$ ls writing/series/the-small-business-cyber-strategy/
series: The Small Business Cyber Strategy.
Part one of a four-part cyber strategy for UK SMBs to run in the second half of 2026: three frameworks — Cyber Essentials, Cyber Essentials Plus and ISO 27001 — nested into one spine, plus the two decisions everything hangs on: scope and ownership.
4 parts
Latest · 2026·06·23
- 01 A cyber strategy for UK small business: the foundations Part one of a four-part cyber strategy for UK SMBs to run in the second half of 2026: three frameworks — Cyber Essentials, Cyber Essentials Plus and ISO 27001 — nested into one spine, plus the two decisions everything hangs on: scope and ownership. →
- 02 The five controls that do most of the work Part two: the five Cyber Essentials controls one by one, what the Danzell question set now demands of each, the mistakes that fail firms at assessment, and how each maps onto its ISO 27001 counterpart. →
- 03 From self-assessment to assurance: Cyber Essentials Plus and ISO 27001 Part three: turning a self-assessment into assurance. What Cyber Essentials Plus actually tests on your real machines, and how to build a proportionate ISO 27001 management system that keeps the controls alive. →
- 04 Making it stick: the second-half-of-2026 roadmap Part four: making the strategy run — tested backups, a rehearsed incident plan, metrics a board will read, and a month-by-month roadmap to be certified and rehearsed by Christmas. →