e2e-assure has launched Cumulo, a sovereign AI-driven security operations centre platform for IT and operational technology environments. It describes the product as the UK’s only sovereign zero-day SOC platform.

The launch is aimed at organisations that want to keep cyber defence data and AI models within UK-controlled infrastructure, particularly operators of critical national infrastructure and businesses in regulated sectors. Cumulo combines threat detection, incident analysis and environment modelling in a system designed to reduce reliance on external cloud AI services.

The platform is built around a digital twin of each customer environment, maintained continuously through passive discovery across IT and OT systems. That replica is used for attack simulation and to identify risks before they are exploited, an approach e2e-assure says is particularly relevant in operational environments where live testing can disrupt services.

Another element is what e2e-assure calls a zero-day SOC model. In practice, this means live threat intelligence can be turned into detection rules immediately rather than waiting for slower update cycles, with the aim of narrowing the gap between a threat emerging and an organisation being able to detect it.

The system keeps artificial intelligence alongside a security information and event management platform rather than replacing it. In this structure, the SIEM acts as the evidential record of events, while AI analyses data, builds context and supports investigations.

Customer-dedicated local large language models are deployed within sovereign environments and trained on each organisation’s own estate. This is intended to improve accuracy by grounding analysis in local operating conditions while limiting the movement of sensitive security data outside customer-controlled infrastructure.

The launch comes as UK cyber policy places greater emphasis on early threat identification and stronger domestic control over defensive tools. e2e-assure linked the product to GCHQ’s AI Cyber Shield initiative and to broader concerns about dependence on foreign technology providers for security operations.

“Cumulo represents a shift away from traditional SOC and SIEM environments that are largely human-centric and reactive because they rely on sequential alert triage and retrospective investigation. Instead, Cumulo uses an AI-first security operating system,” said Rob Demain, chief executive officer of e2e-assure.

“Threats are now moving faster than human-led workflows can keep pace with, leaving security teams struggling. At the same time, many AI approaches in security are still constrained by legacy architectures that force them to rebuild context after the fact. We built Cumulo to change that by continuously building understanding as data is generated, while keeping expert analysts at the centre of decision-making,” Demain said.

The service retains a human review model, with SC-cleared security staff involved in decisions rather than allowing the platform to operate autonomously. Customer security and operations teams also remain involved throughout investigations, particularly where risk appetite and operational constraints differ between organisations.

Behind that model is a layered AI structure that separates environment-specific reasoning from broader research and intelligence tasks. A local model layer handles detection and analysis tied to the customer estate, while a separate intelligence layer correlates wider threat data. A further model layer is used for non-sensitive enrichment work.

The platform also uses several AI models to review investigations from different perspectives, creating what e2e-assure calls an auditable view of each alert through its Cumulo Analyst Helper. Findings are then checked against threat intelligence and deterministic detection engines before reaching an analyst, in an effort to reduce false or misleading outputs.

Product tiers

Cumulo is being offered through a tiered model aimed at different levels of security maturity. The standard version includes AI-led investigation, autonomous threat hunting, threat intelligence, centralised reporting and compliance dashboards.

The higher tier adds unified monitoring across IT and OT systems, digital twin functions, live compliance dashboards and cross-environment correlation for organisations with more complex operational estates. e2e-assure says the model is intended to help users identify and rank vulnerabilities across interconnected environments before they are exploited.

The company has provided managed security operations services to government and critical infrastructure customers for more than a decade. Its security operations centre is staffed by UK-based cleared cyber professionals, and the Cumulo platform is fully owned by the business rather than tied to a single third-party technology stack.

“For organisations responsible for critical national infrastructure and essential services such as energy, water, transport, telecommunications and government operations, resilience isn’t just about identifying threats faster; it’s about ensuring your ability to defend remains intact during a crisis,” Demain said.

“As more security capabilities move into the cloud, questions around sovereignty, dependency and operational continuity continue to mount. For organisations operating in regulated or high-dependence environments, reliance on external AI infrastructure can introduce risks around data residency, transparency and continued access to critical defensive capabilities. Cumulo addresses these challenges by keeping sensitive operational knowledge within customer-controlled environments, reducing exposure to external disruption and helping organisations maintain visibility and cyber defence capability even during major incidents, connectivity outages or wider infrastructure disruption,” he said.

