There is a quiet assumption in many organisations that software risk is primarily a function of what their own developers produce. Secure coding practices, internal… Read More »Understanding the hidden risks in modern software dependencies.
There is no shortage of cyber security events. Most promise insight. Most deliver information. Very few create the conditions for clear thinking. For senior leaders… Read More »Why The-C2 matters now more than ever for cyber security leaders
Artificial intelligence has moved from research laboratories into everyday business operations with remarkable speed. Since the public release of large language models and other generative… Read More »Artificial intelligence is transforming cyber security, but leadership responsibility is growing just as quickly.
Artificial intelligence is increasingly embedded in systems that influence high impact decisions. In security operations, fraud detection, threat triage, identity verification, and investigative analytics, AI… Read More »If you deploy AI without addressing bias, you are creating a governance risk.
For years, quantum computing has been discussed as a distant threat. Boards have heard about it in horizon scanning briefings. Security teams have included it… Read More »Post quantum cryptography is not a future problem. It is a prioritisation problem today.
In almost every major cyber incident I have examined, there is a moment when the conversation shifts. It moves from technical containment to strategic consequence.… Read More »Cyber security is not an IT problem. It is a board level judgement call.
Artificial intelligence is now firmly embedded in many of the systems organisations rely on to assess risk, prioritise action, and allocate resources. In cyber security,… Read More »When AI informs decisions, bias becomes a leadership issue, not a technical one.
Senior executives responsible for cyber security are increasingly expected to explain, justify, and defend the state of their organisation’s cyber maturity. Boards want assurance. Regulators… Read More »What cyber security maturity really means, and why executives must define it for themselves.
For all the investment organisations have made in cyber security over the past decade, one uncomfortable truth remains. The single most common way attackers gain… Read More »Why passwords are still failing your organisation and what leaders should do next.
When organisations prepare for cyber incidents, the focus is usually on technology, containment, and recovery timelines. These are essential considerations, but they are not the… Read More »Cyber incidents are human crises first. Treat them that way.