Author Archives: Wayne Horkan

About Wayne Horkan

I’m a technologist and engineer, typically working in enterprise architecture and systems engineering.

A Brief History of the Term Cyber (Meaning Cybersecurity)

This article explores how the word cyber evolved from its academic roots in cybernetics to its current role as shorthand for cybersecurity. It traces the rise of cyberpunk fiction, the growing association with digital threats in the 1990s, and how UK policy frameworks adopted and institutionalised the term, culminating in the creation of the National Cyber Security Centre (NCSC). From Greek etymology to modern geopolitics, cyber has shifted from describing control to denoting risk.

Continue reading

A Brief History of the Terms: Risk Assessment, Risk Management, and GRC

This article explores the historical development and convergence of three foundational concepts in organisational security: risk assessment, risk management, governance, risk, and compliance (GRC). Tracing their origins in engineering, finance, and corporate governance, it charts their institutionalisation across the UK and their modern evolution into digital, real-time resilience frameworks that underpin enterprise cybersecurity and compliance today.

Continue reading

More Alan Turing Invented Computing Bollocks

Alan Turing is a bona fide genius whose contributions to computer science, cryptography, and artificial intelligence are undeniable. But in the pantheon of computing history, there’s a growing myth that Turing single-handedly “invented modern computing.” This oversimplified narrative does both Turing and the broader field of computing a disservice.

Continue reading

A Brief History of Penetration Testing: From Tiger Teams to PTaaS

This article traces the history of penetration testing from its military and intelligence roots in the 1960s to its formalisation through U.S. Tiger Teams and J.P. Anderson’s security frameworks. It follows the growth of pen testing into the commercial sector during the 1980s–90s, highlights key tooling milestones like SATAN, and explores its professionalisation in the 2000s via OWASP and PTaaS models. A dedicated UK section explains the roles of CESG, CHECK, CREST, and the NCSC in standardising and accrediting pen testing within British institutions. The article concludes with a reflection on how penetration testing continues to evolve in parallel with modern cyber threats.

Continue reading

The Rise of the CISO: A Brief History of the Chief Information Security Officer

A detailed history of the Chief Information Security Officer (CISO) role, tracing its origin to Citigroup in 1995 and exploring how it evolved from a technical IT role to a strategic business function. The article examines shifts across decades, global trends, modern challenges, and how the UK has uniquely adopted and adapted the CISO title, often slower and more varied than the US. It concludes that the role remains critical but inconsistently defined, particularly in public and hybrid sectors.

Continue reading

Top Cybersecurity Firms and Services Shaping Europe’s Digital Defence

Cybersecurity in Europe is evolving quickly, driven by growing regulation (NIS2, Cyber Resilience Act), state-sponsored threats, and accelerating digital transformation. The result is a dynamic and diverse vendor landscape: large integrators defending entire ministries, regional champions supporting SMEs, and specialised firms leading in OT, AI security, and cyber risk quantification.

Continue reading

Waste Management Today: The State of the UK Waste Management Industry in 2025

The UK waste management industry stands at a crossroads in 2025, shaped by landmark regulations, rising operational costs, and a surge in technological innovation. This article examines the evolving landscape, highlighting the impact of “Simpler Recycling,” Extended Producer Responsibility, and the emissions trading scheme. With recycling rates stagnating, AI driving change, and councils cutting services, we examine whether the sector can meet the UK’s ambitious sustainability goals or risk falling behind.

Continue reading

Virgil as Reason: The Noble Pagan and the Soul’s Journey Through Darkness

Virgil, Dante’s guide through Hell and Purgatory, represents natural reason, classical virtue, and the limits of human understanding. This article explores Virgil as a symbol of philosophical clarity, moral insight, and noble limitation, showing how Dante honours reason, even as he insists on the necessity of grace.

Continue reading

More “AI Damages the Creative Industries” Bollocks: Hysteria, Hype, and Half-Truths

The narrative that artificial intelligence is the Grim Reaper for the creative industries has become so common that you’d think every writer, artist, musician, and filmmaker is moments away from losing their livelihood. Headlines scream about AI-generated content, creative robots, and soulless machines taking over art, leaving human creators out in the cold. But does the hype match the reality? Spoiler: it doesn’t.

Continue reading

Cyber Resilience Testing and Facilities: Mapping, Critique, and the Path Forward

Between February and March 2025, I analysed the UK’s Cyber Resilience Testing (CRT) initiative and its associated Cyber Resilience Test Facilities (CRTFs). From that research, I developed three articles: one mapping the global standards landscape, one examining CRT’s practical challenges, and one exploring its role as a trust label. Together, they present CRT as a promising but evolving approach: not yet a standard, but under active NCSC development and consultation, with the potential to reshape product-based assurance if given clarity, support, and ecosystem alignment.

