Author Archives: Wayne Horkan

About Wayne Horkan

I’m a technologist and engineer, typically working in enterprise architecture and systems engineering.

The Shahnameh in the Context of Persian Gulf Mythologies: Convergences, Divergences, and Cultural Resonance

This article explores the Shahnameh with other mythologies of the Persian Gulf, including Mesopotamian epics, Arabian folklore, and South Asian traditions. It examines shared narrative archetypes, hero-kings, monsters, and cosmic conflicts and highlights the Shahnameh’s distinctive Zoroastrian moral framework, linguistic refinement, and vision of unbroken national continuity. The piece situates Ferdowsi’s work as both a uniquely Persian creation and part of a wider regional mythopoetic tapestry.

Continue reading →

Global Cyber Powerhouses: The Leading Vendors and What They Offer

Cybersecurity is a global industry, but it’s also a geopolitical one. The vendors featured in this guide are not just tech companies. They’re often strategic assets, embedded in national security frameworks, powering defence alliances, and influencing cyber norms across continents.

Continue reading →

The Virtuous Triangle: Rethinking Risk at Scale

This article introduces the Virtuous Triangle as a strategic framework for understanding cyber risk through the combined lenses of vulnerability assessment, threat intelligence, and contextual risk analysis. It argues that meaningful risk assessment only emerges when these components are integrated and automated at scale. Drawing on decades of experience, the piece reflects on the limitations of standalone data and the necessity of systems thinking in cybersecurity.

Continue reading →

The US Cyber Giants: Vendors, Solutions, and Federal Reach

The United States is home to the most powerful cybersecurity vendors on the planet. These companies don’t just sell products, they influence standards, embed themselves in national security supply chains, and shape global policy through their scale, threat intelligence, and lobbying power.

Continue reading →

Military Theatres and Battlefield Tech: Archetypal OT, Misgoverned as ICT

This article examines how military theatres, battlefield systems, and drone technologies are quintessential Operational Technology (OT) environments, yet are often mismanaged under traditional ICT frameworks. It highlights the real-time, cyber-physical, and life-critical nature of defence systems, and argues for a shift toward mission-aware OT security governance to prevent strategic and kinetic failures.

Continue reading →

Scam Alert: My Strange Encounter with the “Bitgesell” Job Offer That Didn’t Add Up

3 Replies

A detailed account of a suspicious job offer from a fake company called Bitgesell. After receiving a high-salary remote job pitch via LinkedIn, I was invited to a newly created Slack workspace with no team activity. The recruiter and engineering manager used free Gmail accounts, vague instructions, and urged completion of an unpaid take-home assessment. Upon questioning their legitimacy, the Slack workspace was deleted. Highlighting the key red flags, including AI-generated LinkedIn profiles, and sharing practical advice to avoid similar scams.

Continue reading →

WMCA and BCC: Who’s Who in the West Midlands (And How the Money Actually Flows)

This guide demystifies the differences between the West Midlands Combined Authority (WMCA) and Birmingham City Council (BCC), explaining who they are, how funding and decisions flow, and what each controls. Essential reading for funding applicants, policy professionals, community leaders, and anyone trying to get projects off the ground in the West Midlands, it offers clear scenarios, ecosystem insights, and a detailed comparison table to navigate this complex landscape effectively.

Continue reading →

No More Bollocks Bollocks: A Closing Rant on Hype, Hysteria and Half-Truths… For Now!

And so, dear reader, whoever you may be, here we are. Thirty-something articles in, and the word bollocks has been rendered almost entirely meaningless. Like the terms AI, Web3, or disruption, it’s been stretched, squeezed, and shouted so often it’s begun to sound like an apology for caring too much.

Continue reading →

Theatres of Risk: Rethinking Cybersecurity in Healthcare as Operational Technology, Not IT

This article argues that medical theatres and hospital systems should be treated as Operational Technology (OT) environments rather than traditional IT. It highlights how flat networks, embedded legacy systems, and an overwhelming focus on availability over security create critical vulnerabilities. The piece calls for a shift in governance, risk modelling, and procurement practices to align with the cyber-physical realities of modern healthcare infrastructure.

Continue reading →

Environments That Are Actually OT (But Often Misclassified as IT)

This article identifies and evaluates real-world environments that function as Operational Technology (OT) systems but are typically treated as standard IT infrastructure. It outlines the cyber-physical risks of this misclassification and calls for a shift in risk posture, governance, and tooling to reflect the real operational realities of these spaces.

