Tag Archives: Cyber Ecosystem

A Decade of the UK Cyber Security Breaches Survey: Trends, Plateaus, and What Actually Changed

Leave a Reply

The UK Cyber Security Breaches Survey, viewed over time, reveals not progress but stabilisation. Breach rates remain persistently high, attack methods largely unchanged, and improvements in governance lag behind rising exposure. The data shows a system that has normalised insecurity, where awareness has increased, but action has not kept pace, resulting in a steady-state of widespread, structurally embedded cyber risk.

Continue reading

The UK Cyber Security Breaches Survey 2025/26: Stagnation, Scale, and the Illusion of Progress

Leave a Reply

The UK Cyber Security Breaches Survey 2025/26 suggests stability, but closer analysis reveals a system stuck in place rather than improving. Breaches remain widespread, detection uneven, and incentives misaligned. What looks like progress is often an artefact of measurement. This article argues the UK has reached a cybersecurity plateau, where risk is normalised, resilience is incomplete, and meaningful change will require structural, not incremental, intervention.

Continue reading

CYBERUK 2026: From Policy to Practice and the System Inbetween

Leave a Reply

CYBERUK 2026 signals a shift from building a cyber ecosystem to operating a national cyber system. Across a series of analyses, a consistent pattern emerges: policy is coherent, execution is demanding, and outcomes are uneven. This article draws those strands together to show that the gap between strategy and delivery is not incidental; it is structural, and it defines how the system behaves.

Continue reading

CYBERUK 2026: The Missing Layer Between Strategy and Execution is Regional Capability Infrastructure

Leave a Reply

CYBERUK 2026 defines a clear national cyber strategy, but leaves a critical gap between ambition and execution. This article identifies the “missing layer”: the regional capability infrastructure required to translate policy into scalable organisational resilience. Without it, capability remains uneven, SMEs struggle to progress, and the system evolves by default rather than design, undermining the goal of distributed national resilience.

Continue reading

CYBERUK 2026: System Ambition vs Operational Reality and the Rise of a Two-Speed Cyber Economy

Leave a Reply

CYBERUK 2026 reveals a coherent but challenging shift in UK cyber strategy: from building a policy ecosystem to operating a national cyber system. While the government drives system-level resilience and AI-enabled defence, organisations are expected to execute fundamentals under increasing pressure. The result is a growing gap between ambition and capability, driving the emergence of a two-speed cyber economy where cyber security becomes a condition of market access.

Continue reading

CYBERUK 2026: From Policy Ecosystem to Operational Doctrine

Leave a Reply

The UK’s Security Minister, Dan Jarvis MBE’s CYBERUK 2026 speech, signals a shift from building a cyber ecosystem to actively operating a national cyber system. It elevates baseline security expectations, embeds supply chain enforcement, and positions AI as central to defence. However, this transition risks concentrating market power, potentially excluding SMEs while increasing dependence on a small number of large firms and frontier AI providers.

Continue reading

JLR Bail Out: When £1.5 Billion Doesn’t Fix the Problem

Leave a Reply

A £1.5B response to supply chain disruption risks masking a deeper structural problem in UK manufacturing. Cyber risk is systemic, flowing both upstream and downstream across interconnected supply chains, with SMEs bearing a disproportionate impact. The West Midlands, though not yet cyber-affluent, can lead by building coordinated regional capability, shifting focus from reactive recovery to operational resilience, visibility, and cluster-driven economic stability.

Continue reading

Merry Christmas and Happy New Year 2026 from the West Midlands Cyber Hub

Leave a Reply

As the new year begins, the West Midlands Cyber Hub is delivering an ambitious programme of practical, community-driven cyber events from January to March… with more already in development. This programme is focused on building cyber capability, confidence, and collaboration across the West Midlands, supporting organisations, practitioners, and the wider regional economy.

Continue reading

UK Flywheel and the Missing Middle: Cyber Scenes from the National Theatre

Leave a Reply

A first-hand account of the UK Flywheel event at the National Theatre: part love letter to the UK cyber ecosystem, part demolition of the comforting myths around funding, government “capability”, and NCSC’s role. From the NCSC Annual Review to West Midlands Cyber Hub, this is what the day looked like from the founder trenches rather than the podium.

