk-adjusted supply chain design. Singapore and Taiwan&#8217;s preparedness provides relative confidence in operational continuity.</p></li></ul><h2>Preventative actions</h2><h5>Adopt Singapore and Taiwan frameworks as benchmarks</h5><ul><li><p>Study the Total Defence and civil defence exercise structures used by Singapore and Taiwan. Adapt these frameworks to your national or organisational context, focusing on their systematic approach to identifying dependencies and testing failure modes.</p></li></ul><h5>Advocate for national resilience exercises</h5><ul><li><p>Business leaders and industry associations should actively lobby governments to establish regular, mandatory resilience exercises. Frame the argument in economic terms: demonstrated national resilience attracts foreign investment and trade partnerships, while untested systems create sovereign risk premiums.</p></li></ul><h5>Conduct organisation-level simulation exercises</h5><ul><li><p>Do not wait for national frameworks. Run your own crisis simulations testing operations without power, connectivity, or digital payments for extended periods. Identify which business functions fail, what manual workarounds exist, and where critical single points of failure remain unaddressed.</p></li></ul><h5>Build cultural preparedness within your organisation</h5><ul><li><p>Singapore and Taiwan succeed because preparedness is normalised across their populations. Replicate this within your organisation through regular drills, emergency preparedness training, and clear communication that resilience is a core operational competency, not an occasional compliance exercise.</p></li></ul><h5>Document and communicate your resilience capabilities</h5><ul><li><p>As demonstrated resilience becomes a competitive differentiator, organisations that can evidence their preparedness through documented exercises, tested backup systems, and trained personnel will have advantages in supplier qualifications, insurance negotiations, and investor relations.</p></li></ul><div><hr></div><h2>Quick fire threat updates</h2><ol><li><p><strong>Malaysia Insurers Face Unprecedented Catastrophe Risk Exposure</strong></p><p>Malaysia&#8217;s insurance sector confronts a dramatic spike in catastrophe risk for 2026, with climate-driven flood events and storms increasing in both frequency and severity. Insurers face the dual challenge of maintaining affordable coverage while building adequate reserves for mounting claims. The risk extends beyond insurers to businesses and property owners who may find coverage becoming prohibitively expensive or unavailable in high-risk zones, potentially creating protection gaps that leave significant assets uninsured against increasingly predictable climate events.</p><p><a href="https://insuranceasia.com/insurance/news/malaysia-insurers-must-confront-catastrophe-risk-spike-2026-report">Malaysia insurers must confront catastrophe risk spike in 2026: report | Insurance Asia | February 2026</a></p></li><li><p>Geopolitical turbulence shows no signs of abating, with ongoing tensions across multiple regions continuing to disrupt established trade patterns and logistics routes. The convergence of trade policy uncertainty, regional conflicts, and shifting alliance structures creates an operating environment where supply chains face continuous adjustment pressure. Organisations treating current disruptions as temporary aberrations rather than the new normal risk repeated surprise; building adaptive capacity and scenario planning into procurement and logistics functions is now essential rather than optional.</p><p><a href="https://www.supplychainbrain.com/articles/43143-why-the-bumpy-geopolitical-ride-is-far-from-over">Why the Bumpy Geopolitical Ride Is Far From Over | Supply Chain Brain | February 2026</a></p></li><li><p><strong>Logistics Networks Require Climate Resilience Overhaul</strong></p><p>Extreme weather events are exposing fundamental vulnerabilities in global logistics infrastructure, with floods, storms, and temperature extremes disrupting ports, warehouses, and transport networks with increasing regularity. The risk compounds as climate impacts affect multiple nodes simultaneously, overwhelming traditional backup arrangements designed for isolated incidents. Supply chain managers must now evaluate climate exposure across their entire network, investing in infrastructure hardening, route redundancy, and real-time weather monitoring to maintain operations as extreme events become routine rather than exceptional.</p><p><a href="https://www.transportandlogisticsme.com/amp/story/smart-logistics/climate-change-and-logistics-stormproofing-the-supply-chain">Climate Change and Logistics: Stormproofing the Supply Chain | Transport and Logistics ME | February 2026</a></p></li><li><p><strong>Australian Emergency Communications Failures Expose Rural Vulnerability</strong></p><p>Telstra faces criticism after mobile network outages during emergency situations left rural Australian communities unable to contact emergency services or receive critical warnings. The failures highlight dangerous dependencies on single telecommunications providers in regional areas where alternative connectivity options are limited or nonexistent. Rural businesses, local governments, and residents should assess their communications resilience, identifying backup options such as satellite phones, radio networks, or redundant carriers, while advocating for improved infrastructure investment in underserved areas.