Tag Archives: cybersecurity

Cyber and Academia in Europe: Horizon Projects, Hubs, and Collaboration

Europe’s cybersecurity academic landscape is distributed, multi-lingual, and deeply integrated into public policy and industrial ecosystems. With powerful funding mechanisms like Horizon Europe, a strong regulatory backdrop (e.g. NIS2, Cyber Resilience Act), and a rising number of EU-funded collaborative hubs, academia in Europe isn’t just producing talent and research, it’s driving long-term cyber resilience at national and EU levels.

Continue reading

Tech Nation Rising Stars Midlands Final 2025 – Notes from the Canopy

There’s a quiet satisfaction in sitting on the edge of things, absorbing detail, thinking clearly, watching structure unfold. Last April, at The Canopy at The Bond in Birmingham’s Digbeth district, I was glad to attend the Midlands Regional Final of Tech Nation Rising Stars 2025. This wasn’t just a pitch competition; it was a sharp snapshot of the region’s entrepreneurial promise, delivered without bluster but full of energy.

Continue reading

Cyber and Academia in the UK: Research Centres, Spinouts, and Influence

The UK’s academic institutions play a foundational role in shaping the country’s cybersecurity ecosystem. They don’t just educate the workforce, they produce world-class research, support government policy, commercialise IP into high-growth spinouts, and influence standards through international collaboration.

Continue reading

Cybersecurity Meets Health Innovation: Rethinking Risk at the OT Frontline

Cybersecurity in healthcare isn’t an IT sidebar; it’s now a core operational risk and a foundational element of patient safety and innovation. This write-up captures the highlights, insights, and next steps from our June 2025 event (last Monday), convening leaders across health, cyber, academia, and business.

Continue reading

Global Cyber Powerhouses: The Leading Vendors and What They Offer

Cybersecurity is a global industry, but it’s also a geopolitical one. The vendors featured in this guide are not just tech companies. They’re often strategic assets, embedded in national security frameworks, powering defence alliances, and influencing cyber norms across continents.

Continue reading

The Virtuous Triangle: Rethinking Risk at Scale

This article introduces the Virtuous Triangle as a strategic framework for understanding cyber risk through the combined lenses of vulnerability assessment, threat intelligence, and contextual risk analysis. It argues that meaningful risk assessment only emerges when these components are integrated and automated at scale. Drawing on decades of experience, the piece reflects on the limitations of standalone data and the necessity of systems thinking in cybersecurity.

Continue reading

The US Cyber Giants: Vendors, Solutions, and Federal Reach

The United States is home to the most powerful cybersecurity vendors on the planet. These companies don’t just sell products, they influence standards, embed themselves in national security supply chains, and shape global policy through their scale, threat intelligence, and lobbying power.

Continue reading

Environments That Are Actually OT (But Often Misclassified as IT)

This article identifies and evaluates real-world environments that function as Operational Technology (OT) systems but are typically treated as standard IT infrastructure. It outlines the cyber-physical risks of this misclassification and calls for a shift in risk posture, governance, and tooling to reflect the real operational realities of these spaces.

Continue reading

Understanding OT: Operational Technology in Context

This article defines Operational Technology (OT) as distinct from traditional IT, highlighting its core characteristics, such as real-time control, safety-critical processes, long-lifecycle assets, and minimal security by design. It is the first in a short series of articles that argues that failure to recognise OT environments as such leads to systemic cybersecurity blind spots, particularly in sectors like healthcare, logistics, and building management.

Continue reading

Cyber Is New: Why We’re Just Getting Started… Emerging Trends and Future Directions

Cybersecurity feels foundational today, but as a discipline, it is startlingly young. This article argues that cyber is still in its infancy, especially when compared to IT or financial governance, and outlines why this newness matters. From AI security and quantum disruption to the structural challenges facing certification, education, and regulation, the piece maps both future directions and the underlying trends shaping the field. In a world where cyber is everywhere, this article insists: we’re just getting started.