Continue reading →

Understanding OT: Operational Technology in Context

This article defines Operational Technology (OT) as distinct from traditional IT, highlighting its core characteristics, such as real-time control, safety-critical processes, long-lifecycle assets, and minimal security by design. It is the first in a short series of articles that argues that failure to recognise OT environments as such leads to systemic cybersecurity blind spots, particularly in sectors like healthcare, logistics, and building management.

Continue reading →

Cyber Is New: Why We’re Just Getting Started… Emerging Trends and Future Directions

Cybersecurity feels foundational today, but as a discipline, it is startlingly young. This article argues that cyber is still in its infancy, especially when compared to IT or financial governance, and outlines why this newness matters. From AI security and quantum disruption to the structural challenges facing certification, education, and regulation, the piece maps both future directions and the underlying trends shaping the field. In a world where cyber is everywhere, this article insists: we’re just getting started.

Continue reading →

A Brief History of the Term Cyber (Meaning Cybersecurity)

This article explores how the word cyber evolved from its academic roots in cybernetics to its current role as shorthand for cybersecurity. It traces the rise of cyberpunk fiction, the growing association with digital threats in the 1990s, and how UK policy frameworks adopted and institutionalised the term, culminating in the creation of the National Cyber Security Centre (NCSC). From Greek etymology to modern geopolitics, cyber has shifted from describing control to denoting risk.

Continue reading →

A Brief History of the Terms: Risk Assessment, Risk Management, and GRC

This article explores the historical development and convergence of three foundational concepts in organisational security: risk assessment, risk management, governance, risk, and compliance (GRC). Tracing their origins in engineering, finance, and corporate governance, it charts their institutionalisation across the UK and their modern evolution into digital, real-time resilience frameworks that underpin enterprise cybersecurity and compliance today.

Continue reading →

More Alan Turing Invented Computing Bollocks

Alan Turing is a bona fide genius whose contributions to computer science, cryptography, and artificial intelligence are undeniable. But in the pantheon of computing history, there’s a growing myth that Turing single-handedly “invented modern computing.” This oversimplified narrative does both Turing and the broader field of computing a disservice.

Continue reading →

A Brief History of Penetration Testing: From Tiger Teams to PTaaS

This article traces the history of penetration testing from its military and intelligence roots in the 1960s to its formalisation through U.S. Tiger Teams and J.P. Anderson’s security frameworks. It follows the growth of pen testing into the commercial sector during the 1980s–90s, highlights key tooling milestones like SATAN, and explores its professionalisation in the 2000s via OWASP and PTaaS models. A dedicated UK section explains the roles of CESG, CHECK, CREST, and the NCSC in standardising and accrediting pen testing within British institutions. The article concludes with a reflection on how penetration testing continues to evolve in parallel with modern cyber threats.

Continue reading →

The Rise of the CISO: A Brief History of the Chief Information Security Officer

A detailed history of the Chief Information Security Officer (CISO) role, tracing its origin to Citigroup in 1995 and exploring how it evolved from a technical IT role to a strategic business function. The article examines shifts across decades, global trends, modern challenges, and how the UK has uniquely adopted and adapted the CISO title, often slower and more varied than the US. It concludes that the role remains critical but inconsistently defined, particularly in public and hybrid sectors.

Continue reading →

Top Cybersecurity Firms and Services Shaping Europe’s Digital Defence

Cybersecurity in Europe is evolving quickly, driven by growing regulation (NIS2, Cyber Resilience Act), state-sponsored threats, and accelerating digital transformation. The result is a dynamic and diverse vendor landscape: large integrators defending entire ministries, regional champions supporting SMEs, and specialised firms leading in OT, AI security, and cyber risk quantification.

Continue reading →

Waste Management Today: The State of the UK Waste Management Industry in 2025

The UK waste management industry stands at a crossroads in 2025, shaped by landmark regulations, rising operational costs, and a surge in technological innovation. This article examines the evolving landscape, highlighting the impact of “Simpler Recycling,” Extended Producer Responsibility, and the emissions trading scheme. With recycling rates stagnating, AI driving change, and councils cutting services, we examine whether the sector can meet the UK’s ambitious sustainability goals or risk falling behind.

Continue reading →

Virgil as Reason: The Noble Pagan and the Soul’s Journey Through Darkness

Virgil, Dante’s guide through Hell and Purgatory, represents natural reason, classical virtue, and the limits of human understanding. This article explores Virgil as a symbol of philosophical clarity, moral insight, and noble limitation, showing how Dante honours reason, even as he insists on the necessity of grace.

Continue reading →