Reviewing the 2025 UK Cyber Policy Paper: Promise, Blind Spots, and the Challenge of Continuity

This article, written in reaction to the DSIT Cyber Policy 2025, reviews and critiques the government’s new approach. It recognises what the policy gets right — framing resilience as growth, creating safe havens, and calling for a one-team response — but also highlights what is missing: metrics, continuity, practitioner voice, and regional balance. Without these, the new policy risks becoming rhetoric rather than a platform for real progress. Unless the UK moves decisively from aspiration to delivery, the 2025 Cyber Policy will join its predecessors as another missed opportunity.

Continue reading

A Potted History of the UK’s Cyber Economy: From Secrecy to Sector

This article, written in reaction to the DSIT Cyber Policy 2025, traces the uneven history of the UK’s cyber economy. From CESG’s secretive assurance role to NCSC’s public authority and DSIT’s contested remit, the story is one of incremental gains but persistent churn. Programmes such as Cyber Essentials, CyberFirst, CyberASAP, Cyber Runway, and Cyber Resilience Centres have delivered value but lacked continuity, scale, and coherence. Unless the government commits to stabilisation and long-term delivery, the UK will continue to recycle initiatives rather than build a durable cyber base.

Continue reading

How to Join a Government Working Group (Without Being a Civil Servant)

Yes, you can shape UK cyber policy, even from the outside. Here’s how people get in. Government working groups in the UK might seem closed-off, formal rooms filled with civil servants, consultants, and institutional insiders. But increasingly, government departments are seeking outside voices: founders, engineers, researchers, and community leaders who bring real-world experience. Whether you’re trying to influence cyber skills policy, secure-by-design standards, or public-sector procurement, joining the right working group can amplify your voice and build visibility for your organisation or sector. This article breaks down how non-civil servants are contributing to cyber and tech policy via working groups, what types exist, and how you can get involved.

Continue reading

Databricks vs Snowflake vs Microsoft Fabric: Positioning the Future of Enterprise Data Platforms

This article extends the Databricks vs Snowflake comparison to include Microsoft Fabric, exploring the platforms’ philosophical roots, architectural approaches, and strategic trade-offs. It positions Fabric not as a direct competitor but as a consolidation play for Microsoft-centric organisations, and introduces Microsoft Purview as the governance layer that unifies divergent estates. Using a real-world scenario where Databricks underpins engineering, Fabric drives BI adoption, and functional teams risk fragmentation, the piece outlines the “Build–Consume–Govern” model and a phased transition plan. The conclusion emphasises orchestration across platforms, not choosing a single winner, as the path to a governed, AI-ready data estate.

Continue reading
The Cars That Ate Paris promo photo

The Cars That Ate Paris: The Census Website that Swore at Grannies

The 1901 Census website was meant to showcase British digitisation, but instead it became a punchline: servers that buckled on launch, mismatched kit lashed together, prisoner-typed data laced with obscenities, and retired “10 till 3 grannies” and neurodiverse consultants cleaning up the mess. I was called in to write the report that unravelled the fiasco, a job that took me from QinetiQ’s “Santa in tweed” CTO to the Cabinet Office, where I first crossed paths with Alan Mather, and learned hard lessons about hubris, engineering, and failure, along the way.

Continue reading

From Startups to Scaleups: The UK’s Cyber Commercialisation Ladder, Explained

How Britain takes a cyber idea from academic paper to procurement-ready product, and who’s involved at each step. The UK has quietly built one of the world’s most interconnected cyber innovation ecosystems, a ladder of support that helps researchers, entrepreneurs, and early-stage companies turn ideas into commercial products, funding rounds, and contracts. But it’s not always obvious how it works, who owns which stage, or what the unwritten rules are. This article breaks down the UK’s cyber commercialisation journey, from research spinouts to public sector procurement, and highlights the critical programmes, accelerators, and gatekeepers at each level.

