Author Archives: Wayne Horkan

About Wayne Horkan

I’m a technologist and engineer, typically working in enterprise architecture and systems engineering.

Cyber Collaboration in the West Midlands: Skills, Strategy, and a Shared Future

On 29 April 2025, the West Midlands Cyber Working Group met at Gowling WLG in Birmingham to explore how collaboration can drive cyber resilience, skills development, and strategic growth across the region. Speakers, including Andy Hague (TechWM), Dan Rodrigues (CyberFirst), Dave Walker (AWS), Sarah Gray and Louise Macdonald (Gowling WLG), and Wayne Horkan (WM CWG Chair) shared insights on scaling regional leadership, building inclusive talent pipelines, addressing AI security risks, and navigating evolving legal frameworks. The event underscored a shared ambition to position the West Midlands not just as a participant but as a leader in the UK’s cyber ecosystem.

Continue reading

Tech Nation Rising Stars Midlands Final 2025 – Notes from the Canopy

There’s a quiet satisfaction in sitting on the edge of things, absorbing detail, thinking clearly, watching structure unfold. Last April, at The Canopy at The Bond in Birmingham’s Digbeth district, I was glad to attend the Midlands Regional Final of Tech Nation Rising Stars 2025. This wasn’t just a pitch competition; it was a sharp snapshot of the region’s entrepreneurial promise, delivered without bluster but full of energy.

Continue reading

Beyond Masking: The Other Forms of Camouflaging in AuDHD Lives

This article explores the broader spectrum of camouflaging behaviours among neurodivergent people with AuDHD, extending beyond masking. It describes overcompensating, over-explaining, role-playing, disappearing, hyper-mirroring, caregiving, channelling intensity into acceptable pursuits, and intellectualising emotions. A comparison table shows how these strategies differ from masking while still leading to exhaustion, identity confusion, and misdiagnosis.

Continue reading

Cyber and Academia in the UK: Research Centres, Spinouts, and Influence

The UK’s academic institutions play a foundational role in shaping the country’s cybersecurity ecosystem. They don’t just educate the workforce, they produce world-class research, support government policy, commercialise IP into high-growth spinouts, and influence standards through international collaboration.

Continue reading

Cybersecurity Meets Health Innovation: Rethinking Risk at the OT Frontline

Cybersecurity in healthcare isn’t an IT sidebar; it’s now a core operational risk and a foundational element of patient safety and innovation. This write-up captures the highlights, insights, and next steps from our June 2025 event (last Monday), convening leaders across health, cyber, academia, and business.

Continue reading

Steve Jobs in 1983: The Future as He Saw It – And What He Got Right (and Not So Right)

A look back at Steve Jobs’ 1983 Aspen talk, where he foresaw computers becoming the main medium of communication, portable devices with wireless links, and software delivered electronically. The piece reviews what he predicted correctly, where he was too optimistic, and includes a personal story highlighting Apple’s flat management approach that preceeded Sun Microsystems’ sprawling virtual teams.

Continue reading

The Shahnameh in the Context of Persian Gulf Mythologies: Convergences, Divergences, and Cultural Resonance

This article explores the Shahnameh with other mythologies of the Persian Gulf, including Mesopotamian epics, Arabian folklore, and South Asian traditions. It examines shared narrative archetypes, hero-kings, monsters, and cosmic conflicts and highlights the Shahnameh’s distinctive Zoroastrian moral framework, linguistic refinement, and vision of unbroken national continuity. The piece situates Ferdowsi’s work as both a uniquely Persian creation and part of a wider regional mythopoetic tapestry.

Continue reading

Global Cyber Powerhouses: The Leading Vendors and What They Offer

Cybersecurity is a global industry, but it’s also a geopolitical one. The vendors featured in this guide are not just tech companies. They’re often strategic assets, embedded in national security frameworks, powering defence alliances, and influencing cyber norms across continents.

Continue reading

The Virtuous Triangle: Rethinking Risk at Scale

This article introduces the Virtuous Triangle as a strategic framework for understanding cyber risk through the combined lenses of vulnerability assessment, threat intelligence, and contextual risk analysis. It argues that meaningful risk assessment only emerges when these components are integrated and automated at scale. Drawing on decades of experience, the piece reflects on the limitations of standalone data and the necessity of systems thinking in cybersecurity.

Continue reading

The US Cyber Giants: Vendors, Solutions, and Federal Reach

The United States is home to the most powerful cybersecurity vendors on the planet. These companies don’t just sell products, they influence standards, embed themselves in national security supply chains, and shape global policy through their scale, threat intelligence, and lobbying power.

