Neurodiversity is not just a concept; it is a testament to the boundless potential of the human mind. It’s the understanding that our brains, like the landscapes of the earth, are wonderfully diverse, each contour and crevice holding the possibility of unique thoughts, perspectives, and ways of interacting with the world. This diversity is not a weakness to be corrected, but a strength to be celebrated and harnessed.
Continue reading
The article discusses the various reasons why organizations may choose not to implement Multi-Factor Authentication (MFA), despite its significant security benefits. These reasons range from cost and complexity to technical and regulatory challenges, emphasizing the need for a balanced assessment of MFA’s advantages and drawbacks.
Continue reading
This article delves into the comparative analysis and practical integration of ISO 27001 and ISO 31000 standards, focusing on their synergies in enhancing organizational risk management strategies. It offers insights into the distinct yet complementary roles of ISO 27001’s information security management and ISO 31000’s broader risk management frameworks, advocating for a unified approach to manage and mitigate diverse organizational risks effectively.
Continue reading
This guide delineates the distinct yet interrelated roles of Product Owner, Product Manager, Development Manager, Customer Advocate, Project Manager, Programme Manager, and Change Manager within the product development ecosystem. It aims to clarify the focus, responsibilities, and objectives of each role, highlighting how they contribute to the successful development and management of products.
Continue reading
This article argues that self-attestation has failed as a credible assurance mechanism, citing Cyber Essentials’ low uptake and ISO 27001’s limits. It warns that if DSIT builds the Cyber Governance Code of Practice on self-assessment, it will fail. To succeed, the Code must mandate independent, accredited assurance that directors, investors, and regulators can trust.
Continue reading
This article outlines Lester Dent’s Master Plot Formula, a systematic approach designed to help writers craft engaging and tightly structured stories. Originating from the pulp fiction era, Dent’s formula divides a story into four equal parts, each with specific goals and challenges for the protagonist, culminating in a resolution that ties up the narrative threads. It offers a practical framework for narrative development, emphasizing pacing, character predicaments, and a satisfying conclusion.
Continue reading
This article examines DSIT’s 2024 proposal to embed cyber responsibility into company law. It argues that directors should carry legal duties for cyber resilience, as they already do for finance and health and safety — but only if those duties are proportionate, professionalised, and practical. The consultation did not change the law, but the direction of travel is unmistakable.
Continue reading
This article examines the IET’s joint response to DSIT’s 2024 consultation on the Cyber Governance Code of Practice. Building on my practitioner-led analysis, the IET added institutional weight: emphasising professional recognition, proportionality for SMEs, broader engagement, and integration into training. It shows how practitioner insight and professional consensus can work together to shape policy.
Continue reading
Join me as I share my journey and insights from the CyberASAP Pathfinder event in Birmingham, where I discussed the transition from a long IT career to founding a cybersecurity startup. Discover the challenges, surprises, and rewards of turning innovative research into market-ready solutions.
Continue reading
This article outlines critical questions that cyber security startups, particularly those like Cyber Tzar after completing the NCSC’s “NCSC for Startups” Accelerator programme, should consider when seeking support from regional organizations such as the West Midlands Growth Company or Invest West Midlands. It emphasizes prioritising inquiries around funding and marketing to harness regional opportunities for development and expansion.
Continue reading
This article revisits my practitioner-led response to DSIT’s 2024 consultation on the Cyber Governance Code of Practice. It highlights key issues I raised: supply chain risk, flaws in self-attestation, tool overload, lack of incentives, and the need for continuous governance. The argument is simple: cyber resilience belongs in the boardroom, but only if policy is grounded in practice.
Continue reading
In an era where social media’s sway on public opinion, privacy, and youth well-being has become a burning issue, the U.S. Senate Judiciary Committee’s latest hearing on Wednesday the 31st of January, 2024, offers a pivotal glimpse into the potential future of digital regulation. This article provides an insightful summary of the discussions, focusing on the balance between innovation and user safety, the complex web of accountability, and the global implications of legislative measures. It’s a must-read for anyone interested in understanding the evolving digital governance landscape and its impact on society.
Continue reading