Tag Archives: national security

The NCSC Annual Review 2025: Between Capability and Stasis

Leave a Reply

The article examines the NCSC Annual Review 2025 as both a testament to accomplishment and a warning. It praises the NCSC’s technical competence but questions its identity: regulator, delivery agency, or state-backed market player? It highlights contradictions — DSIT hailing it as “the jewel in the crown” while eroding its remit, diluting CyberFirst into TechFirst, ending its startup work, and overstating the benefits of Cyber Essentials. The piece concludes that the NCSC is overextended and under-defined, needing clarity of purpose more than new initiatives — less performance, more direction.

Continue reading

Systems in Tension: Britain’s China Crisis Spy Farce and the Architecture of Denial

Leave a Reply

A forensic if mordant look at how the “Chinese spies in Parliament” case collapsed.  I don’t think it was lies, more a system that’s eating itself. Legal, political, and economic silos each told their own version of the truth until coherence disappeared into the vortex. Between Cummings’ claims, Martin’s rebuttals, the embassy standoff, and Kemi Badenoch’s attack on Starmer, it’s a living portrait of Britain’s institutions locked in tension. Prosperity versus protection; diplomacy versus denial. But it doesn’t mean the system is broken; it might be working exactly as intended. Get the money in at all costs?

Continue reading

Military Theatres and Battlefield Tech: Archetypal OT, Misgoverned as ICT

Leave a Reply

This article examines how military theatres, battlefield systems, and drone technologies are quintessential Operational Technology (OT) environments, yet are often mismanaged under traditional ICT frameworks. It highlights the real-time, cyber-physical, and life-critical nature of defence systems, and argues for a shift toward mission-aware OT security governance to prevent strategic and kinetic failures.

Continue reading

A Brief History of the Term Cyber (Meaning Cybersecurity)

Leave a Reply

This article explores how the word cyber evolved from its academic roots in cybernetics to its current role as shorthand for cybersecurity. It traces the rise of cyberpunk fiction, the growing association with digital threats in the 1990s, and how UK policy frameworks adopted and institutionalised the term, culminating in the creation of the National Cyber Security Centre (NCSC). From Greek etymology to modern geopolitics, cyber has shifted from describing control to denoting risk.

Continue reading

Driving Cyber Resilience in the Defence Supply Chain: Summary of Key Actions and Recommendations and Some Thoughts

Leave a Reply

The Ministry of Defence (MOD) has issued a call to action for Defence industry CEOs and Defence Leads, underlining the critical importance of enhancing cyber resilience across the Defence supply chain, “Letter from the Second Permanent Secretary, DG Chief Information Officer and DG Commercial to Defence industry CEOs/Defence Leads“. The letter, signed by Paul Lincoln, Second Permanent Secretary; Charles Forte, DG Chief Information Officer; and Andrew Forzani, DG Commercial, stresses the heightened global cyber threat landscape and the need for immediate and robust action to safeguard the UK’s Defence capabilities.

Continue reading

Navigating the Defence and National Security Sector: Lessons from James Gayner MBE

Leave a Reply

James Gayner MBE provides a comprehensive overview of how startups can engage with the defence and national security sectors. Learn how to navigate the complex procurement landscape, build relationships with prime contractors, and overcome the hurdles faced by SMEs in this challenging but rewarding space.

Continue reading

Sun Microsystems Leads the Charge on Cloud Sovereignty and Security: Wayne Horkan, Sun CTO for the UK and Ireland, to form Cloud Security Forum

Leave a Reply

In May 2009, at the Cloud Expo Europe in London, I announced my intention to form a cross-sector forum aimed at addressing the pressing security issues surrounding cloud computing. The goal was to ensure that cloud computing, especially as it becomes a critical part of the UK’s national infrastructure, remains secure and compliant with UK laws and regulations.

Continue reading