Category Archives: Cybersecurity and Risk Management

The Curious Presence of Cyber in Local Government Strategy

Leave a Reply

Cybersecurity is no longer absent from local government strategy, but according to research from the Local Gov Strategy Forum, it remains structurally subordinate. Despite increased investment and board-level visibility, it does not shape transformation. Instead, it sits behind financial survival and service modernisation, creating a misalignment where systemic risk is acknowledged but not architecturally addressed.

Continue reading

UK Cyber Policy Ecosystem Mapped: Structure and Evidence

Leave a Reply

This article maps the core policy architecture and supporting evidence underpinning the UK cyber security ecosystem. By separating system-defining strategies, legislation, and sectoral analyses from the research and technical studies that inform them, it provides a clearer view of how cyber policy, economics, and regional development interact across government and industry.

Continue reading

No Cyber Idea: Why I Built Cyber Tzar (and Why I Don’t Buy the Consulting Model)

Leave a Reply

Cyber risk has become an exercise in interpretation rather than reduction. The industry has over-optimised for modelling, scoring, and explaining exposure, often driven by consulting-led approaches that rely heavily on subjectivity and narrative. This piece argues that the real problem is upstream: data acquisition, normalisation, and comparability. Cyber Tzar was built to industrialise that problem, collapsing the time between discovery and action, and shifting organisations away from “bean counting” risk towards actually reducing it. The distinction is simple: attackers exploit exposure, not models.

Continue reading

JLR Bail Out: When £1.5 Billion Doesn’t Fix the Problem

Leave a Reply

A £1.5B response to supply chain disruption risks masking a deeper structural problem in UK manufacturing. Cyber risk is systemic, flowing both upstream and downstream across interconnected supply chains, with SMEs bearing a disproportionate impact. The West Midlands, though not yet cyber-affluent, can lead by building coordinated regional capability, shifting focus from reactive recovery to operational resilience, visibility, and cluster-driven economic stability.

Continue reading

The Curious Absence of Cyber in Local Government Technology Strategy

Leave a Reply

A forthcoming Local Government Strategy Forum event highlights the technology investment priorities of councils representing nearly £2 billion in budgets. The data shows strong interest in AI, automation and service transformation, but no explicit mention of cybersecurity or risk management. This article explores what that absence reveals about how local government frames technology strategy, and why resilience often remains invisible in leadership investment narratives.

Continue reading