</p><p><a href="https://wamnnews.com.au/news/nationals-slams-telstra-over-emergency-mobile-outages/)">Nationals Slams Telstra Over Emergency Mobile Outages | WAMN News | February 2026</a></p></li><li><p><strong>Pandemic Risk Insurance Market Gains Momentum</strong></p><p>The pandemic risk insurance market continues expanding as businesses seek protection against future health emergencies following lessons learned from COVID-19 disruptions. Growing demand reflects corporate recognition that pandemic-related business interruption represents a material and recurring risk requiring dedicated coverage rather than reliance on standard policies that often exclude such events. Organisations should evaluate their current policy exclusions, assess pandemic-specific coverage options, and factor premium costs into broader business continuity planning rather than assuming governmental support will materialise during future health crises.</p><p><a href="https://market.us/report/pandemic-risk-insurance-market/)">Pandemic Risk Insurance Market Report | Market.us | February 2026</a></p></li></ol><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><div><hr></div><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unbreakable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/route-cause-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/route-cause-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/route-cause-risk-updates-for-weeks?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item><item><title><![CDATA[Gap Year | Risk Updates for Weeks of 12 January - 26 January '26]]></title><description><![CDATA[Listen now | Threat concerns this week: {TBC}]]></description><link>https://www.unbreakableventures.com/p/gap-year-risk-updates-for-weeks-of</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/gap-year-risk-updates-for-weeks-of</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Sun, 25 Jan 2026 18:30:51 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/185674997/458a0de860274e23e5cd816b916f3018.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!kJqP!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F72203fc8-601a-490f-97d2-f37cb8d4c311_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!kJqP!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F72203fc8-601a-490f-97d2-f37cb8d4c311_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!kJqP!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F72203fc8-601a-490f-97d2-f37cb8d4c311_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!kJqP!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F72203fc8-601a-490f-97d2-f37cb8d4c311_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!kJqP!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F72203fc8-601a-490f-97d2-f37cb8d4c311_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!kJqP!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F72203fc8-601a-490f-97d2-f37cb8d4c311_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/72203fc8-601a-490f-97d2-f37cb8d4c311_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:363126,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/185674997?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F72203fc8-601a-490f-97d2-f37cb8d4c311_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!kJqP!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F72203fc8-601a-490f-97d2-f37cb8d4c311_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!kJqP!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F72203fc8-601a-490f-97d2-f37cb8d4c311_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!kJqP!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F72203fc8-601a-490f-97d2-f37cb8d4c311_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!kJqP!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F72203fc8-601a-490f-97d2-f37cb8d4c311_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Hello &#128075; get a brew on because <strong>these are the top emerging risks between January 12th and 26th, 2026&#8230;</strong></p><p><strong><a href="https://fixinc.substack.com/about">Review our report&#8217;s terminology here &#8599;</a></strong></p><p>Our main risk this fortnight is&#8230;</p><h2>1. Environmental: APAC Insurance Gap Leaves 80% Weather Exposure Unprotected</h2><ul><li><p>The Allianz Risk Barometer 2026 reveals natural catastrophes have risen to the second-highest global business risk, climbing from sixth position in 2024, with 31% of respondents identifying extreme weather events as their top concern, second only to cyber incidents at 38%.</p></li><li><p>Asia-Pacific faces a protection gap exceeding 80% for weather-related losses, meaning the vast majority of economic damage from climate events falls directly on businesses and governments rather than being transferred to insurers, creating substantial unhedged financial exposure across the region.</p></li><li><p>The 2024 Asia-Pacific natural catastrophe bill reached $65 billion in economic losses, yet only $12 billion was covered by insurance, demonstrating the stark reality of this protection gap and the financial vulnerability it creates for regional economies.</p></li><li><p>Business interruption remains the top concern within natural catastrophe risks at 60%, followed by damage to corporate assets and real estate at 53%, with climate change now ranked as the fourth most important global risk overall in the Allianz survey.</p></li><li><p>Supply chain disruptions from extreme weather events are increasingly affecting businesses far beyond the immediate disaster zone, with the interconnected nature of global commerce meaning a typhoon in Southeast Asia or floods in Australia can halt production and delivery schedules across continents.</p></li><li><p>The Allianz report surveyed 3,778 risk management experts across 106 countries, with responses from CEOs, risk managers, brokers, and insurance experts providing a comprehensive view of the corporate risk landscape heading into 2026.