Tag Archives: cybersecurity

Top Cybersecurity Firms and Services Shaping Europe’s Digital Defence

Cybersecurity in Europe is evolving quickly, driven by growing regulation (NIS2, Cyber Resilience Act), state-sponsored threats, and accelerating digital transformation. The result is a dynamic and diverse vendor landscape: large integrators defending entire ministries, regional champions supporting SMEs, and specialised firms leading in OT, AI security, and cyber risk quantification.

Continue reading →

Major Cyber Vendors and Service Providers in the UK

The UK’s cybersecurity sector is home to thousands of providers, ranging from nimble startups and regional MSSPs to global consulting firms and homegrown risk intelligence platforms. While the National Cyber Security Centre (NCSC) sets the tone for policy and technical guidance, it’s these vendors that translate strategy into services: monitoring networks, managing risk, conducting audits, and responding to breaches in real time.

Continue reading →

Cyber Across Global Governments: International Cooperation and National Strategies

Cybersecurity has become a pillar of national security, digital economy growth, and global diplomacy. From ransomware attacks on hospitals to interference in democratic elections, governments worldwide now treat cyber threats as matters of statecraft, not just IT hygiene. While national strategies differ, a few shared patterns have emerged: defence of critical infrastructure, capacity building, and international coordination.

Continue reading →

Cyber Across US Government: Agencies, Frameworks, and Innovation Pathways

The United States is arguably the most influential force in global cybersecurity, but its governance model is sprawling, federal, and often opaque to outsiders. Responsibility is distributed across military, civilian, and intelligence agencies, each with their own authorities, funding mechanisms, and strategic priorities.

Continue reading →

Cyber Across European Governments: Key Bodies, Funding, and Coordination

The European cybersecurity landscape is layered, fragmented, and fast-evolving. Unlike the centralised approaches of some governments, the EU’s model of collective sovereignty means cybersecurity is coordinated, rather than controlled by Brussels. National governments still manage their defence and digital sovereignty, but major funding, regulation, and cross-border frameworks increasingly come from the EU level.

Continue reading →

Stakeholder Grid Example 1: Cyber Tzar

Understanding your stakeholder landscape is key to scaling effectively, especially in cybersecurity, where trust, standards, and adoption often hinge on who’s in the room. This article explores how Cyber Tzar, a cybersecurity scale-up specialising in supply chain risk and cyber risk scoring, applies the Stakeholder Mapping Grid to guide its strategic engagement.

Continue reading →

Cyber Across UK Government: Departments, Programmes, and Policy Players

The definitive guide to who shapes cyber policy in Whitehall, and how to work with them.

Continue reading →

Inside the UK Cyber Ecosystem: A Strategic Guide in 26 Parts

An extensive guide mapping the networks, policy engines, commercial power bases, and future-shapers of British cybersecurity.

Continue reading →

The Insider’s Guide to Influencing Senior Tech and Cybersecurity Leaders in the UK

Influencing senior leaders in cybersecurity and technology is no small task, especially in the UK, where credibility, networks, and standards carry immense weight. Whether you’re a startup founder, a scale-up CISO, or a policy influencer, knowing where the key conversations happen (and who shapes them) can make the difference between being heard and being ignored.

Continue reading →

16 Years On: Was I Right About the UK’s Industry and Innovation Imbalance?

Exactly sixteen years on from my 2009 article on the UK’s economic imbalance, I reflect on how services continue to dominate GDP, while manufacturing still punches above its weight in R&D. I was right about the R&D gap, but missed the rise of intangible capital and startup-led innovation. Cybersecurity emerged as both a strategic asset and an innovation driver. Government efforts have been patchy, and real balance remains elusive. The future lies in resilience, not symmetry.

Continue reading →

Of Course You’re Not Resilient… You Never Practised Failing

A blunt critique of organisations that claim to be resilient but have never stress-tested their systems, rehearsed recovery under pressure, or practised failure in any meaningful way. The article challenges boardroom bravado and highlights the psychological and operational consequences of untested confidence, arguing that true resilience is earned through discomfort, not declared in policy.

Continue reading →

Inside the Breach: What M&S and the Harris Federation Reveal About UK Cyber Vulnerabilities

Two senior leaders, Sir Charlie Mayfield, former John Lewis chairman, and Sir Dan Moynihan, CEO of the Harris Federation, joined BBC Radio 4’s Today Programme on 1 May 2025 to discuss the impact of recent cyber attacks on Marks & Spencer, the Co-op, and UK schools. Their stories offer rare insight into how institutions respond to major breaches and what it really takes to recover.

