Cyber Risk Isn’t a Spreadsheet. Stop Modelling Risk. Fix It.
Cyber Risk Isn’t a Spreadsheet Exercise: Why Finding and Fixing Exposure Matters More Than Arguing Its Price For years, the [...]
Lessons from JLR: Understanding Supply Chain Risk
Beyond the Bailout: What the JLR Incident Teaches Us About Supply Chain Risk Executive Summary The recent disruption affecting Jaguar [...]
If You’re in a Supply Chain, This Law Applies to You
If You’re in Someone Else’s Supply Chain, This Law Applies to You The most dangerous misunderstanding about the Cyber Security [...]
How Compliance Becomes a Trust Signal
Turning Compliance into a Trust Signal: How Cyber Resilience Becomes a Differentiator For many organisations, the Cyber Security and Resilience [...]
What “Proportionate” Cyber Risk Really Means
What “Proportionate” Cyber Risk Looks Like for SMEs Under the New Bill One word appears repeatedly in the Cyber Security [...]
How Supply Chains Really Fail
How Supply Chains Really Fail: Aggregation Risk, MSPs and Hidden Single Points of Failure Most supply chains do not fail [...]
Why Traditional Third-Party Risk Management Is Failing
From Questionnaires to Reality: Why Traditional Third-Party Risk Management Is Failing For years, third-party risk management has been built on [...]
Why Most SMEs Can’t Meet the New Cyber Deadlines
Why Most SMEs Can’t Meet the New Reporting Timelines — And What Actually Works The Cyber Security and Resilience Bill [...]
When Cyber Incidents Become Commercial Crises
Incident Reporting Is Now a Commercial Event, Not a Technical One Under the UK Cyber Security and Resilience Bill, incident [...]
How Supply Chain Cyber Risk Really Changes
Supply Chain Cyber Risk Under the New UK Regime: What Changes in Practice The UK Cyber Security and Resilience Bill [...]
Are You a Cyber Risk to Your Customers?
Are You a Cyber Risk to Your Customers? The Question the New Bill Forces Boards to Ask For years, cyber risk [...]
You Can Be Regulated Without Knowing It
“Designation-by-Dependency”: Why You Can Be Regulated Without Knowing It Most organisations assume regulation starts with a form, a registration process, [...]
Are You Ready For The UK Cyber Security and Resilience Bill
The UK Cyber Security and Resilience Bill Is Coming: What Businesses Need to Know Now A significant change to the [...]
Cyber Security for Law Firms: From Compliance to Resilience
Law firms are now high-value targets for cybercrime. From ransomware to phishing to third-party breaches, the volume and sophistication of [...]
Cyber Risk Scoring: A New KPI for Angel Syndicates?
Angel syndicates and early-stage investors have long used metrics like revenue growth, burn rate, CAC, and product-market fit to guide [...]
Cyber Due Diligence for M&A: What Startups Need to Prepare
For startups eyeing an acquisition, merger, or major investment, product-market fit and revenue growth aren't the only metrics that matter. [...]
The Limitations of Security Rating Services & How to Overcome Them
Security rating services (SRS) like BitSight, SecurityScorecard, and others have become mainstays of modern third-party risk management. They offer rapid, [...]
Security Ratings vs. Real Risk: Why Lightweight TPRM Isn’t Enough
Security rating services (SRS) like BitSight, SecurityScorecard, and UpGuard were a game-changer when they first emerged — providing a fast, [...]
From Portfolio Risk to Cyber Resilience: A VC Perspective
For venture capital firms and angel syndicates, managing risk is nothing new. But in 2025, cyber risk has emerged as [...]
Managing Client Data Risk in Family & Probate Practices
Family and probate solicitors deal with some of the most sensitive personal data in the legal sector — wills, financial [...]
