Category Archives: article

The Evolution of FAIR: Cyber Risk in Financial Terms

Leave a Reply

The Factor Analysis of Information Risk (FAIR) framework has emerged as a cornerstone in cyber risk quantification, enabling organisations to measure and communicate risk in financial terms. FAIR’s evolution represents a shift from traditional qualitative assessments to a structured, quantitative model that aligns cybersecurity strategies with business objectives. By breaking down risk into probability and impact components, FAIR provides decision-makers with actionable insights to prioritise investments and mitigate threats effectively.

Continue reading

More Cybersecurity Skills Gap Bollocks: The Myth of a Crisis

Leave a Reply

If you’ve followed cybersecurity headlines, you’ve probably heard about the “skills gap.” The narrative goes like this: organisations are under constant attack from cybercriminals, but there just aren’t enough qualified professionals to protect them. This shortage, we’re told, is a dire crisis threatening businesses and governments alike.

Continue reading

Plato, Democracy, and the Path to Tyranny

Leave a Reply

Plato famously (and controversially) argued that all democracies inevitably collapse into tyranny. For a modern reader, raised on ideals of popular sovereignty, civil rights, and universal suffrage, this sounds alarmist or even offensive. But to dismiss Plato’s warning outright would be to miss a deeper meditation on the fragility of political systems and human nature itself.

Continue reading

Mapping Cyber Risk Approaches: Bridging Quantification and Scoring

Leave a Reply

The diverse landscape of cyber risk methodologies, ranging from technical scoring systems like CVSS to financial quantification frameworks like FAIR—offers organisations multiple tools to manage threats. However, these tools often operate in isolation, creating challenges when aligning technical, operational, and financial risk perspectives. Mapping between these approaches bridges the gaps, enabling organisations to unify risk management strategies and enhance decision-making.

Continue reading

A Beginner’s Guide to Cyber Risk Scoring

Leave a Reply

Cyber risk scoring is a critical tool for organisations to measure their cybersecurity posture, prioritise risk mitigation efforts, and communicate threats effectively. Unlike broader risk quantification methods, which often involve financial modelling and probability analysis, cyber risk scoring assigns a numerical or categorical value to risks based on their severity, likelihood, and potential impact.

Continue reading

More Gaming Bollocks: The Hype, Scams, and Unrealistic Promises of the Gaming Industry

Leave a Reply

The gaming industry has transformed into a multibillion-dollar behemoth, with blockbuster releases, competitive esports, and sprawling virtual worlds dominating the cultural zeitgeist. But behind the glitz, glamour, and explosive trailers lies a reality filled with overpromises, shady practices, and outright nonsense.

Continue reading

A History of Cyber Risk Quantification

Leave a Reply

The field of cyber risk quantification has undergone significant evolution, mirroring the increasing complexity of digital ecosystems and the growing importance of cybersecurity in modern organisations. Quantifying cyber risk is the process of assessing the likelihood of threats and estimating their impact, often in monetary or operational terms. Over time, this discipline has expanded from basic technical assessments to sophisticated financial and probabilistic models that inform decision-making at all organisational levels.

Continue reading

The 21st Century Digital Age: Big Data and AI in Risk Quantification

Leave a Reply

The 21st century has witnessed an unprecedented transformation in risk quantification, driven by rapid advancements in technology. Big data and artificial intelligence (AI) have revolutionized the field, enabling real-time analysis, predictive modelling, and enhanced decision-making. These technologies have expanded the scope of risk assessment to address emerging challenges such as climate change, cyber threats, and global pandemics. This essay explores the pivotal role of big data and AI in risk quantification, highlighting key developments, applications, and implications for the future.

Continue reading

More Deepfake Bollocks: Myths, Misconceptions, and Media Hysteria

Leave a Reply

Deepfake technology—the ability to create hyper-realistic fake videos or audio using AI—has become a lightning rod for controversy. We’ve been warned about deepfakes undermining democracy, destroying reputations, and spreading disinformation on an unprecedented scale. From sensational media headlines to outlandish claims of its capabilities, the narrative around deepfakes is often fuelled by a mix of fear, hype, and outright bollocks.

Continue reading

The 20th Century: The Age of Modern Risk Management

Leave a Reply

The 20th century ushered in profound transformations in the way risk was understood, assessed, and managed. With advances in computing, mathematics, and statistics, risk management evolved into a distinct discipline, influencing fields ranging from finance and engineering to insurance and regulatory policy. This essay explores the major developments in 20th-century risk management, focusing on key innovations, concepts, and frameworks that continue to shape contemporary practices.