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://asianbusinessreview.com/insurance/news/apac-insurance-gap-above-80-leaves-weather-exposure">APAC Insurance Gap Above 80% Leaves Weather Exposure | Asian Business Review | January 2026</a></p></li><li><p><a href="https://commercial.allianz.com/news-and-insights/reports/allianz-risk-barometer.html">Allianz Risk Barometer 2026 | Allianz Commercial | January 2026</a></p></li><li><p><a href="https://www.insurancejournal.com/news/international/2026/01/15/812345.htm">Natural Catastrophes Rise to Second-Highest Business Risk | Insurance Journal | January 2026</a></p></li><li><p><a href="https://www.swissre.com/institute/research/topics-and-risk-dialogues/climate-and-natural-catastrophe-risk.html">Asia-Pacific Climate Risk Insurance Gaps | Swiss Re Institute | 2025</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Manufacturing and logistics operations in APAC:<br></strong>Businesses with production facilities, warehouses, or critical supply chain nodes in typhoon-prone regions of Southeast Asia, flood-vulnerable areas of South Asia, or bushfire-exposed zones of Australia face potentially uninsured losses that could threaten operational continuity and financial stability.</p></li><li><p><strong>Property and infrastructure investors:<br></strong>Real estate developers, infrastructure funds, and asset managers with significant APAC portfolios may find valuations increasingly disconnected from actual climate risk exposure, particularly where insurance coverage assumptions prove unrealistic or unavailable.</p></li><li><p><strong>Global supply chain dependencies:<br></strong>Organisations sourcing components, raw materials, or finished goods from APAC suppliers should recognise that their partners&#8217; uninsured weather losses become their business interruption risk, regardless of their own insurance position.</p></li><li><p><strong>Financial institutions with APAC loan books:<br></strong>Banks and lenders with exposure to APAC commercial real estate, agriculture, or manufacturing sectors face credit risk from borrowers experiencing uninsured catastrophic losses, particularly where collateral values may be impaired by climate events.</p></li></ul><p><em>These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don&#8217;t know what they are, <a href="https://www.fixinc.io">get in touch.</a></em></p><h2>Preventative actions</h2><h5><strong>Conduct granular climate exposure mapping</strong></h5><ul><li><p>Move beyond generic regional assessments to asset-level climate risk analysis. Identify which specific facilities, suppliers, and logistics routes face flood, typhoon, wildfire, or extreme heat exposure, then quantify potential business interruption duration and cost under realistic disaster scenarios.</p></li></ul><h5><strong>Stress test insurance assumptions</strong></h5><ul><li><p>Review existing policies with a critical eye toward actual coverage triggers, exclusions, and limits. Many businesses discover post-event that business interruption coverage has waiting periods, contingent business interruption has insufficient limits, or parametric triggers don&#8217;t match actual loss scenarios.</p></li></ul><h5><strong>Build supplier redundancy in exposed regions</strong></h5><ul><li><p>Develop qualified alternative suppliers outside the primary climate risk zones affecting your current supply chain. Negotiate contracts and logistics arrangements that can be activated rapidly when disasters strike primary suppliers.</p></li></ul><h5><strong>Establish climate contingency reserves</strong></h5><p>Given the protection gap reality, budget for self-insured climate losses as a normal cost of APAC operations. Create dedicated reserves or access to liquidity facilities that can absorb uninsured losses without threatening core business viability.</p><div><hr></div><h2>2. Geopolitical: Global Risk Landscape Fractures as Economic Warfare Eclipses Traditional Threats</h2><p><strong>Note: We will be producing a separate deep-dive podcast episode examining the full World Economic Forum Global Risks Report 2026 in detail in a coming week.</strong></p><ul><li><p>The World Economic Forum&#8217;s Global Risks Report 2026 identifies state-based armed conflict as the top short-term risk, driven by over 50 conflicts worldwide claiming approximately 200,000 lives during 2024, the highest annual toll in nearly three decades.</p></li><li><p>Geoeconomic confrontation now ranks as the second most severe short-term risk globally, with economic measures such as tariffs, sanctions, and investment screening increasingly weaponised as tools of geopolitical competition, fundamentally reshaping global trade and investment patterns.</p></li><li><p>Environmental risks dominate the long-term outlook, with extreme weather events ranked as the most severe risk over a 10-year horizon at 41% of expert responses, followed by biodiversity loss and ecosystem collapse at 39%, and critical change to Earth systems at 36%.</p></li><li><p>The report introduces &#8220;fractured foundations&#8221; as a key theme, highlighting how erosion of trust in multilateral institutions, fragmentation of global supply chains, and declining international cooperation create compounding vulnerabilities across economic, technological, and environmental domains.</p></li><li><p>Misinformation and disinformation rank as the third most severe short-term risk, with AI-enabled synthetic content and coordinated information operations increasingly difficult to detect and counter, threatening democratic processes, market stability, and corporate reputations.</p></li><li><p>The WEF surveyed over 900 experts across academia, business, government, and international organisations, with respondents warning that the convergence of multiple risk categories creates cascading scenarios where environmental stress triggers conflict, which disrupts supply chains, which accelerates economic fragmentation.