Category Archives: article

More Blogging Bollocks: Myths, Hype, and Misleading Advice for Content Creators

Blogging is often touted as a straightforward path to online fame, fortune, and influence. The internet is awash with advice claiming that with a few simple steps, anyone can turn their blog into a passive income machine or a platform for global recognition. But behind the polished success stories lies a lot of misinformation, unrealistic expectations, and outright bollocks.

Continue reading →

Cyber Risk Quantification: Towards a Cyber Risk Score

As organisations face increasingly complex and interconnected cybersecurity threats, the ability to measure and communicate risk effectively has become a cornerstone of risk management. Cyber Risk Quantification, the practice of assessing threats in measurable terms, has evolved alongside frameworks and scoring systems aimed at simplifying this process.

Continue reading →

The Role of Cyber Risk Quantification, Scoring, and Benchmarking in Cyber Insurance

As cyber threats continue to evolve in scale, sophistication, and impact, the cyber insurance industry faces increasing pressure to adapt. Traditional approaches to risk assessment, which often relied on qualitative judgments and broad assumptions, are no longer sufficient in the face of complex digital ecosystems. The rise of cyber risk quantification, scoring, and benchmarking has transformed how insurers evaluate risk, price policies, and manage claims.

Continue reading →

More Influencer Bollocks: The Myths, Scams, and Overhyped World of Social Media Stardom

Influencer culture has taken over the digital landscape, promising fame, fortune, and free products for anyone with enough followers and a well-curated feed. From Instagram and TikTok to YouTube and beyond, the idea of becoming a full-time influencer is pitched as a dream lifestyle. But behind the filters, brand deals, and viral dances lies a world filled with exploitation, inflated promises, and—yes—bollocks.

Continue reading →

Cyber Value at Risk (CVaR): Measuring Worst-Case Scenarios

Cyber Value at Risk (CVaR) is a powerful methodology adapted from financial Value at Risk (VaR) models, designed to estimate the maximum potential loss from cyber incidents within a given confidence interval. CVaR focuses on worst-case scenarios, helping organisations understand the potential financial consequences of cyber threats and guiding strategic decision-making.

Continue reading →

More Digital Transformation Bollocks: The Overhyped Buzzword of Modern Business

“Digital transformation” is the corporate catchphrase of the decade, hailed as the key to unlocking innovation, agility, and competitiveness. From boardrooms to tech conferences, companies proudly proclaim their digital transformation journeys, often without a clear understanding of what the term actually means.

Continue reading →

How CVSS Works: A Guide to Vulnerability Scoring

The Common Vulnerability Scoring System (CVSS) is a widely used framework for evaluating and communicating the severity of software vulnerabilities. First introduced in 1999, CVSS has become the standard scoring method for organisations to prioritise security efforts and manage vulnerabilities systematically. By assigning numerical scores to vulnerabilities based on their characteristics, CVSS enables teams to assess risks and allocate resources effectively.

Continue reading →

The Evolution of FAIR: Cyber Risk in Financial Terms

The Factor Analysis of Information Risk (FAIR) framework has emerged as a cornerstone in cyber risk quantification, enabling organisations to measure and communicate risk in financial terms. FAIR’s evolution represents a shift from traditional qualitative assessments to a structured, quantitative model that aligns cybersecurity strategies with business objectives. By breaking down risk into probability and impact components, FAIR provides decision-makers with actionable insights to prioritise investments and mitigate threats effectively.

Continue reading →

More Cybersecurity Skills Gap Bollocks: The Myth of a Crisis

If you’ve followed cybersecurity headlines, you’ve probably heard about the “skills gap.” The narrative goes like this: organisations are under constant attack from cybercriminals, but there just aren’t enough qualified professionals to protect them. This shortage, we’re told, is a dire crisis threatening businesses and governments alike.

Continue reading →

Plato, Democracy, and the Path to Tyranny

Plato famously (and controversially) argued that all democracies inevitably collapse into tyranny. For a modern reader, raised on ideals of popular sovereignty, civil rights, and universal suffrage, this sounds alarmist or even offensive. But to dismiss Plato’s warning outright would be to miss a deeper meditation on the fragility of political systems and human nature itself.

