Closing the Resilience Gap: Where the Government Says UK PLC Is Still Failing
Customers, boards and regulators are all in agreement. If cybersecurity breaches are impossible to prevent 100% of the time, the focus must be on i...
Author: Phil Muncaster
The Path of Least Resistance: Why Defence in Depth Is the Best Response to Cloud Threats
Threat actors are nothing if not resourceful. When they find that a particular pathway is blocked, they don’t give up. Instead, they simply search ...
Cyber Threats in a Time of Heightened Middle East Tensions: What UK CISOs Can Expect
As worst-case scenarios go, they don’t get much worse than a company-wide wipe of all connected devices. Yet that’s the reality that US medtech fir...
The NCSC Wants Critical Infrastructure to “Act Now”: What Does That Mean?
The UK’s critical national infrastructure (CNI) providers are on notice. The National Cyber Security Centre (NCSC) has been ramping up its rhetoric...
A Key EU AI Act Deadline Is Approaching: Here’s What Businesses Need to Know
The EU’s AI Act is reaching the final stage in its tortuously long journey from legislative proposal to enforceable law. It’s been a long time comi...
UK Financial Services Firms Are Still Failing the Basics, the BoE Warns
The UK’s financial services sector punches well above its weight. London is a close second to New York as the world’s preeminent financial hub and ...
What the LastPass Breach Tells Us About Compliance in 2026
The GDPR was always meant to be vague. By not listing prescriptive technical controls – as, for example, PCI DSS does – the regulation does a bette...
Is the Government’s Cyber Action Plan Fit for Purpose?
It’s not often the government admits it was wrong. Yet at the start of the year, we were treated to a rare mea culpa: a recognition that a previous...
WEF Report: Fraud Is Now CEOs’ Biggest Cyber Concern, but It’s Not the Only One
Five years is a long time in cybersecurity. Yet that’s how long the World Economic Forum (WEF) has been polling CEOs for its Global Cybersecurity O...
Privacy Matters: What Compliance Teams Can Expect in 2026
January 28 is Global Privacy Day – an occasion to celebrate the right to data privacy and protection that many of us take for granted today. It was...
Closing the AI Governance Gap with ISO 42001
The UK has an AI governance problem. This might not have been an issue a few years ago, when projects were piecemeal in most organisations. But tod...
Five Security and Compliance Trends to Look Out for in 2026
What might the coming 12 months look like for cybersecurity and compliance professionals? We’ve scoured the news, absorbed the predictions of indus...
Is an Agentic AI Security Breach Inevitable in 2026?
It might be three years since the launch of ChatGPT kicked off a new technology arms race, but all eyes are now on agentic AI. Boosters claim it wi...
A Year in Compliance: Five Things We Learned in 2025
The past 12 months have once again proven that the cybersecurity landscape is rarely short on incident. Major security breaches cost organisations ...
What the Cyber Security and Resilience Bill Means for Critical Infrastructure
It’s been a long time coming. Having been trailed as far back as the King’s Speech in 2024, the Cyber Security and Resilience Bill (CSRB) has final...
When it Comes to OT, Visibility Is the Foundation of Effective Security
IT often grabs the headlines, especially now we’re embarking on a new age of AI-powered everything. But it is operational technology (OT) that stil...
What the Deloitte Australia Saga Says About the Risks of Managing AI
Generative AI (GenAI) has scaled the heady heights of industry hype since it burst onto the scene in late 2022. Now it is entering what Gartner cal...
The NCSC Says “It Is Time to Act”, But How?
It’s unusual to see an open letter from a business leader at the start of a government cybersecurity report. Especially someone whose company has j...
What an npm Attack Says About the Risks of Open-Source Software
The history of open-source security is littered with examples of catastrophic failings and near misses. A crypto-malware campaign discovered in ear...
Can the UK Create a Multibillion-Pound AI Assurance Sector?
The government is going all-in on AI. Announced in January, its AI Opportunities Action Plan seeks to drive economic growth, improve the quality of...
Jaguar Land Rover’s Travails Highlight the Need for Cyber Resilience
Manufacturers have been the most popular target for global cyber-attacks over the past four years. The sector was also number one for ransomware in...
As Optus Is Sued, What Went Wrong and What Lessons Can We Learn?
The wheels of justice move slowly sometimes. So it is in Australia, where the privacy regulator has finally filed civil penalty proceedings against...
OT Risk Could Be a $330bn Problem: How Do We Solve It?
Business leaders neglect operational technology (OT) risk at their peril. These are the systems that power some of the UK’s most critical national ...