Continue reading

CyberFirst Celebration in the West Midlands: Reflections on What Makes Cyber Special

A reflection on the CyberFirst Celebration in the West Midlands, marking its transition to TechFirst. The event highlighted achievements, explored what makes cyber unique, and underlined the importance of maintaining the sector’s distinctive strengths, especially its uniquely inquisitive culture, as the programme broadens.

Continue reading

My Years at Sun Microsystems: From Dream Job to Oracle Redundancy

A memoir of nine years at Sun Microsystems, from the revelation of “The Network is the Computer” and parachuting into nasty projects, to the culture of contrarianism, the pressures of leadership, press training in Nice, and the slow decline into redundancies that culminated with Oracle’s takeover. It closes with reflections on philosophy, craft, people, and the enduring value of diversity and neurodiversity in engineering.

Continue reading

A Funny Thing Happened on the Way to the Forum: Ian Dunmore’s Punk Ethos in Government IT

A personal reflection on my friendship with Ian Dunmore and the rise and fall of Public Sector Forums, exploring how his punk, do-it-yourself ethos created a space for civil servants to speak truth to power, and why those edges still matter today. Follow-up articles will touch on some of the hijinks he got me into (I got myself into), like being sacked and reinstated from my dream job, all within one day.

Continue reading

Same As It Ever Was: Microsoft’s Office 365 Trap And Why Industrial Email Users Are Being Let Down

Microsoft is undermining Outlook’s role as the backbone of professional communication by forcing heavy users through the Office 365 funnel. Add-ins like MailMaestro, Copilot, and Boomerang are locked away, the product line is fragmented across multiple Outlook clients, and serious multi-inbox management is ignored. Rivals such as Spark, Canary, Mailbird, Superhuman, and even newer “hip” tools like Hey! show more imagination. The lost promise of Google Wave reminds us that integration, not fragmentation, is the real opportunity, while Microsoft’s current short-sighted strategy leaves it weaker than ever. Email remains the killer app of the internet, so why, after all this time, is it still so shite?

Continue reading

Cyber Clusters and Regional Powerbases: Influence Beyond London

From Cheltenham to Belfast, regional ecosystems are quietly shaping the future of UK cybersecurity. When people think of UK cybersecurity, they often picture Whitehall meetings or Canary Wharf boardrooms. But real influence increasingly lies outside London, in regional clusters, civic innovation groups, and place-based partnerships that combine skills, startups, and strategy into powerful local ecosystems. These clusters aren’t just delivering training or running meetups. They are shaping national policy, securing investment, and building sovereign capabilities in collaboration with local government, academia, and industry. This article maps out the regional powerbases transforming the UK’s cybersecurity landscape, and how to engage with them.

Continue reading

West Midlands Cyber Hub Diaries: Day One (Or Perhaps Day Sixty)

The West Midlands Cyber Hub marks a long-held ambition to give the region a central home for cyber. Building on the rebooted West Midlands Cyber Working Group (WM CWG), the Hub is designed to strengthen community coherence, increase investment, and connect students, SMEs, enterprises, and universities in a neutral space. Supported by DSIT, Innovate UK, Aston University, TechWM, and the Innovation Alliance for the West Midlands, the Hub will open its first phase at Enterprise Wharf in Birmingham, forming the core of a hub-and-spoke model across the region. The project team, led by Sevgi Aksoy and I (Wayne Horkan), with Rebecca Robinson as PM, is preparing for a pre-launch event on 30th September 2025.

Continue reading

It’s the End of the Internet and I Feel Fine

Every few years the internet collectively rediscovers an old conspiracy theory. This month it has been the so-called “Dead Internet Theory”. The idea, put simply, is that most of what we now encounter online is no longer produced by humans but by bots, scripts, and automated systems. Sam Altman, CEO of OpenAI, recently hinted that he thought there might be something in it, which was enough to trigger a storm of hot takes across Twitter. So what exactly does this “death” mean, and is there anything to it?