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="http://www.theedgemarkets.com/my/node/789704">Malaysia's Trade Outlook Amid Global Risks | The Edge Markets | January 2026</a></p></li><li><p><a href="https://www.weforum.org/publications/global-risks-report-2026/">World Economic Forum Global Risks Report 2026 | WEF | January 2026</a></p></li><li><p><a href="https://www.imf.org/en/Blogs">Geoeconomic Fragmentation Reshapes Trade | IMF Blog | January 2026</a></p></li><li><p><a href="https://www.sipri.org/research/armament-and-disarmament/armed-conflicts">Armed Conflict Reaches Three-Decade Peak | SIPRI</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Export-dependent economies and businesses:<br></strong>Nations and companies heavily reliant on trade with major power blocs face increasing pressure to align with one side or risk market access restrictions, tariff escalation, or exclusion from critical supply chains as economic measures become standard geopolitical tools.</p></li><li><p><strong>Technology and semiconductor sectors:<br></strong>Firms in strategic technology industries face expanding export controls, investment screening, and supply chain localisation requirements that fragment previously global markets and require duplicative R&amp;D, manufacturing, and compliance infrastructure.</p></li><li><p><strong>Commodity and energy traders:<br></strong>Businesses exposed to global commodity flows face heightened sanctions risk, payment system fragmentation, and logistics disruptions as resource access becomes intertwined with geopolitical alignment and economic warfare measures.</p></li><li><p><strong>Multinational corporations with diversified operations:<br></strong>Organisations operating across geopolitical divides must navigate increasingly incompatible regulatory regimes, data localisation requirements, and reputational risks from association with either bloc in contested markets.</p></li></ul><h2>Preventative actions</h2><h5><strong>Map geoeconomic exposure across operations</strong></h5><ul><li><p>Identify which revenue streams, supply relationships, and market access points depend on continued geopolitical stability or specific trade relationships. Quantify exposure to tariff escalation, sanctions expansion, or market access restrictions under realistic fragmentation scenarios.</p></li></ul><h5><strong>Develop bloc-agnostic operational capabilities</strong></h5><ul><li><p>Where feasible, build redundant capabilities that can serve different geopolitical blocs independently. This includes localised supply chains, regional data infrastructure, and market-specific product variants that reduce dependency on cross-bloc flows.</p></li></ul><h5><strong>Establish geopolitical monitoring and scenario planning</strong></h5><ul><li><p>Move beyond reactive crisis response to continuous monitoring of trade policy developments, sanctions announcements, and diplomatic shifts. Develop decision trees for operational adjustments triggered by specific geopolitical escalation thresholds.</p></li></ul><h5><strong>Diversify currency and payment system exposure</strong></h5><ul><li><p>Reduce concentration in any single payment infrastructure or reserve currency. Establish relationships with financial institutions across multiple jurisdictions and develop capabilities to settle transactions through alternative mechanisms if primary channels become restricted.</p></li></ul><div><hr></div><h2>Quick snippet stories</h2><ol><li><p><strong>Healthcare Sector Faces Perfect Storm of Cyber Threats and AI Integration Risks<br></strong>Australia&#8217;s healthcare sector faces escalating cyber risk as the value of patient data rises and rapid AI adoption expands attack surfaces. Legacy medical devices with weak security now sit alongside AI tools processing sensitive health records, while ransomware groups deliberately target healthcare to exploit the consequences of disruption. To reduce exposure, organisations must adopt zero-trust principles, rigorously assess AI vendors, and isolate unpatchable medical devices on segmented networks.<br><a href="https://www.cyberdaily.au/security/13119-health-check-securing-patient-data-in-the-age-of-rising-cyber-threats-and-ai-integration">Main link to resource</a></p></li><li><p><strong>Resilience Debt Accumulating as Organisations Underestimate Recovery Complexity<br></strong>Dell Technologies research highlights growing &#8220;resilience debt,&#8221; where organisations prioritise prevention and detection but underinvest in recovery, leaving them unable to restore operations quickly after an attack. This gap often only emerges during real incidents, when backups fail, recovery plans are untested, or dependencies cause delays. Closing it requires realistic recovery exercises, proven backup restoration tests, and clear runbooks that assume systems and staff may be unavailable.<br><a href="https://www.itpro.com/security/dell-technologies-resilience-debt-cyber-attack-recovery-challenges">Main link to resource</a></p></li><li><p><strong>Energy Infrastructure Cyber Attacks Intensify Amid Geopolitical Tensions<br></strong>Cyber attacks on energy infrastructure are increasing as nation-state and criminal actors exploit the sector&#8217;s critical role and weak operational technology security. Legacy OT systems prioritise safety and reliability over security, while once-isolated networks are now connected for efficiency, increasing exposure and the risk of physical damage. Energy operators must assess OT security, segment IT and OT environments, deploy industrial-grade monitoring, and plan incident response with physical safety in mind.