Continue reading →

When a Parking Permit Becomes a Cyber Risk: Understanding Indirect Supply Chain Threats

While applying for a parking permit, I discovered an expired SSL certificate on a council website, highlighting how small oversights in public services can expose broader cybersecurity risks. This real-world example shows why organisations must take indirect supply chain risk seriously, particularly in regions critical to national security.

Continue reading →

How CVSS Works: A Guide to Vulnerability Scoring

The Common Vulnerability Scoring System (CVSS) is a widely used framework for evaluating and communicating the severity of software vulnerabilities. First introduced in 1999, CVSS has become the standard scoring method for organisations to prioritise security efforts and manage vulnerabilities systematically. By assigning numerical scores to vulnerabilities based on their characteristics, CVSS enables teams to assess risks and allocate resources effectively.

Continue reading →

Thomas Pynchon Returns: What Shadow Ticket Means for Me

What’s that you say? Thomas Pynchon announces a new book to be released in October 2025? No frigging way, Dude. Will it be multi-episodic, akin to Gravity’s Rainbow? Mason and Dixon, Against the Day? V even? Or more accessible, Inherent Vice, Vineland, or Bleeding Edge? Am I buying a copy? Of course I am.

Continue reading →

Inside the CyberASAP 2025 Kickoff: Mentoring, Learning, and Supporting the Next Generation of Academic Cyber Innovators

I recently attended the CyberASAP Year 9 Kickoff as a mentor, and also took the opportunity to experience the first two days alongside the academic teams to better understand what they go through. This blog captures my reflections from all three days, covering IP, value propositions, stakeholder mapping, and some of the truly impressive innovations coming from UK universities. It also looks at the history and purpose of the programme and why it continues to matter in bridging the gap between research and real-world impact.

Continue reading →

Innovation Incoming in Space: Notes from the Royal Academy of Engineering Panel, 31 March 2025

The Royal Academy of Engineering’s Innovation Incoming in Space (31 March 2025, Prince Philip House) offered an insightful and fact-rich exploration of the technologies shaping the future of the space economy. With topics ranging from space-based solar power and crystallisation in orbit to modular infrastructure and lunar habitation, the panel discussed how innovation is driving space from the experimental to the operational. Set against the backdrop of geopolitical shifts and commercial competition, the event underscored the UK’s strategic opportunity to lead in agile engineering, cyber resilience, and space-enabled industrial capability. A dawning theme throughout the evening was the growing realisation that space is becoming commercial, contested, and critically dependent on cyber resilience.

Continue reading →

Scaling Cyber: A Startup Founder’s Journey from Idea to Exit

This virtual book is a guide to the entrepreneurial journey, drawn from real-world experiences in cyber startups. It distils insights from my time on the NCSC for Startups accelerator (cohort 13, 2023), the DSIT Cyber Runway Scale programme (2024/2025), and my mentoring on DSIT’s Cyber ASAP programme. It’s a collection of lessons, reflections, and hard-earned knowledge from the founders, investors, and industry leaders I’ve met along the way. Thanks to Marcel Duchamp you can think of it as a “ready made”, a curated work built from my blog articles, assembled to help you navigate the path from startup to scale, and beyond.

Continue reading →

The Ides of March: Reflections on Cyber, Startups, and Scaling Innovation

The Ides of March is a fitting time to reflect on betrayal, resilience, and the realities of UK cybersecurity. In the past two weeks, I’ve balanced DSIT’s Cyber Local funding process, chaired the West Midlands Cyber Working Group (WM CWG), led two funding bids, scaled one startup in a brutal funding climate, and booted up a second from scratch. Along the way, I’ve won the Pitch Battle at Cyber Runway Live, launched the UK’s first dedicated universal cyber risk score and comparison site, and tackled everything from weaponised AI threats to Kafka-powered scalability, all while navigating the messy, unpredictable, and often painful journey of building something that lasts.

Continue reading →

Radia Perlman and the Innovation of STP and OSPF: A Legacy in Networking for International Women’s Day

Radia Perlman, often called the “Mother of the Internet”, revolutionized networking with her Spanning Tree Protocol (STP) and contributions to Open Shortest Path First (OSPF). Her innovations enabled loop-free redundancy in Ethernet networks and fast, scalable routing in modern infrastructure. Beyond STP and OSPF, Perlman has worked on network security, PKI, and TRILL, ensuring the internet remains resilient and efficient. As we celebrate International Women’s Day, recognizing pioneers like Perlman reminds us of the vital role of women in shaping technology.

Continue reading →