QuEra Computing has announced Libra, its first fault-tolerant quantum computer, and plans to make the system available on Amazon Braket in 2028.

It has also expanded its multi-year strategic collaboration with Amazon Web Services, with Libra becoming the first system covered by the broader agreement.

The Boston-based quantum computing company describes Libra as a megaquop-class machine, a term it uses for a system intended to carry out about one million reliable logical quantum operations. The machine is projected to offer more than 256 error-corrected logical qubits and a logical error rate of 10−6.

Fault-tolerant quantum computing is widely viewed as a key step beyond today’s error-prone systems because it is intended to support longer, more dependable calculations. QuEra says this could open a path to early commercial and research workflows in fields such as molecular simulation, materials discovery and optimisation, where classical computing methods can struggle as problems grow larger.

AWS link

Under the arrangement, AWS customers will be able to access Libra through Amazon Braket, the cloud group’s managed quantum computing service. AWS says Braket gives users a single environment to build and run quantum applications alongside existing classical infrastructure, including high-performance computing, artificial intelligence and machine learning services.

The tie-up extends a relationship that began in 2022, when QuEra’s Aquila system became available on Amazon Braket. Aquila is a 256-physical-qubit neutral-atom quantum computer, while QuEra’s Gemini system, which the company says has logical-qubit functions, is co-located with the ABCI-Q supercomputer in Japan.

Andy Ory, chief executive officer of QuEra Computing, said the company sees the announcement as part of a broader shift in the industry.

“Fault-tolerant quantum computing is moving from a scientific milestone to an engineering and deployment roadmap,” Ory said.

“We have executed this roadmap in the open, with peer-reviewed milestones and validated system advances. Libra brings fault-tolerant computing to the cloud at scale in 2028. It is an important step forward, and subsequent generations will scale even further, as we will reveal in our roadmap webinar later this month. We are inviting leaders to engage now so they can build the talent, use cases and workflows needed to be ready when these systems come online,” he said.

Research base

QuEra says every building block of the Libra architecture has already been validated in peer-reviewed research. It points to eight papers in Nature and Physical Review Letters by its teams and by researchers in the laboratories of its scientific founders at Harvard and MIT.

According to the company, the papers cover logical qubits, below-threshold error correction, transversal logical operations, fast decoding for real-time error correction, sustained operation of thousands of qubits with continuous atom reloading, and error-correcting codes intended to reduce the number of physical qubits needed for each logical qubit.

Neutral-atom quantum computing has drawn increasing attention as one of several technical approaches in the race to build practical quantum systems. QuEra’s strategy has focused on demonstrating error correction and then scaling towards fault tolerance, rather than only increasing raw qubit counts.

Amazon Web Services says the collaboration reflects its view that fault-tolerant quantum systems will become part of customers’ computing environments.

“We believe fault-tolerant quantum computing will become a foundational part of how customers solve their hardest computational problems on AWS. QuEra’s technology has demonstrated a clear path to that future. By bringing these capabilities to customers through Amazon Braket, they can combine QuEra’s fault-tolerant quantum processors with the scalable AWS HPC and AI services they already rely on,” said Eric Kessler, general manager of Amazon Braket at AWS.

Commercial pressure

QuEra is also using the announcement to urge potential users to prepare for fault-tolerant systems before they become commercially available. It plans to keep building successive in-house generations of fault-tolerant systems ahead of Libra’s release, both to refine the design and to give selected partners earlier access to working environments.

Yuval Boger, chief commercial officer of QuEra, said organisations that delay planning could lose time once the systems arrive.

“Waiting until 2028 to build a quantum strategy is a competitive risk,” Boger said.

“The algorithms that will harness fault-tolerant systems at this scale might not yet exist. Given that Libra will be available on the cloud in 2028 with a one-in-a-million error rate, the organizations that start co-developing now will be operational on day one, not catching up,” he said.

Industry analysts say the announcement marks an important moment for a field often criticised for setting ambitious targets without enough technical disclosure. QuEra’s emphasis on peer-reviewed milestones appears intended to distinguish its timetable from less transparent claims in the sector.