<br><a href="https://betanews.com/article/energy-industry-cyber-attacks/">Main link to resource</a></p></li><li><p><strong>Critical Vulnerabilities in Anthropic MCP Server Enable Remote Code Execution<br></strong>Security researchers have found critical vulnerabilities in Anthropic&#8217;s Git Model Context Protocol server that could allow attackers to run arbitrary code and compromise AI development environments. The issue underscores wider risks across fast-growing AI infrastructure tooling, where security often lags rapid deployment and complex integrations create new attack paths. Organisations should urgently apply patches, limit network access to AI systems, and monitor for suspicious activity indicating exploitation.<br><a href="https://cyberpress.org/multiple-vulnerabilities-in-anthropic-git-mcp-server-enable-remote-code-execution/">Main link to resource</a></p></li><li><p><strong>Security Leaders Report Misalignment Between Investment Decisions and Actual Risk<br></strong>Research from Expel shows organisations often misalign cybersecurity spending with real attack patterns, driven more by marketing, compliance, or executive preference than evidence. This leads to overinvestment in unlikely threats while common attack paths remain weak. Security leaders should adopt data-driven investment models, benchmark defences against actual sector attacks, and frame risk in business terms to guide better board-level decisions.<br><a href="https://www.helpnetsecurity.com/2026/01/15/expel-cybersecurity-investment-decisions/">Main link to resource</a></p></li></ol><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><div><hr></div><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unreasonable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/gap-year-risk-updates-for-weeks-of?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/gap-year-risk-updates-for-weeks-of?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/gap-year-risk-updates-for-weeks-of?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item><item><title><![CDATA[Supply chain breaks | Risk Updates for Weeks of 15 December - 12 January '26]]></title><description><![CDATA[Threat concerns this week: A look at events over the holidays. Everstream's 2026 risk analysis, Manufacturers nightmare outlook, and 5 quick fires.]]></description><link>https://www.unbreakableventures.com/p/supply-chain-breaks-risk-updates</link><guid isPermaLink="false">https://www.unbreakableventures.com/p/supply-chain-breaks-risk-updates</guid><dc:creator><![CDATA[Ollie Law]]></dc:creator><pubDate>Mon, 12 Jan 2026 02:46:24 GMT</pubDate><enclosure url="https://api.substack.com/feed/podcast/184248086/77eea9b7cb7a093a277be19beb05cd5d.mp3" length="0" type="audio/mpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!hLoH!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F873b7c53-b06d-4d37-ba0c-5163341c507d_1200x720.jpeg" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!hLoH!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F873b7c53-b06d-4d37-ba0c-5163341c507d_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!hLoH!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F873b7c53-b06d-4d37-ba0c-5163341c507d_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!hLoH!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F873b7c53-b06d-4d37-ba0c-5163341c507d_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!hLoH!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F873b7c53-b06d-4d37-ba0c-5163341c507d_1200x720.jpeg 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!hLoH!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F873b7c53-b06d-4d37-ba0c-5163341c507d_1200x720.jpeg" width="1200" height="720" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/873b7c53-b06d-4d37-ba0c-5163341c507d_1200x720.jpeg&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:720,&quot;width&quot;:1200,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1156151,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/jpeg&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.unbreakableventures.com/i/184248086?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F873b7c53-b06d-4d37-ba0c-5163341c507d_1200x720.jpeg&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!hLoH!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F873b7c53-b06d-4d37-ba0c-5163341c507d_1200x720.jpeg 424w, https://substackcdn.com/image/fetch/$s_!hLoH!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F873b7c53-b06d-4d37-ba0c-5163341c507d_1200x720.jpeg 848w, https://substackcdn.com/image/fetch/$s_!hLoH!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F873b7c53-b06d-4d37-ba0c-5163341c507d_1200x720.jpeg 1272w, https://substackcdn.com/image/fetch/$s_!hLoH!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F873b7c53-b06d-4d37-ba0c-5163341c507d_1200x720.jpeg 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p></p><p>Hello and Happy New Year &#128075; get a brew on because <strong>these are the top emerging risks between December 15 2025, and January 12, 2026&#8230;</strong></p><p><strong><a href="https://fixinc.substack.com/about">Review our report&#8217;s terminology here &#8599;</a></strong></p><p>We&#8217;re back after a well-deserved break and although it went faster than Christmas pudding, we&#8217;re excited to support you in global threats and mitigations in 2026. </p><p>After much reading and analyzing the world&#8217;s top threat intelligence over the holidays (excellent bedtime reading), we can confidently say that this new year is unlikely to be any different. In fact, the key risk categories have gone up in criticality by about 26% in the last 3 months according to recent studies out of WEF and Harvard Business Review.</p><p>The strategy for 2026 is a simple:</p><blockquote><p><strong>Plan, do, check, and act.</strong></p></blockquote><p>Do those four things, and you will be OK.</p><p>Our main risk this fortnight is&#8230;</p><h2>1. Economic: 2026 Supply Chain Disruption Outlook</h2><ul><li><p>Everstream Analytics is flagging a 2026 disruption landscape where climate-linked shocks, infrastructure strain, and geopolitics increasingly compound rather than occur in isolation, turning &#8220;single events&#8221; into multi-region, multi-tier supply failures.