This is where I share practical insights on cybersecurity, risk management, and business resilience — focused on what it means for leadership and organisations in practice.
You’ll find clear, business-focused guidance on topics like NIS2, the Cybersecurity Act, governance, incident management, continuity, and third-party risk.
Third-party cyber risk is often invisible, but it can have the biggest impact on your organisation.
Cyber incidents will happen – what matters is how your organisation responds under pressure.
Business resilience is not about avoiding disruption – it is about maintaining operations and recovering quickly when it happens.
Cyber risk analysis is not about identifying everything – it is about prioritising what actually matters to the business.
Cybersecurity is not an IT issue — it is a business risk impacting revenue, operations and leadership decisions.
NIS2, CER and CRA shift cybersecurity from an IT concern to a core leadership responsibility shaping risk, governance and business survival.