“QuEra’s plan to deliver fault-tolerant systems in 2028 represents a significant inflection point for the quantum computing industry. QuEra’s approach entails publishing every milestone, validating through peer review and now offering concrete QC end-user engagement paths. This disciplined and visible strategy is what aspiring QC end users in HPC centres and related government programs want to see before committing substantial resources to an emerging technology,” said Bob Sorensen, chief analyst for quantum computing at Hyperion Research.

KAREN JOY BACUDO

Finance Editor

Access PaySuite has agreed to acquire Ordo’s Open Banking infrastructure, giving the payments arm of The Access Group ownership of its Open Banking payment rail.

The acquisition adds Open Banking to Access PaySuite’s existing card and Direct Debit services and gives it direct control of the payment acceptance layer across all three methods. Open Banking will be embedded across its platforms as a native feature, rather than offered through a third-party arrangement.

The move comes as Pay by Bank use continues to grow in the UK. Open Banking Limited said the system processed 351 million payments in 2025, up 57% year on year, with more than 16.5 million active users.

Access PaySuite said owning the infrastructure will allow it to combine payment initiation with real-time account data. It is positioning that combination as a way to expand beyond transaction processing into services tied to collections, affordability checks and financial support.

Broader use

In arrears management, live financial data can help housing associations identify hardship earlier, adjust recovery approaches and offer repayment plans during contact with tenants or customers. For affordability assessments, verified account data can replace self-reported figures at the point of application.

The same framework could also support hardship planning by enabling earlier intervention before accounts worsen. In each case, the model relies on linking payment activity with account information at the point a decision is made.

The transaction also paves the way for Variable Recurring Payments (VRP), a real-time alternative to Direct Debit. Access PaySuite said the method gives payers greater control over authorisation while allowing merchants and service providers to collect funds more quickly and with more flexibility.

Control of the infrastructure is also likely to have operational effects within the payments business. The rail can reduce acceptance costs, shorten settlement times and provide more detailed reconciliation data.

These changes matter because many software providers in payments still depend on external partners for parts of Open Banking connectivity. By bringing the infrastructure in-house, Access PaySuite is seeking tighter integration between payment collection and its customers’ software systems.

Regulatory step

The acquisition also sits alongside Access PaySuite’s pursuit of Financial Conduct Authority permissions for Payment Initiation Services and Account Information Services. Those permissions would allow it to provide regulated Open Banking functions directly rather than through another licensed provider.

“This acquisition isn’t about adding a payment method. It’s about what we build with it. We’re embedding Open Banking natively across our platforms, and the bigger opportunity is blending payments with financial intelligence to tackle genuinely hard problems. That’s where payments stop being a utility and start driving real outcomes – more revenue recovered, lower cost to serve, and better financial lives for the people on the other end of every transaction,” said Giulio Montemagno, Managing Director, Access PaySuite.

“Underpinning this is Access PaySuite’s pursuit of FCA permissions for Payment Initiation and Account Information Services. These are not just regulatory milestones, but what makes the next generation of outcomes possible. Together, they open an entirely new class of solution: intelligence embedded directly at the point of need. The UK’s National Payments Vision puts Open Banking at the centre of how payments should evolve. Access PaySuite intends to be at the front of that wave.”

Access PaySuite is the payments division of The Access Group. This business software provider says it serves more than 160,000 small and mid-sized organisations across Europe, the US and Asia-Pacific. The group’s software is used in both commercial and non-profit sectors, giving the payments arm a large installed base into which Open Banking services can be introduced.

For the wider market, the deal reflects a continuing shift in Open Banking from a standalone payment option to a component within sector-specific software. Rather than competing only on checkout conversion, providers are increasingly using bank payment tools and account data to support credit decisions, debt collection and customer support processes.

The trend is particularly visible in sectors where recurring payments, arrears and affordability checks are closely linked, including housing, utilities and other service-heavy industries. Access PaySuite said the combination of payment initiation and account information can be used directly at the point where a customer needs to pay, seek support or be assessed for repayment terms.

Open Banking will sit alongside cards and Direct Debit within a single platform.