</p></li><li><p>The operational risk is shifting from short, localised delays to prolonged volatility: suppliers may &#8220;recover&#8221; but remain capacity constrained due to labour dislocation, damaged logistics corridors, or repeated extreme-weather events.</p></li><li><p>Planning is moving beyond supplier scorecards toward network mapping: understanding sub-tier dependencies, chokepoints, and route optionality becomes a prerequisite for credible resilience claims.</p></li><li><p>The practical takeaway: &#8220;just in time&#8221; is not dead, but it is being forced to coexist with redundancy, scenario planning, and earlier commitment to inventory and transport capacity.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.dcvelocity.com/supply-chain/other-services/supply-chain-strategy/everstream-predicts-top-four-supply-chain-disruptions-for-2026">Everstream: </a><em><a href="https://www.dcvelocity.com/supply-chain/other-services/supply-chain-strategy/everstream-predicts-top-four-supply-chain-disruptions-for-2026">Predicts the top four global supply chain disruptions for 2026</a></em><a href="https://www.dcvelocity.com/supply-chain/other-services/supply-chain-strategy/everstream-predicts-top-four-supply-chain-disruptions-for-2026"> (DC Velocity, accessed 11 Jan 2026)</a></p></li><li><p><a href="https://www.imf.org/en/Publications/WEO">International Monetary Fund: </a><em><a href="https://www.imf.org/en/Publications/WEO">World Economic Outlook</a></em><a href="https://www.imf.org/en/Publications/WEO"> (October 2025 edition)</a></p></li><li><p><a href="https://www.newyorkfed.org/research/policy/gscpi">Federal Reserve Bank of New York: </a><em><a href="https://www.newyorkfed.org/research/policy/gscpi">Global Supply Chain Pressure Index</a></em><a href="https://www.newyorkfed.org/research/policy/gscpi"> (latest release)</a></p></li><li><p><a href="https://www.weforum.org/publications/global-risks-report-2025/">World Economic Forum: </a><em><a href="https://www.weforum.org/publications/global-risks-report-2025/">Global Risks Report 2025</a></em><a href="https://www.weforum.org/publications/global-risks-report-2025/"> (January 2025)</a></p></li><li><p><a href="https://public.wmo.int/en/resources/state-of-climate-services">World Meteorological Organization: </a><em><a href="https://public.wmo.int/en/resources/state-of-climate-services">2024 State of Climate Services</a></em><a href="https://public.wmo.int/en/resources/state-of-climate-services"> (November 2024)</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Manufacturers with regionally concentrated supply<br></strong>If key components come from one climate-exposed geography or a single logistics corridor, repeated disruption can become &#8220;normal operations,&#8221; eroding service levels and margins simultaneously. </p></li><li><p><strong>Retailers and consumer brands with promotion-driven demand spikes<br></strong>Weather and transport volatility punish tight replenishment cycles. If demand surges meet a fragile inbound network, you get stockouts and expedited freight at the same time. </p></li><li><p><strong>Logistics providers and 3PLs with fixed-network assumptions<br></strong>If your network design assumes stable lane performance and predictable port or rail throughput, you will struggle when disruptions cascade across nodes and force rapid re-optimisation.<strong> </strong></p></li><li><p><strong>Companies with thin tier-2 and tier-3 visibility<br></strong>Even if tier-1 suppliers appear stable, sub-tier fragility can trigger sudden line-down events that look like &#8220;supplier failure&#8221; but are actually upstream shocks.</p></li></ul><p><em>These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don&#8217;t know what they are, <a href="https://www.fixinc.io">get in touch.</a></em></p><h2>Preventative actions</h2><h5>Build a disruption portfolio, not a single plan</h5><ul><li><p>Treat disruption as a set of repeatable patterns (weather, labour, infrastructure, geopolitical constraints) and maintain playbooks for each, including triggers for switching lanes, swapping suppliers, and changing order policies. </p></li></ul><h5>Map critical sub-tier dependencies </h5><ul><li><p>For high-impact SKUs, identify tier-2 and tier-3 single points of failure and validate alternates. Contractual visibility requirements and periodic supplier validation are often more effective than one-off surveys. </p></li></ul><h5>Design route optionality into contracts</h5><ul><li><p>Pre-negotiate carrier and lane alternatives, including port-of-entry flexibility. Optionality is cheapest before the incident and most expensive during it. </p></li></ul><h5>Stress-test inventory policy against multi-week disruption </h5><ul><li><p>Run scenarios where replenishment is constrained for longer than expected, then decide which SKUs justify strategic buffers and where postponement or substitution can reduce fragility.</p></li></ul><div><hr></div><h2>2. Technological: Ransomware Targets Transport Logistics</h2><ul><li><p>A Cyble report highlights a surge in ransomware activity affecting transport and logistics, with attackers exploiting the sector&#8217;s high uptime requirements and operational interdependence to force faster payments and higher disruption impact.</p></li><li><p>Logistics firms are attractive targets because downtime propagates immediately: missed pickups, warehouse standstills, customs delays, and cascading penalties across contracted service-level agreements.</p></li><li><p>The threat is not limited to &#8220;IT systems&#8221; in isolation. Fleet operations, warehouse management, shipment visibility platforms, and customer portals create multiple attack surfaces and multiple pressure points for extortion.