Hello 👋 get a brew on because these are the top 3 emerging risks between April 21st, and May 5th, 2025…

Review our report’s terminology here ↗

Our main risk this fortnight is…

1. Societal & Economic: Major power outage across Spain and Portugal

• On April 28, a massive power outage plunged Spain and Portugal into chaos. In five seconds, Spain lost 60% of its electricity supply. Hospitals, trains, airports, and telecoms all shut down. Planes were grounded. Panic spread online. It wasn’t cyber. It wasn’t terrorism. It was grid mismanagement. Initial suspicions pointed to a cyberattack or renewables failure, but investigations now confirm a cascading fault in grid protection and load balancing systems.

• What to do now:

  • Run a blackout scenario exercise within your team. Use Iberia as the case study.

  • Audit your business continuity plan for power and communications.

  • Push for faster resilience investments in grid infrastructure and critical backups.

  • Ensure key vendors have continuity plans beyond “hope.”

Sources

• Spanish power cut highlights fundamental weakness in EU power grid | Euro News | 30-04-2025

• Analysis: Spain and Portugal's power outage exposes critical vulnerabilities in mobile network resilience | Capacity Media | 30-04-2025

• Business group says power outage in Spain caused €1.6bn in damages | Yahoo News | 01-05-2025

• Spain, Portugal switch back on, seek answers after biggest ever blackout | Reuters | 30-04-2025

You should be concerned if…

• You operate hospitals, airports, or logistics infrastructure reliant on continuous power.

• You work in government or emergency services and haven’t pressure-tested your grid dependencies.

• You lead a business reliant on telecoms, mobile apps, cloud systems, or international travel.

These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don’t know what they are, get in touch.

Preventative actions

• Run a blackout scenario exercise within your team. Use Iberia as the case study.

• Audit your business continuity plan for power and communications.

• Push for faster resilience investments in grid infrastructure and critical backups.

• Ensure key vendors have continuity plans beyond “hope.”

2. Geopolitical: Albanese win a reflection on Western democracy sentiment

• Australia’s Prime Minister Albanese won re-election in a surprise twist, as opposition leader Peter Dutton not only failed but lost his own seat. It mirrors the global swing: rising economic frustration, immigration debates, and anti-establishment sentiment.

• This wasn’t just an Australian story. It’s part of a pattern happening in Western democracies, fuelled by inflation, housing crises, and public distrust in global institutions.

• Why this matters: Political shocks affect regulation, trade, tax, hiring, and investment cycles. And they don’t stay in one country—they echo.

• What to do now:

  • Run an impact model for populist or protectionist shifts in your markets.

  • Build in flexibility across your supply chain and compliance approach.

  • Keep tabs on early policy shifts. First 100 days are when most rules change.

Sources

• Albanese re-elected as PM in historic win as Dutton loses seat | 1news | 03-05-2025

• Labor Wins Big in Australia | Wall Street Journal | 03-05-2025

• First Canada, Now Australia: The Trump Factor Boosts Another World Leader in an Election | Wal | 03-05-2025

3. Technological: Multiple security vulnerabilities remind risk of password-less control

• This fortnight saw a flurry of tech risks. A surveillance software called FlexiSpy leaked over 21 million screenshots from government, healthcare, and corporate computers—including passwords, personal emails, and medical records.

• Microsoft’s Remote Desktop Protocol was found to accept old passwords, even after they've been changed. No fix has been confirmed.

• SAP systems faced a CVSS 10.0 vulnerability, and millions of Apple users were exposed to Wi-Fi injection attacks via AirPlay and CarPlay.

• Why this matters: We are building our businesses on digital tools that are insecure by design. Surveillance platforms are often the weakest link.

• What to do now:

  • Patch RDP and SAP NetWeaver immediately.

  • Audit and disable unused or excessive surveillance tools.

  • Segment your networks and isolate critical systems.

  • Consider switching off screen-capture features until risk assessments are done.

Sources

• Millions of AirPlay devices can be hacked over Wi-Fi; CarPlay too | 9 to 5 Mac | 20-04-2025

• CVSS 10 SAP NetWeaver bug is under active attack | The Stack | 25-04-2025

• An Employee Surveillance Company Leaked Over 21 Million Screenshots Online | Gizmodo | 24-04-2025

Want to discuss how these risks might effect your business?
Book 30 minutes with us, free ↗

Need support?

At Fixinc, we are passionate about helping people get through disasters. That’s why our team of Advisors bring you this resource free of charge. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unreasonable Ventures to support this channel.

Book your 30min call here