tag: board.

2026·05·23 The week in cyber — 18 to 22 May 2026 A self-spreading npm worm, a government letter that boards should read, and the second-quietest Patch Tuesday in two years. What the past working week looked like through a UK board lens. weekly · governance · ned · board 6 min 2026·05·16 The week in cyber — 11 to 15 May 2026 A self-spreading npm worm hit TanStack, Patch Tuesday had its quietest month in two years, the Cyber Security and Resilience Bill moved to Report Stage, and the ICO issued a five-step plan boards should actually read. weekly · governance · ned · board 6 min 2026·05·14 Things I wish boards would actually ask Twelve questions that would tell you more than any maturity score. None of them mention zero-trust. governance · ned · board 7 min 2026·05·09 The week in cyber — 4 to 8 May 2026 The ICO fined South Staffordshire Water nearly £1m, the DSIT cyber newsletter quietly confirmed the regulatory direction of travel, and the Canvas extortion played out on a public timeline. weekly · governance · ned · board 5 min 2026·05·04 The £320 myth: what Cyber Essentials actually costs Cyber Essentials is marketed from £320. For an unprepared 10-person UK business under the new v3.3 Danzell question set, the true first-year cost is £13,000 to £30,000 over 10 to 14 weeks. Here is the breakdown. cyber essentials · small business · ned · board · governance 9 min 2026·05·02 The week in cyber — 27 April to 1 May 2026 A learning platform serving thirty million people was breached, cPanel disclosed a zero-day that had been live in the wild for months, and April closed as the worst month for ransomware on record. weekly · governance · ned · board 5 min 2026·04·25 The week in cyber — 20 to 24 April 2026 NCSC and CISA named the Beijing-based outfit running covert botnets, the UK cyber chief told businesses to brace, and a sitting MP's website was hit with 142 million requests. A busy week. weekly · governance · ned · board 6 min 2026·02·14 The Cyber Security and Resilience Bill, a board read What the Bill actually does, what it changes for boards in and out of scope, and what the executive should be preparing to evidence over the next twelve months. regulation · governance · ned · board 8 min 2025·12·29 The year 2025 was actually about An end-of-year reflection on what 2025 turned out to be, what the noise mostly was, and what the genuinely consequential shifts were for UK cyber security at board level. annual review · governance · ned · board 8 min 2023·02·07 Digital privacy for board directors: the eighteen-post version An honest start to a long series. What digital privacy actually means for a board director in 2023, why the home / travel / work boundary is the right framing even though it leaks, and why children deserve four of the eighteen posts. privacy · ned · board · series 6 min