</p></li><li><p>The broader risk is systemic: when a major logistics node is compromised, downstream manufacturers and retailers can experience disruption even if their own systems remain uncompromised.</p></li></ul><p><strong>Sources</strong></p><ul><li><p><a href="https://www.varindia.com/news/cyble-report-2025-ransomware-attacks-on-transport-logistics-surge-disrupt-global-supply-chains">Cyble: </a><em><a href="https://www.varindia.com/news/cyble-report-2025-ransomware-attacks-on-transport-logistics-surge-disrupt-global-supply-chains">2025 ransomware attacks on transport and logistics surge, disrupting global supply chains</a></em><a href="https://www.varindia.com/news/cyble-report-2025-ransomware-attacks-on-transport-logistics-surge-disrupt-global-supply-chains"> (VARINDIA, accessed 11 Jan 2026)</a></p></li><li><p><a href="https://www.cisa.gov/stopransomware">CISA: </a><em><a href="https://www.cisa.gov/stopransomware">Stop Ransomware &#8211; ransomware guidance and response resources</a></em><a href="https://www.cisa.gov/stopransomware"> (updated)</a></p></li><li><p><a href="https://www.microsoft.com/en-us/security/blog/">Microsoft Security: </a><em><a href="https://www.microsoft.com/en-us/security/blog/">Ransomware trends and threat intelligence</a></em><a href="https://www.microsoft.com/en-us/security/blog/"> (latest)</a></p></li><li><p><a href="https://www.ic3.gov/Media/PDF/AnnualReport/2023_IC3Report.pdf">FBI IC3: </a><em><a href="https://www.ic3.gov/Media/PDF/AnnualReport/2023_IC3Report.pdf">Internet Crime Report</a></em><a href="https://www.ic3.gov/Media/PDF/AnnualReport/2023_IC3Report.pdf"> (April 2024)</a></p></li><li><p><a href="https://www.ncsc.gov.uk/collection/supply-chain-security">UK National Cyber Security Centre: </a><em><a href="https://www.ncsc.gov.uk/collection/supply-chain-security">Threat actors exploiting supply chains and third parties</a></em><a href="https://www.ncsc.gov.uk/collection/supply-chain-security"> (guidance collection)</a></p></li></ul><h3>You should be concerned if&#8230;</h3><ul><li><p><strong>Transport, freight forwarding, and warehousing operators <br></strong>Your business model depends on continuous operations and tight coordination. Ransomware disrupts dispatch, scanning, routing, inventory accuracy, and customer commitments simultaneously.</p></li><li><p><strong>Manufacturers running lean production and time-definite inbound<br></strong>Even a short outage at a 3PL, carrier, or visibility vendor can halt lines or force costly rescheduling. Your resilience is only as strong as your logistics dependencies.</p></li><li><p><strong>Retailers dependent on DC throughput and last-mile partners <br></strong>If WMS, labour scheduling, or transport systems go offline, order backlogs compound quickly and recovery can take days even after systems are restored.</p></li><li><p><strong>Any firm using shared logistics platforms<br></strong>Multi-tenant systems and widely used vendors can become single points of systemic failure, where one compromise becomes a cross-customer disruption event.</p></li></ul><h2>Preventative actions</h2><h5>Assume logistics is critical infrastructure </h5><ul><li><p>Treat TMS, WMS, telematics, and label/scan environments as &#8220;must-run&#8221; systems with hardened access controls, aggressive patching, and isolation from general corporate IT. </p></li></ul><h5>Prove you can recover operations without paying</h5><ul><li><p>Maintain offline, tested backups and run restore drills that include the operational layer: shipping, receiving, pick-pack-ship, and dispatch workflows, not just server recovery.</p></li></ul><h5>Contract for cyber resilience, not just uptime</h5><ul><li><p>Supplier agreements should include breach notification timelines, recovery time objectives, and evidence-based controls (MFA, segmentation, backup posture), with the right to audit where appropriate. </p></li></ul><h5>Reduce blast radius with segmentation and least privilege</h5><ul><li><p>Split corporate IT from warehouse/fleet systems; enforce MFA; remove standing admin rights; and monitor for abnormal access in dispatch and warehouse accounts.</p></li></ul><div><hr></div><h2>Quick snippet stories</h2><ol><li><p><strong>Cyber incidents are increasingly disrupting enterprise operations</strong><br>A Yahoo Finance report highlights that cyber incidents and attacks are materially disrupting enterprise operations, reinforcing that digital downtime is now an operational risk problem, not just an IT issue. The practical implication is that continuity planning must cover identity outages, SaaS disruptions, third-party compromise, and degraded manual workarounds, not only catastrophic data-loss events.<br><a href="https://sg.finance.yahoo.com/news/cyber-incidents-attacks-disrupt-enterprise-131500647.html">Yahoo Finance: </a><em><a href="https://sg.finance.yahoo.com/news/cyber-incidents-attacks-disrupt-enterprise-131500647.html">Cyber incidents and attacks disrupt enterprise operations</a></em><a href="https://sg.finance.yahoo.com/news/cyber-incidents-attacks-disrupt-enterprise-131500647.html"> (accessed 11 Jan 2026)</a></p></li><li><p><strong>Honda extends China production halt amid Nexperia crisis</strong><br>Honda has extended a production halt in China linked to a supplier disruption described as the &#8220;Nexperia crisis,&#8221; underscoring how semiconductor supply constraints can rapidly translate into OEM operational stoppages. The story also points to a geopolitical industrial-policy dimension, with heightened scrutiny of Nexperia due to its ownership structure and government intervention affecting assets and operations. For supply-chain leaders, the key risk is that political decisions can constrain capacity and availability in ways that appear to be supplier failures but are effectively state actions.