The Government Is Consulting on an Enterprise IoT Security Law. What Happens Next?
The Internet of Things (IoT) is often thought of as a technologically advanced ecosystem of “next-gen” devices and back-end systems. In...
Author: Phil Muncaster
The Cyber Security and Resilience Bill: What You Need to Know
The road to cyber resilience for UK critical infrastructure (CNI) has been a long and winding one. The government’s NIS Regulations 2018 is w...
A Cautionary Tale: What the Advanced Health and Care Case Tells Us About Cyber Resilience
At the end of March, Advanced Computer Software Group was fined just over £3m by the UK’s data protection regulator. Multiple security failures at ...
What’s Going Wrong with NIS 2 Compliance, and How to Put It Right
A “one and done” mindset is not the right fit for regulatory compliance—quite the reverse. Most global regulations require continuous i...
Cybersecurity Advances Have Stalled Among UK Companies: Here’s How to Fix It
Every day, we read about the damage and destruction caused by cyber-attacks. Just this month, research revealed that half of UK firms were forced t...
The Line Between Nation States and Cybercrime Is Blurring: That’s Bad News for CISOs
Everyone’s feeling more worried about geopolitical risk these days. That’s due largely to the chaos engulfing Washington, although glob...
Some Vulnerabilities Are Forgivable, But Poor Patch Management Is Not
At the start of the year, the UK’s National Cyber Security Centre (NCSC) called on the software industry to get its act together. Too many &#...
What DeepSeek Tells Us About Cyber Risk and Large Language Models
Not many companies can single-handedly wipe out $1 trillion in market capitalisation from the US stock market. Yet that’s exactly what Chines...
A Roadmap for PS21/3: Why Time is Running Out for Financial Services
Plenty has been written about the need for financial services firms to enhance operational resilience. But most of those column inches have until n...
How a New Code of Practice Could Help Mitigate AI Risk
The British government is betting big on AI. Given the state of public finances and a prolonged national productivity slump, in many ways, it has t...
Hunting RATs: How to Mitigate Remote Access Software Risks
Remote access software has been a popular tool for IT administrators, managed service providers (MSPs), SaaS firms and others for many years. It of...
Navigating Cyber Complexity in a Risky World: Lessons Learned from WEF
Cyberthreats may have dropped slightly on the list of global risks to watch over the next 2-10 years. But according to the World Economic Forum (WE...
Will the UK’s AI Growth Plans Also “Mainline” Cyber Threats?
The UK has, for over a decade, been an economic underachiever. Since the financial crisis of 2008-9, productivity has barely risen, increasing the ...
The UK’s CNI Providers Are Struggling: 2025 Will Be a Critical Year for Cyber
The UK’s critical national infrastructure (CNI) is named so for a reason. However, the large volumes of sensitive data that providers store, their ...
The EU Cyber Solidarity Act Is Coming: Here’s What it Means
The EU is not short on cybersecurity legislation. Over the past year, it has introduced laws covering smart devices, AI safety, financial services,...
Securing Open Source in 2025 and Beyond: A Roadmap for Progress
It’s been over three years since Log4Shell, a critical vulnerability in a little-known open-source library, was discovered. With a CVSS score...
Five Cybersecurity and Compliance Trends to Watch in 2025
The past 12 months have once again taught us that while technology continues to advance at sometimes blinding speed, many of the macro trends in se...
A Year in Compliance: Five Key Trends from 2024
It’s been another year full of incidents for security and compliance teams. Buffeted by ransomware attacks, supply chain and open source threats, i...
Quantum Is Coming: Here’s What the Data Protection Regulator Says
A new technological development is coming in the ongoing arms race between network defenders and their adversaries, which could dramatically disrup...
How to Comply with the New EU Cyber Resilience Act
UK regulation rarely steals a march on the EU. Yet that is precisely what happened in April 2024 when the UK’s Product Security and Telecommu...
Routers Under Attack: How Companies Can Protect Their Gateway to the Internet
Modems and routers aren’t the most glamorous of connected technologies. In fact, their ubiquity means that most organisations forget theyR...
What You Need to Know About the New Australia Cyber Security Act
The digital world is an increasingly dangerous place for Australian organisations. A string of high-profile data breaches and ransomware attacks ov...
Initial Access Brokers: The Indispensable Link in the Cybercrime Supply Chain
This year is on track to be a record-breaker for ransomware groups. Blockchain analysis reveals that “inflows” to cryptocurrency addresses associat...
