Category Archives: article

More Windows Update Bollocks: The Never-Ending Saga of Updates Gone Wrong

Ah, Windows Updates, the perennial thorn in the side of PC users everywhere. Promised as the silent guardians of stability and security, they’ve instead become a source of frustration, disruption, and the occasional catastrophic system crash. Whether it’s an update that bricks your machine or one that installs itself at the worst possible time, Windows Updates have earned their reputation for being, well, bollocks.

Continue reading →

Innovation Canvas Example 1 – Cyber Tzar

Cyber Tzar is a SaaS platform providing advanced cyber risk quantification for enterprise supply chains. It delivers cyber risk scoring, benchmarking, and compliance assessment through big data analytics, AI, and proprietary IP. Its “credit score for cyber” approach supports better risk visibility for insurers, CISOs, and supply chain managers. Cyber Tzar is revenue-generating, scaling through strategic partnerships, and aligned with DORA, ISO 27001, and other regulatory frameworks. Here’s an example “innovation Canvas” for Cyber Tzar.

Continue reading →

How to Create and Use an Innovation Canvas (and Why It Matters)

Innovation is often portrayed as spontaneous and unpredictable. But behind every meaningful breakthrough lies a structured process. Whether you’re launching a new product, transforming a service, or reimagining your organisation’s direction, clarity and rigour are critical.

Continue reading →

The Insider’s Guide to Influencing Senior Tech and Cybersecurity Leaders in the UK

Influencing senior leaders in cybersecurity and technology is no small task, especially in the UK, where credibility, networks, and standards carry immense weight. Whether you’re a startup founder, a scale-up CISO, or a policy influencer, knowing where the key conversations happen (and who shapes them) can make the difference between being heard and being ignored.

Continue reading →

16 Years On: Was I Right About the UK’s Industry and Innovation Imbalance?

Exactly sixteen years on from my 2009 article on the UK’s economic imbalance, I reflect on how services continue to dominate GDP, while manufacturing still punches above its weight in R&D. I was right about the R&D gap, but missed the rise of intangible capital and startup-led innovation. Cybersecurity emerged as both a strategic asset and an innovation driver. Government efforts have been patchy, and real balance remains elusive. The future lies in resilience, not symmetry.

Continue reading →

More Blogging Bollocks: Myths, Hype, and Misleading Advice for Content Creators

Blogging is often touted as a straightforward path to online fame, fortune, and influence. The internet is awash with advice claiming that with a few simple steps, anyone can turn their blog into a passive income machine or a platform for global recognition. But behind the polished success stories lies a lot of misinformation, unrealistic expectations, and outright bollocks.

Continue reading →

Cyber Risk Quantification: Towards a Cyber Risk Score

As organisations face increasingly complex and interconnected cybersecurity threats, the ability to measure and communicate risk effectively has become a cornerstone of risk management. Cyber Risk Quantification, the practice of assessing threats in measurable terms, has evolved alongside frameworks and scoring systems aimed at simplifying this process.

Continue reading →

The Role of Cyber Risk Quantification, Scoring, and Benchmarking in Cyber Insurance

As cyber threats continue to evolve in scale, sophistication, and impact, the cyber insurance industry faces increasing pressure to adapt. Traditional approaches to risk assessment, which often relied on qualitative judgments and broad assumptions, are no longer sufficient in the face of complex digital ecosystems. The rise of cyber risk quantification, scoring, and benchmarking has transformed how insurers evaluate risk, price policies, and manage claims.

Continue reading →

More Influencer Bollocks: The Myths, Scams, and Overhyped World of Social Media Stardom

Influencer culture has taken over the digital landscape, promising fame, fortune, and free products for anyone with enough followers and a well-curated feed. From Instagram and TikTok to YouTube and beyond, the idea of becoming a full-time influencer is pitched as a dream lifestyle. But behind the filters, brand deals, and viral dances lies a world filled with exploitation, inflated promises, and, yes, bollocks.

Continue reading →

Cyber Value at Risk (CVaR): Measuring Worst-Case Scenarios

Cyber Value at Risk (CVaR) is a powerful methodology adapted from financial Value at Risk (VaR) models, designed to estimate the maximum potential loss from cyber incidents within a given confidence interval. CVaR focuses on worst-case scenarios, helping organisations understand the potential financial consequences of cyber threats and guiding strategic decision-making.