Continue reading

UK Cyber Skills Landscape: The Real Gatekeepers of Talent and Training

Beyond bootcamps and degrees, who actually shapes how the UK finds, trains, and qualifies its cyber workforce? The UK cyber skills gap is well known, but less discussed is who actually defines what “skilled” means, who sets the standards, and who controls the flow of talent into real jobs. From formal certifying bodies to regional academies, neurodivergent networks to employer-led bootcamps, this article maps out the real gatekeepers of UK cyber skills and training, the organisations, programmes, and influencers that determine who gets hired, funded, or fast-tracked.

Continue reading
De’Longhi Magnifica S brewing coffee into a colourful mug

Quick Start Guide to the De’Longhi Magnifica S

A simple, step-by-step quick start guide to making great coffee with the De’Longhi Magnifica S (for instance model ECAM22.110.B). Covers setup, beans vs pre-ground, brewing, milk drinks, cleaning, troubleshooting, and pro tips for perfect coffee every time.

Continue reading

Gartner’s 2025 Hype Cycle for Enterprise Architecture: A Critical Review

Gartner’s 2025 Hype Cycle for Enterprise Architecture catalogues trends and buzzwords but fails to grapple with core challenges. It overstates AI as the answer to everything, recycles old concepts under new names, and sidesteps long-standing fundamentals like bi-modal IT, plumbing vs business enablement, and the EA reputation problem. A better hype cycle would cut the noise, confront EA’s accountability gap, and ground guidance in practical playbooks, cost discipline, and measurable business outcomes.

Continue reading

Therapist Fight Club: Carl Rogers’ Person-Centred Psychology for the Neurodiverse Mind

This article reinterprets Carl Rogers’ person-centred psychology through the lens of Asperger’s and systems thinking. Stripping away sentimental language, it presents Rogers’ model as a structured feedback loop, a “Therapist Fight Club” where both therapist and client co-train, honing coherence and self-consistency. Written as an interest piece for the neurodiverse, it reframes therapy not as emotional fixing, but as optimising a system to run with fewer contradictions.

Continue reading

From Policy to Procurement: How Standards Bodies Influence UK Cyber Buying Cycles

It’s not just what’s secure, it’s what’s accepted, assured, and approved. Here’s how standards quietly determine what gets bought in cybersecurity. In cybersecurity, buying decisions are rarely made on features alone. Especially in the UK public sector and regulated industries, procurement is often shaped by frameworks, certifications, and official guidance issued (or heavily influenced) by standards bodies. These organisations, from NCSC and NIST to IASME, ISO, and CIISec, may not sell products, but they define the guardrails within which procurement happens. They help determine what “good” looks like, what qualifies as “secure enough,” and what’s required to win a bid. This article breaks down how standards bodies and frameworks influence what UK organisations actually buy, adopt, and fund when it comes to cybersecurity.

Continue reading

The Shadow Ecosystem: Alumni Networks, Closed Groups, and Whisper Influence in Cyber

Beyond public policy and LinkedIn posts lies a quiet web of influence, trusted groups, off-book referrals, and unseen signals that shape who gets funded, hired, or heard in UK cybersecurity. Cybersecurity in the UK has a formal face: policy frameworks, standards bodies, public panels, and professional networks. But beneath that, there exists a shadow ecosystem, informal, invitation-only, and often more influential than any official organisation. This is where reputations are made (or unmade), where partnerships are brokered before anyone sees a press release, and where quiet nods matter more than job titles. This article explores the informal infrastructure of UK cyber influence, the alumni groups, private chat channels, Slack collectives, and backchannel referrals that quietly shape decisions in hiring, procurement, investment, and policy.

Continue reading

What CISOs Really Read: Reports, Forums, and Signals That Shape Decisions

Forget the vendor hype. Here’s what makes it to the top table when security leaders plan, buy, and act. Chief Information Security Officers (CISOs) are drowning in noise. Every week brings new whitepapers, vendor webinars, analyst reports, and threat briefings, but only a handful cut through and shape decisions at the enterprise level. So, what do CISOs trust? What do they read, bookmark, cite, and share internally when building strategy or justifying spend? This article examines the forums, publications, briefings, and individuals that significantly influence CISO thinking in the UK, beyond vendor brochures.

Continue reading