Europol Just Admitted Cybercrime Is an Industry
Europol have just published the closest thing to an honest map of organised cybercrime. Your security supplier has not mentioned it. Why?
Read more →Opinion
13 articles
Your Green Tick Is Not A Security Strategy: What YellowKey Tells You About BitLocker Defaults
BitLocker is on, so we're fine. Five days after YellowKey dropped, that sentence has become a confession. Here is what the default actually protects against.
Read more →
You're Not Saving Money on IT. You're Self-Insuring Against Cyber Risk, Badly.
Every business owner who chose the cheaper IT quote just made an insurance decision. They did not know that. Most of them still do not. That is the whole problem.
Read more →
The 43% Cyber Lie: How One Government Statistic Became the Engine of UK Vendor Fear-Mongering
DSIT publishes a misleading headline figure every April. They also publish a more honest cyber crime number in the same report. Guess which one the press, the vendors, and your MSP quote at you.
Read more →
You Have Hired an Intern With No Sense of Discretion and Handed It the Filing Cabinet: The AI Governance Disaster Hiding in Plain Sight
31% of UK businesses are adopting AI. Only 24% have any security governance. Three quarters have hired an eager intern with zero discretion.
Read more →
Google Chrome, Gemini Nano, and the 4 GB Consent Problem
Google Chrome has been quietly dropping a 4 GB AI model onto user machines. No clear prompt. No informed consent. Just a mystery file buried in a browser profile. This is not about AI being evil. This is about a vendor treating your disk space, your bandwidth, and your governance obligations as someone else's problem.
Read more →
The Government Finally Admitted the Cyber Front Line Is Here. Shame It Took This Long.
The cyber front line is already here. CyberUK 2026 made that official. Small businesses need to act before procurement does.
Read more →
Stop Blaming DNS and Start Understanding Your Own Bloody Network
DNS is the messenger, not the murderer. The real problem is that most UK small businesses do not understand their own networks.
Read more →
When McDonald's Gives Better Cybersecurity Advice Than Your IT Department
When McDonald's Netherlands embarrassed the entire security industry with one ad, your password policy became the problem. Here is how to fix it.
Read more →
Your Insurer Isn't Betting On Your Security. They're Betting You Can't Prove It.
Over 40% of UK cyber claims are denied. Not because businesses are fraudulent: because the real product insurers sell is plausible deniability, not coverage.
Read more →
Dave Is Your Biggest Security Vulnerability and He Does Not Even Know It
Dave configured the servers in 2014 and only Dave knows how they work. Dave is not a solution. Dave is a liability.
Read more →
WordPress Isn't a Website. It's a Patch Management Emergency With a Blog Attached.
50,000 WordPress sites exposed by one contact form plugin. CVSS 9.8. No login required. This is not bad luck. This is the WordPress business model.
Read more →
I Left Them Two Bottles of Prosecco and They Fixed Cybersecurity Without Me
I missed the podcast. I came back to find that Mauven, Corrine, and Lucy had recorded what may be the most useful episode we've produced in months. They were completely, infuriatingly right. And here's why that matters for your business.
Read more →