Tag Archives: Threat Modelling

Cyberbiosecurity in the New Normal Reviewed: Governance First, Apocalypse Later

Leave a Reply

Fouad’s “Cyberbiosecurity in the New Normal” attempts to elevate the digitisation of biology into a matter of international security. She is right that biology is now deeply digital and that this creates new attack surfaces. Where the article overreaches is in treating these risks as exceptional, geopolitically novel, or strategically transformative in themselves. Most cyberbio risks today are not exotic or unprecedented; they are familiar engineering and governance failures appearing in a new domain. The danger is less hacked DNA than over-securitised data.

Continue reading

From Threat Model to Regulator Narrative: Security Architecture for Regulated Financial Services Data Platforms

Leave a Reply

This article reframes security as an architectural property of regulated financial services data platforms, not a bolt-on set of controls. It argues that true security lies in preserving temporal truth, enforcing authority over data, and enabling defensible reconstruction of decisions under scrutiny. By grounding security in threat models, data semantics, SCD2 foundations, and regulator-facing narratives, the article shows how platforms can prevent silent history rewriting, govern AI safely, and treat auditability as a first-class security requirement.

Continue reading

Overview, Summary, Thoughts, and Recommendations on the NCSC Cyber Security Risk Management Guidance

Leave a Reply

This article evaluates the NCSC’s Cybersecurity Risk Management Guidance, highlighting its strengths in broad coverage and practical tools but identifying key weaknesses, including the lack of an integrated end-to-end framework, inconsistent depth, and limited audience-specific tailoring. It recommends strengthening the framework’s integration, providing accessible tools, addressing organisational resistance, and incorporating strategies for emerging technologies and black swan events. These enhancements could elevate the guidance to a truly comprehensive standard for diverse organisations.

Continue reading