Continue reading

UK Cyber at a Crossroads: Three Essays on Policy, Practice, and Growth, in Reaction to the 2025 Cyber Growth Action Plan

Leave a Reply

The UK’s cyber policy has made progress but suffers from churn, overlap, and regional imbalance. The 2025 Cyber Policy sets out ambition but lacks continuity and practitioner voice. This three-part series traces the history, critiques the new policy, and argues for a practitioner-led, regionally balanced ecosystem to stabilise the base finally.

Continue reading

Stabilising the Base: From Patchwork to Platform in the UK Cyber Ecosystem

Leave a Reply

This article argues that stabilisation must be the UK’s priority. Drawing together the lessons of history and the critique of the DSIT Cyber Growth Action Plan 2025, it calls for a practitioner-led ecosystem that ends programme churn, addresses regional imbalance, unlocks university IP, and resists government attempts to build commercial products. The vision is of hubs and networks rooted in delivery and credibility — a cyber base resilient enough to sustain long-term growth. Unless these foundations are secured, the UK will remain trapped in cycles of ambition without durability.

Continue reading

West Midlands Cyber Hub Diaries: Day One (Or Perhaps Day Sixty)

2 Replies

The West Midlands Cyber Hub marks a long-held ambition to give the region a central home for cyber. Building on the rebooted West Midlands Cyber Working Group (WM CWG), the Hub is designed to strengthen community coherence, increase investment, and connect students, SMEs, enterprises, and universities in a neutral space. Supported by DSIT, Innovate UK, Aston University, TechWM, and the Innovation Alliance for the West Midlands, the Hub will open its first phase at Enterprise Wharf in Birmingham, forming the core of a hub-and-spoke model across the region. The project team, led by Sevgi Aksoy and I (Wayne Horkan), with Rebecca Robinson as PM, is preparing for a pre-launch event on 30th September 2025.

Continue reading

Cyber as a Cluster: A Critical Review of the Midlands Engine Cyber & Defence Report (April 2025)

Leave a Reply

Cyber in the West Midlands is no longer just a business activity, it’s a cluster. With the right action, it can become a strategic economic engine. This review critiques the Midlands Engine Cyber & Defence Report (April 2025) and sets out a ten-point plan to make that transformation real. The opportunity is clear. The data is in. Now we must deliver.

Continue reading

Cyber Across European Governments: Key Bodies, Funding, and Coordination

Leave a Reply

The European cybersecurity landscape is layered, fragmented, and fast-evolving. Unlike the centralised approaches of some governments, the EU’s model of collective sovereignty means cybersecurity is coordinated, rather than controlled by Brussels. National governments still manage their defence and digital sovereignty, but major funding, regulation, and cross-border frameworks increasingly come from the EU level.

Continue reading

Cyber Across UK Government: Departments, Programmes, and Policy Players

Leave a Reply

The definitive guide to who shapes cyber policy in Whitehall, and how to work with them.

Continue reading

Inside the UK Cyber Ecosystem: A Strategic Guide in 26 Parts

Leave a Reply

An extensive guide mapping the networks, policy engines, commercial power bases, and future-shapers of British cybersecurity.

Continue reading

The Insider’s Guide to Influencing Senior Tech and Cybersecurity Leaders in the UK

Leave a Reply

Influencing senior leaders in cybersecurity and technology is no small task, especially in the UK, where credibility, networks, and standards carry immense weight. Whether you’re a startup founder, a scale-up CISO, or a policy influencer, knowing where the key conversations happen (and who shapes them) can make the difference between being heard and being ignored.

Continue reading

The Ides of March: Reflections on Cyber, Startups, and Scaling Innovation

Leave a Reply

The Ides of March is a fitting time to reflect on betrayal, resilience, and the realities of UK cybersecurity. In the past two weeks, I’ve balanced DSIT’s Cyber Local funding process, chaired the West Midlands Cyber Working Group (WM CWG), led two funding bids, scaled one startup in a brutal funding climate, and booted up a second from scratch. Along the way, I’ve won the Pitch Battle at Cyber Runway Live, launched the UK’s first dedicated universal cyber risk score and comparison site, and tackled everything from weaponised AI threats to Kafka-powered scalability, all while navigating the messy, unpredictable, and often painful journey of building something that lasts.

Continue reading