Continue reading →

Mapping Cyber Risk Approaches: Bridging Quantification and Scoring

The diverse landscape of cyber risk methodologies, ranging from technical scoring systems like CVSS to financial quantification frameworks like FAIR—offers organisations multiple tools to manage threats. However, these tools often operate in isolation, creating challenges when aligning technical, operational, and financial risk perspectives. Mapping between these approaches bridges the gaps, enabling organisations to unify risk management strategies and enhance decision-making.

Continue reading →

A Beginner’s Guide to Cyber Risk Scoring

Cyber risk scoring is a critical tool for organisations to measure their cybersecurity posture, prioritise risk mitigation efforts, and communicate threats effectively. Unlike broader risk quantification methods, which often involve financial modelling and probability analysis, cyber risk scoring assigns a numerical or categorical value to risks based on their severity, likelihood, and potential impact.

Continue reading →

More Gaming Bollocks: The Hype, Scams, and Unrealistic Promises of the Gaming Industry

The gaming industry has transformed into a multibillion-dollar behemoth, with blockbuster releases, competitive esports, and sprawling virtual worlds dominating the cultural zeitgeist. But behind the glitz, glamour, and explosive trailers lies a reality filled with overpromises, shady practices, and outright nonsense.

Continue reading →

A History of Cyber Risk Quantification

The field of cyber risk quantification has undergone significant evolution, mirroring the increasing complexity of digital ecosystems and the growing importance of cybersecurity in modern organisations. Quantifying cyber risk is the process of assessing the likelihood of threats and estimating their impact, often in monetary or operational terms. Over time, this discipline has expanded from basic technical assessments to sophisticated financial and probabilistic models that inform decision-making at all organisational levels.

Continue reading →

The 21st Century Digital Age: Big Data and AI in Risk Quantification

The 21st century has witnessed an unprecedented transformation in risk quantification, driven by rapid advancements in technology. Big data and artificial intelligence (AI) have revolutionized the field, enabling real-time analysis, predictive modelling, and enhanced decision-making. These technologies have expanded the scope of risk assessment to address emerging challenges such as climate change, cyber threats, and global pandemics. This essay explores the pivotal role of big data and AI in risk quantification, highlighting key developments, applications, and implications for the future.

Continue reading →

More Deepfake Bollocks: Myths, Misconceptions, and Media Hysteria

Deepfake technology—the ability to create hyper-realistic fake videos or audio using AI—has become a lightning rod for controversy. We’ve been warned about deepfakes undermining democracy, destroying reputations, and spreading disinformation on an unprecedented scale. From sensational media headlines to outlandish claims of its capabilities, the narrative around deepfakes is often fuelled by a mix of fear, hype, and outright bollocks.

Continue reading →

The 20th Century: The Age of Modern Risk Management

The 20th century ushered in profound transformations in the way risk was understood, assessed, and managed. With advances in computing, mathematics, and statistics, risk management evolved into a distinct discipline, influencing fields ranging from finance and engineering to insurance and regulatory policy. This essay explores the major developments in 20th-century risk management, focusing on key innovations, concepts, and frameworks that continue to shape contemporary practices.

Continue reading →

The Industrial Revolution: Quantification Meets Engineering

The Industrial Revolution, spanning the late 18th and 19th centuries, marked a seismic shift in human history. This period of rapid technological advancement, urbanization, and industrialization brought with it both opportunities and unprecedented challenges. As societies grappled with the complexity of large-scale infrastructure projects, mechanized production, and financial markets, the quantification of risk became an essential tool for decision-making. This essay explores how the Industrial Revolution catalyzed the integration of probability, statistics, and engineering into risk assessment, laying the groundwork for modern practices in safety, reliability, and financial risk management.

Continue reading →

The Enlightenment: Formalizing Risk Assessment

2 Replies

The Enlightenment, spanning the 17th and 18th centuries, was a transformative period in intellectual and scientific history. During this era, humanity began to apply rational thought, empirical observation, and mathematical rigor to address questions of uncertainty and risk. The formalization of risk assessment emerged as a critical outcome of this intellectual revolution, driven by advancements in actuarial science, economics, and probability theory. This essay explores the key contributions of the Enlightenment to the field of risk assessment, highlighting pivotal figures, innovations, and ideas that continue to shape our understanding of risk today.

Continue reading →