Continue reading →

More Digital Transformation Bollocks: The Overhyped Buzzword of Modern Business

“Digital transformation” is the corporate catchphrase of the decade, hailed as the key to unlocking innovation, agility, and competitiveness. From boardrooms to tech conferences, companies proudly proclaim their digital transformation journeys, often without a clear understanding of what the term actually means.

Continue reading →

How CVSS Works: A Guide to Vulnerability Scoring

The Common Vulnerability Scoring System (CVSS) is a widely used framework for evaluating and communicating the severity of software vulnerabilities. First introduced in 1999, CVSS has become the standard scoring method for organisations to prioritise security efforts and manage vulnerabilities systematically. By assigning numerical scores to vulnerabilities based on their characteristics, CVSS enables teams to assess risks and allocate resources effectively.

Continue reading →

The Evolution of FAIR: Cyber Risk in Financial Terms

The Factor Analysis of Information Risk (FAIR) framework has emerged as a cornerstone in cyber risk quantification, enabling organisations to measure and communicate risk in financial terms. FAIR’s evolution represents a shift from traditional qualitative assessments to a structured, quantitative model that aligns cybersecurity strategies with business objectives. By breaking down risk into probability and impact components, FAIR provides decision-makers with actionable insights to prioritise investments and mitigate threats effectively.

Continue reading →

More Cybersecurity Skills Gap Bollocks: The Myth of a Crisis

If you’ve followed cybersecurity headlines, you’ve probably heard about the “skills gap.” The narrative goes like this: organisations are under constant attack from cybercriminals, but there just aren’t enough qualified professionals to protect them. This shortage, we’re told, is a dire crisis threatening businesses and governments alike.

Continue reading →

Plato, Democracy, and the Path to Tyranny

Plato famously (and controversially) argued that all democracies inevitably collapse into tyranny. For a modern reader, raised on ideals of popular sovereignty, civil rights, and universal suffrage, this sounds alarmist or even offensive. But to dismiss Plato’s warning outright would be to miss a deeper meditation on the fragility of political systems and human nature itself.

Continue reading →

Mapping Cyber Risk Approaches: Bridging Quantification and Scoring

The diverse landscape of cyber risk methodologies, ranging from technical scoring systems like CVSS to financial quantification frameworks like FAIR, offers organisations multiple tools to manage threats. However, these tools often operate in isolation, creating challenges when aligning technical, operational, and financial risk perspectives. Mapping between these approaches bridges the gaps, enabling organisations to unify risk management strategies and enhance decision-making.

Continue reading →

A Beginner’s Guide to Cyber Risk Scoring

Cyber risk scoring is a critical tool for organisations to measure their cybersecurity posture, prioritise risk mitigation efforts, and communicate threats effectively. Unlike broader risk quantification methods, which often involve financial modelling and probability analysis, cyber risk scoring assigns a numerical or categorical value to risks based on their severity, likelihood, and potential impact.

Continue reading →

More Gaming Bollocks: The Hype, Scams, and Unrealistic Promises of the Gaming Industry

The gaming industry has transformed into a multibillion-dollar behemoth, with blockbuster releases, competitive esports, and sprawling virtual worlds dominating the cultural zeitgeist. But behind the glitz, glamour, and explosive trailers lies a reality filled with overpromises, shady practices, and outright nonsense.

Continue reading →

A History of Cyber Risk Quantification

The field of cyber risk quantification has undergone significant evolution, mirroring the increasing complexity of digital ecosystems and the growing importance of cybersecurity in modern organisations. Quantifying cyber risk is the process of assessing the likelihood of threats and estimating their impact, often in monetary or operational terms. Over time, this discipline has expanded from basic technical assessments to sophisticated financial and probabilistic models that inform decision-making at all organisational levels.

Continue reading →

The 21st Century Digital Age: Big Data and AI in Risk Quantification

The 21st century has witnessed an unprecedented transformation in risk quantification, driven by rapid advancements in technology. Big data and artificial intelligence (AI) have revolutionized the field, enabling real-time analysis, predictive modelling, and enhanced decision-making. These technologies have expanded the scope of risk assessment to address emerging challenges such as climate change, cyber threats, and global pandemics. This essay explores the pivotal role of big data and AI in risk quantification, highlighting key developments, applications, and implications for the future.

Continue reading →