Continue reading

The Industrial Revolution: Quantification Meets Engineering

Leave a Reply

The Industrial Revolution, spanning the late 18th and 19th centuries, marked a seismic shift in human history. This period of rapid technological advancement, urbanization, and industrialization brought with it both opportunities and unprecedented challenges. As societies grappled with the complexity of large-scale infrastructure projects, mechanized production, and financial markets, the quantification of risk became an essential tool for decision-making. This essay explores how the Industrial Revolution catalyzed the integration of probability, statistics, and engineering into risk assessment, laying the groundwork for modern practices in safety, reliability, and financial risk management.

Continue reading

More Cloud Computing Bollocks: Myths, Missteps, and Overblown Claims

Leave a Reply

Cloud computing has become the backbone of modern technology, powering everything from streaming services and apps to enterprise infrastructure. It promises flexibility, cost savings, and scalability that were unimaginable a decade ago. But like any hyped technology, cloud computing is surrounded by its fair share of misconceptions, overpromises, and, yes, bollocks.

Continue reading

The Enlightenment: Formalizing Risk Assessment

2 Replies

The Enlightenment, spanning the 17th and 18th centuries, was a transformative period in intellectual and scientific history. During this era, humanity began to apply rational thought, empirical observation, and mathematical rigor to address questions of uncertainty and risk. The formalization of risk assessment emerged as a critical outcome of this intellectual revolution, driven by advancements in actuarial science, economics, and probability theory. This essay explores the key contributions of the Enlightenment to the field of risk assessment, highlighting pivotal figures, innovations, and ideas that continue to shape our understanding of risk today.

Continue reading

Exit Strategy 12: Summary and Bringing It All Together: Your Roadmap to a Successful Exit

Leave a Reply

Throughout this series, we’ve explored every stage of the exit process, from understanding the basics of an exit strategy to maximizing value during negotiations. Each article has delved into the nuances of preparation, industry dynamics, and strategic decision-making, all aimed at empowering you to achieve a smooth and successful exit.

Continue reading

The Ides of March: Reflections on Cyber, Startups, and Scaling Innovation

Leave a Reply

The Ides of March is a fitting time to reflect on betrayal, resilience, and the realities of UK cybersecurity. In the past two weeks, I’ve balanced DSIT’s Cyber Local funding process, chaired the West Midlands Cyber Working Group (WM CWG), led two funding bids, scaled one startup in a brutal funding climate, and booted up a second from scratch. Along the way, I’ve won the Pitch Battle at Cyber Runway Live, launched the UK’s first dedicated universal cyber risk score and comparison site, and tackled everything from weaponised AI threats to Kafka-powered scalability, all while navigating the messy, unpredictable, and often painful journey of building something that lasts.

Continue reading

More EdTech Bollocks: The Empty Promises of Technology in Education

Leave a Reply

Education technology, or EdTech, is often heralded as the saviour of modern learning. From AI tutors and personalised learning platforms to interactive apps and virtual classrooms, we’re told that technology will democratise education, close achievement gaps, and prepare students for the jobs of the future. But despite billions of dollars poured into EdTech solutions, the reality often falls far short of the hype.

Continue reading

The Renaissance and the Birth of Probability Theory

Leave a Reply

The Renaissance marked a transformative era of intellectual and scientific discovery, laying the foundations for many modern disciplines. Among its most significant contributions was the birth of probability theory, a mathematical framework that profoundly influenced the field of risk quantification. This period of innovation bridged abstract mathematical inquiry with practical applications, particularly in areas like gambling, insurance, and finance, establishing a systematic approach to understanding uncertainty.

Continue reading

Exit Strategy 11: Maximising Value During Negotiations: Strategies for a Successful Deal

Leave a Reply

The negotiation stage of an exit strategy is where the value of your hard work and preparation truly comes to fruition. Securing a favourable deal requires balancing your business’s worth, buyer expectations, and strategic interests. To maximize value, you need to enter negotiations well-prepared, stay focused on key priorities, and employ effective tactics.

Continue reading

Radia Perlman and the Innovation of STP and OSPF: A Legacy in Networking for International Women’s Day

Leave a Reply

Radia Perlman, often called the “Mother of the Internet”, revolutionized networking with her Spanning Tree Protocol (STP) and contributions to Open Shortest Path First (OSPF). Her innovations enabled loop-free redundancy in Ethernet networks and fast, scalable routing in modern infrastructure. Beyond STP and OSPF, Perlman has worked on network security, PKI, and TRILL, ensuring the internet remains resilient and efficient. As we celebrate International Women’s Day, recognizing pioneers like Perlman reminds us of the vital role of women in shaping technology.

Continue reading

More Wearable Tech Bollocks: Empty Promises and Unnecessary Gadgets

Leave a Reply

Wearable technology is everywhere—from smartwatches and fitness trackers to “revolutionary” health-monitoring rings and smart glasses. Promoted as tools to enhance your health, productivity, and connectivity, these devices promise to be indispensable. But while wearables do have some legitimate uses, the market is oversaturated with overhyped claims, gimmicks, and, frankly, bollocks.

Continue reading