Continue reading

Major Cyber Vendors and Service Providers in the UK

The UK’s cybersecurity sector is home to thousands of providers, ranging from nimble startups and regional MSSPs to global consulting firms and homegrown risk intelligence platforms. While the National Cyber Security Centre (NCSC) sets the tone for policy and technical guidance, it’s these vendors that translate strategy into services: monitoring networks, managing risk, conducting audits, and responding to breaches in real time.

Continue reading

Trust, Labels, and the Path to Meaningful Security: Rethinking CRT Adoption in the UK

This article critically examines the UK’s Cyber Resilience Test (CRT) as a cybersecurity labelling initiative aimed at building consumer trust in connected devices. While affirming CRT’s importance, it highlights the need for clearer value propositions, stakeholder alignment, and behavioural insights to ensure meaningful adoption. Drawing on global examples like Singapore’s CLS and the EU’s CE mark, it argues that CRT must evolve from a technical standard to a culturally embedded trust signal. The piece advocates for a dynamic playbook that supports SMEs, educates consumers, aligns with procurement policy, and adapts over time — turning CRT into a living, ecosystem-wide standard.

Continue reading

Beatrice as Beatitude: Divine Wisdom and the Soul’s Ascent in Dante’s Commedia

Beatrice is more than Dante’s muse; she is the embodiment of divine wisdom, guiding the soul beyond reason to beatific vision. This article examines Beatrice as a theological and philosophical symbol, drawing on Scripture, Thomism, and Marian typology to show how she enables Dante’s ascent toward God.

Continue reading

Restructuring the West Midlands Growth Company: Reform or Rebrand?

The West Midlands Growth Company (WMGC) is being restructured into a new Economic Development Vehicle (EDV) by 2026 to focus on investment and strategic delivery. While WMGC claims credit for attracting big business, many local startups, mine included, received no meaningful support. The restructuring is a chance to fix that, but only if the new EDV backs early-stage innovators with funding access, partnerships, and scale-up support. Otherwise, it’s just a rebrand, not reform.

Continue reading

More Damien Hirst Bollocks: The Hype, the Diamonds, and the Dead Things

Damien Hirst, the enfant terrible of the art world, the man who turned dead animals into million-dollar spectacles and placed a skull encrusted with diamonds at the pinnacle of contemporary art. Critics call him a genius; others see him as the ultimate conman. But one thing’s for sure: Hirst has built an empire of bollocks as big and brash as his installations.

Continue reading

Cyber as a Cluster: A Critical Review of the Midlands Engine Cyber & Defence Report (April 2025)

Cyber in the West Midlands is no longer just a business activity, it’s a cluster. With the right action, it can become a strategic economic engine. This review critiques the Midlands Engine Cyber & Defence Report (April 2025) and sets out a ten-point plan to make that transformation real. The opportunity is clear. The data is in. Now we must deliver.

Continue reading

The Future of Cyber Resilience Testing: Reflections on a Scheme in Transition

This blog article offers a critical yet constructive reflection on the UK’s Cyber Resilience Testing (CRT) initiative. While CRT is conceptually sound and timely, significant questions remain around cost, demand, usability, policy intent, and delivery responsibility. The article explores whether CRT is positioned to become a meaningful standard or risks being sidelined as another voluntary layer. It advocates for clearer articulation of purpose, audience targeting, and strategic alignment to unlock CRT’s full potential.

Continue reading

Cyber Across Global Governments: International Cooperation and National Strategies

Cybersecurity has become a pillar of national security, digital economy growth, and global diplomacy. From ransomware attacks on hospitals to interference in democratic elections, governments worldwide now treat cyber threats as matters of statecraft, not just IT hygiene. While national strategies differ, a few shared patterns have emerged: defence of critical infrastructure, capacity building, and international coordination.

Continue reading

Mapping the Global Security Landscape: Where CRT Fits (and Where It Doesn’t)

This blog article critically examines the global landscape of consumer product cybersecurity standards and the proposed role of the UK’s Cyber Resilience Testing (CRT) initiative. It maps key frameworks (PSTI Act, CRA, ETSI EN 303645, IEC 62443, FCC labelling, etc.) and identifies opportunities for CRT to provide ‘above and beyond’ assurance through resilience testing and threat simulation. While acknowledging the challenges of market saturation and standard overlap, it argues that CRT can add unique value — especially in underregulated sectors and poorly enforced product classes — by validating real-world security outcomes rather than static compliance.

Continue reading
"The Donation of Constantine" – Raphael's workshop

The Empire and the Cross: Dante’s Vision of Universal Rule in De Monarchia

This article explores Dante’s political treatise De Monarchia, in which he argues for a divinely ordained universal empire distinct from the Church. Combining Roman law, Aristotelian philosophy, and Thomistic theology, Dante envisions imperial rule as the necessary foundation for peace, justice, and the fulfilment of humanity’s earthly potential.

Continue reading