<br><a href="https://www.automotiveworld.com/news/honda-extends-china-production-halt-over-nexperia-crisis/">Automotive World: </a><em><a href="https://www.automotiveworld.com/news/honda-extends-china-production-halt-over-nexperia-crisis/">Honda extends China production halt over Nexperia crisis</a></em><a href="https://www.automotiveworld.com/news/honda-extends-china-production-halt-over-nexperia-crisis/"> (accessed 11 Jan 2026)</a></p></li><li><p><strong>Manufacturing in 2026: repatriation meets intelligent cobots</strong><br>A Machinery feature argues that 2026 manufacturing strategy is being shaped by two parallel forces: supply-chain repatriation and the uptake of more capable, intelligent collaborative robots. The risk lens is straightforward. Firms attempting to onshore or nearshore without solving labour and productivity constraints may struggle, while those adopting automation without robust change management can introduce quality and safety issues. The durable advantage comes from linking automation decisions directly to resilience goals such as multi-site flexibility and faster product changeovers.<br><a href="https://www.machinery.co.uk/content/features/manufacturing-in-2026-from-supply-chain-repatriation-to-intelligent-cobots">Machinery: </a><em><a href="https://www.machinery.co.uk/content/features/manufacturing-in-2026-from-supply-chain-repatriation-to-intelligent-cobots">Manufacturing in 2026, from supply-chain repatriation to intelligent cobots</a></em><a href="https://www.machinery.co.uk/content/features/manufacturing-in-2026-from-supply-chain-repatriation-to-intelligent-cobots"> (accessed 11 Jan 2026)</a></p></li><li><p><strong>UK businesses warned that disruption risk is rising from protests</strong><br>City AM reports warnings to businesses about disruption stemming from a surge in protests, which can affect staff access, deliveries, customer footfall, and local transport reliability. This is a continuity-planning issue as much as a security issue. Organisations need routing options, staffing contingencies, and communications playbooks for rapid disruption in dense urban areas. If you operate from shared premises, disruption affecting others is almost always yours too, so planning and exercises should explicitly incorporate external disruptions in shared buildings, estates, and multi-tenant sites.<br><a href="https://www.cityam.com/city-businesses-warned-of-disruptions-from-surge-in-protests/">City AM: </a><em><a href="https://www.cityam.com/city-businesses-warned-of-disruptions-from-surge-in-protests/">City businesses warned of disruptions from surge in protests</a></em><a href="https://www.cityam.com/city-businesses-warned-of-disruptions-from-surge-in-protests/"> (accessed 11 Jan 2026)</a></p></li><li><p><strong>Ransomware pressure rises on UK mid-market firms</strong><br>Raconteur reports that UK mid-market firms are increasingly targeted by ransomware actors, often because they have meaningful revenue and operational complexity without enterprise-grade security depth. For leadership teams, the operational lesson is that ransomware is rarely just data theft. It manifests as service disruption, invoice disruption, payroll disruption, and customer churn risk. The most practical step is to align cyber controls to business processes that must continue operating, then test the ability to function manually under realistic downtime assumptions.<br><a href="https://www.raconteur.net/risk-regulation/ransomware-uk-mid-market-firms">Raconteur: </a><em><a href="https://www.raconteur.net/risk-regulation/ransomware-uk-mid-market-firms">Ransomware and the UK mid-market, why firms are exposed</a></em><a href="https://www.raconteur.net/risk-regulation/ransomware-uk-mid-market-firms"> (accessed 11 Jan 2026)</a></p></li></ol><div><hr></div><p>Want to discuss how these risks might effect your business?<br><strong><a href="https://www.fixinc.io/consulting/uv-call">Book 30 minutes with us, free &#8599;</a></strong></p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Every fortnight, we send out a risk you may not have heard to help you stay prepared. You can always unsubscribe later.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><div><hr></div><h2>Need support?</h2><p>At <a href="https://www.fixinc.io">Fixinc</a>, we are passionate about helping people get through disasters. That&#8217;s why our team of Advisors bring you this resource <strong>free of charge</strong>. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unreasonable Ventures to support this channel.</p><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.fixinc.io/consulting/uv-call&quot;,&quot;text&quot;:&quot;Book your 30min call here&quot;,&quot;action&quot;:null,&quot;class&quot;:null}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.fixinc.io/consulting/uv-call"><span>Book your 30min call here</span></a></p><div class="captioned-button-wrap" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/supply-chain-breaks-risk-updates?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="CaptionedButtonToDOM"><div class="preamble"><p class="cta-caption">Help us help people just like you. Share this post today and spread the support &#129309;</p></div><p class="button-wrapper" data-attrs="{&quot;url&quot;:&quot;https://www.unbreakableventures.com/p/supply-chain-breaks-risk-updates?utm_source=substack&utm_medium=email&utm_content=share&action=share&quot;,&quot;text&quot;:&quot;Share&quot;}" data-component-name="ButtonCreateButton"><a class="button primary" href="https://www.unbreakableventures.com/p/supply-chain-breaks-risk-updates?utm_source=substack&utm_medium=email&utm_content=share&action=share"><span>Share</span></a></p></div><p></p><p></p>]]></content:encoded></item></channel></rss>