Continue reading

Military Theatres and Battlefield Tech: Archetypal OT, Misgoverned as ICT

This article examines how military theatres, battlefield systems, and drone technologies are quintessential Operational Technology (OT) environments, yet are often mismanaged under traditional ICT frameworks. It highlights the real-time, cyber-physical, and life-critical nature of defence systems, and argues for a shift toward mission-aware OT security governance to prevent strategic and kinetic failures.

Continue reading

Scam Alert: My Strange Encounter with the “Bitgesell” Job Offer That Didn’t Add Up

A detailed account of a suspicious job offer from a fake company called Bitgesell. After receiving a high-salary remote job pitch via LinkedIn, I was invited to a newly created Slack workspace with no team activity. The recruiter and engineering manager used free Gmail accounts, vague instructions, and urged completion of an unpaid take-home assessment. Upon questioning their legitimacy, the Slack workspace was deleted. Highlighting the key red flags, including AI-generated LinkedIn profiles, and sharing practical advice to avoid similar scams.

Continue reading

WMCA and BCC: Who’s Who in the West Midlands (And How the Money Actually Flows)

This guide demystifies the differences between the West Midlands Combined Authority (WMCA) and Birmingham City Council (BCC), explaining who they are, how funding and decisions flow, and what each controls. Essential reading for funding applicants, policy professionals, community leaders, and anyone trying to get projects off the ground in the West Midlands, it offers clear scenarios, ecosystem insights, and a detailed comparison table to navigate this complex landscape effectively.

Continue reading

No More Bollocks Bollocks: A Closing Rant on Hype, Hysteria and Half-Truths… For Now!

And so, dear reader, whoever you may be, here we are. Thirty-something articles in, and the word bollocks has been rendered almost entirely meaningless. Like the terms AI, Web3, or disruption, it’s been stretched, squeezed, and shouted so often it’s begun to sound like an apology for caring too much.

Continue reading

Theatres of Risk: Rethinking Cybersecurity in Healthcare as Operational Technology, Not IT

This article argues that medical theatres and hospital systems should be treated as Operational Technology (OT) environments rather than traditional IT. It highlights how flat networks, embedded legacy systems, and an overwhelming focus on availability over security create critical vulnerabilities. The piece calls for a shift in governance, risk modelling, and procurement practices to align with the cyber-physical realities of modern healthcare infrastructure.

Continue reading

Environments That Are Actually OT (But Often Misclassified as IT)

This article identifies and evaluates real-world environments that function as Operational Technology (OT) systems but are typically treated as standard IT infrastructure. It outlines the cyber-physical risks of this misclassification and calls for a shift in risk posture, governance, and tooling to reflect the real operational realities of these spaces.

Continue reading

Understanding OT: Operational Technology in Context

This article defines Operational Technology (OT) as distinct from traditional IT, highlighting its core characteristics, such as real-time control, safety-critical processes, long-lifecycle assets, and minimal security by design. It is the first in a short series of articles that argues that failure to recognise OT environments as such leads to systemic cybersecurity blind spots, particularly in sectors like healthcare, logistics, and building management.

Continue reading

Cyber Is New: Why We’re Just Getting Started… Emerging Trends and Future Directions

Cybersecurity feels foundational today, but as a discipline, it is startlingly young. This article argues that cyber is still in its infancy, especially when compared to IT or financial governance, and outlines why this newness matters. From AI security and quantum disruption to the structural challenges facing certification, education, and regulation, the piece maps both future directions and the underlying trends shaping the field. In a world where cyber is everywhere, this article insists: we’re just getting started.

Continue reading

A Brief History of the Term Cyber (Meaning Cybersecurity)

This article explores how the word cyber evolved from its academic roots in cybernetics to its current role as shorthand for cybersecurity. It traces the rise of cyberpunk fiction, the growing association with digital threats in the 1990s, and how UK policy frameworks adopted and institutionalised the term, culminating in the creation of the National Cyber Security Centre (NCSC). From Greek etymology to modern geopolitics, cyber has shifted from describing control to denoting risk.

Continue reading

A Brief History of the Terms: Risk Assessment, Risk Management, and GRC

This article explores the historical development and convergence of three foundational concepts in organisational security: risk assessment, risk management, governance, risk, and compliance (GRC). Tracing their origins in engineering, finance, and corporate governance, it charts their institutionalisation across the UK and their modern evolution into digital, real-time resilience frameworks that underpin enterprise cybersecurity and compliance today.

Continue reading