Continue reading

A Brief History of the Term Cyber (Meaning Cybersecurity)

This article explores how the word cyber evolved from its academic roots in cybernetics to its current role as shorthand for cybersecurity. It traces the rise of cyberpunk fiction, the growing association with digital threats in the 1990s, and how UK policy frameworks adopted and institutionalised the term, culminating in the creation of the National Cyber Security Centre (NCSC). From Greek etymology to modern geopolitics, cyber has shifted from describing control to denoting risk.

Continue reading

A Brief History of the Terms: Risk Assessment, Risk Management, and GRC

This article explores the historical development and convergence of three foundational concepts in organisational security: risk assessment, risk management, governance, risk, and compliance (GRC). Tracing their origins in engineering, finance, and corporate governance, it charts their institutionalisation across the UK and their modern evolution into digital, real-time resilience frameworks that underpin enterprise cybersecurity and compliance today.

Continue reading

A Brief History of Penetration Testing: From Tiger Teams to PTaaS

This article traces the history of penetration testing from its military and intelligence roots in the 1960s to its formalisation through U.S. Tiger Teams and J.P. Anderson’s security frameworks. It follows the growth of pen testing into the commercial sector during the 1980s–90s, highlights key tooling milestones like SATAN, and explores its professionalisation in the 2000s via OWASP and PTaaS models. A dedicated UK section explains the roles of CESG, CHECK, CREST, and the NCSC in standardising and accrediting pen testing within British institutions. The article concludes with a reflection on how penetration testing continues to evolve in parallel with modern cyber threats.

Continue reading

Top Cybersecurity Firms and Services Shaping Europe’s Digital Defence

Cybersecurity in Europe is evolving quickly, driven by growing regulation (NIS2, Cyber Resilience Act), state-sponsored threats, and accelerating digital transformation. The result is a dynamic and diverse vendor landscape: large integrators defending entire ministries, regional champions supporting SMEs, and specialised firms leading in OT, AI security, and cyber risk quantification.

Continue reading

Major Cyber Vendors and Service Providers in the UK

The UK’s cybersecurity sector is home to thousands of providers, ranging from nimble startups and regional MSSPs to global consulting firms and homegrown risk intelligence platforms. While the National Cyber Security Centre (NCSC) sets the tone for policy and technical guidance, it’s these vendors that translate strategy into services: monitoring networks, managing risk, conducting audits, and responding to breaches in real time.

Continue reading

Cyber Across Global Governments: International Cooperation and National Strategies

Cybersecurity has become a pillar of national security, digital economy growth, and global diplomacy. From ransomware attacks on hospitals to interference in democratic elections, governments worldwide now treat cyber threats as matters of statecraft, not just IT hygiene. While national strategies differ, a few shared patterns have emerged: defence of critical infrastructure, capacity building, and international coordination.

Continue reading

Cyber Across US Government: Agencies, Frameworks, and Innovation Pathways

The United States is arguably the most influential force in global cybersecurity, but its governance model is sprawling, federal, and often opaque to outsiders. Responsibility is distributed across military, civilian, and intelligence agencies, each with their own authorities, funding mechanisms, and strategic priorities.

Continue reading

Cyber Across European Governments: Key Bodies, Funding, and Coordination

The European cybersecurity landscape is layered, fragmented, and fast-evolving. Unlike the centralised approaches of some governments, the EU’s model of collective sovereignty means cybersecurity is coordinated, rather than controlled by Brussels. National governments still manage their defence and digital sovereignty, but major funding, regulation, and cross-border frameworks increasingly come from the EU level.

Continue reading

Stakeholder Grid Example 1: Cyber Tzar

Understanding your stakeholder landscape is key to scaling effectively, especially in cybersecurity, where trust, standards, and adoption often hinge on who’s in the room. This article explores how Cyber Tzar, a cybersecurity scale-up specialising in supply chain risk and cyber risk scoring, applies the Stakeholder Mapping Grid to guide its strategic engagement.

Continue reading

Cyber Across UK Government: Departments, Programmes, and Policy Players

The definitive guide to who shapes cyber policy in Whitehall, and how to work with them.

Continue reading