$ ls writing/ -lt
writing.
Notes from the desk, not thought leadership. Specifics over slogans. If a piece couldn't earn its keep at a kitchen table, it didn't make it here.
Total · 114 pieces
Latest · 2026·07·04 Page · 2 / 5 Locale · en_GB
License · CC BY 4.0
$ grep -l tag:* | sort | uniq
2026·04·18
What it changed about my other machines Last in the six-post series on the Covert Cyber Deck. The deck as catalyst, not destination — what designing and living with it changed about how I look at my work laptop, my home network, the firm's estate, and the boards I advise. cyberdeck · reflection · governance · sovereignty
6 min
2026·04·14
Six years of EmilyAI: what we kept, what we changed, what we should have done sooner Post 20 of the AI series. A longer reflective piece. Eight years on from the first sketch of the system that became EmilyAI, six years on from production deployment, the architectural retrospective the series has been building toward. ai · soc · retrospective · emilyai · series
9 min
2026·04·04
Healthcare's reckoning Three months of attacks have produced a clarifying set of numbers. £32.7m at Synnovis. 150,000 households warned at NHS Dumfries and Galloway. At least one patient death attributed. Healthcare is where concentration risk meets the lowest acceptable downtime threshold. healthcare · ransomware · governance · cni
7 min
2026·04·02
In defence of writing the code yourself On staying technical while sitting in chairs that don't expect you to be. ned · craft · operator
5 min
2026·03·28
What I got wrong An honest account of the calls I have made in the past three years that did not land — what I was reading into the evidence that was not there, and what I would do differently. reflection · craft · leadership
6 min
2026·03·14
Living with it: the costs of offline-first Post five of six on the Covert Cyber Deck. Honest notes on using the slate as a daily driver for several months. What I gave up. What surprised me. Where the bargain felt good and where it felt silly. cyberdeck · craft · honesty · sovereignty
7 min
2026·03·07
The two disciplines that quietly do most of the work Default-deny on USB and hardware-backed multi-factor authentication. Two unfashionable practices that, between them, would prevent more compromise than any tool a CISO will buy this year. operational · craft · hardening
5 min
2026·03·03
DeepSeek and the supply chain of intelligence Post 19 of the AI series. The open-weight reasoning models from DeepSeek and others have changed the supply chain of intelligence. The provenance, licensing, and operational properties of the models you run are now a cyber security question worth taking seriously. ai · supply chain · provenance · series
7 min
2026·02·14
The Cyber Security and Resilience Bill, a board read What the Bill actually does, what it changes for boards in and out of scope, and what the executive should be preparing to evidence over the next twelve months. regulation · governance · ned · board
8 min
2026·02·11
fail2ban is not access control. It is not nothing, either. A short essay on the long argument I keep having with people who should know better. technical · hardening · ssh
4 min
2026·01·24
What I deliberately left off Post four of six on the Covert Cyber Deck. Every component is a question. These are the things I chose not to include — Bluetooth on the management plane, a camera, GPS, cellular, several others — and the single question that flushed each one out. cyberdeck · subtraction · privacy · craft
7 min
2026·01·20
The CSR Bill and AI in cyber: what the regulator now expects Post 18 of the AI series. The Cyber Security and Resilience Bill is moving toward commencement. What it changes for AI in cyber security specifically, what the secondary legislation drafting suggests, and what vendors and customers should be preparing. ai · regulation · csr-bill · series
7 min
2026·01·17
SolarWinds at five Five years on from the disclosure of the SolarWinds Orion compromise, what actually changed in how UK boards think about third-party software risk — and what did not. A practitioner's retrospective on the case study that defined the decade. supply chain · governance · ned · retrospective
8 min
2026·01·10
The supplier underneath the supplier Three disclosures last month tell the same story from three angles: NHS England's tech provider, an NHS GP software supplier, and the Foreign Office. None of them is the headline brand. All of them are where the actual attack surface lives. supply-chain · third-party · governance · cni
6 min
2025·12·29
The year 2025 was actually about An end-of-year reflection on what 2025 turned out to be, what the noise mostly was, and what the genuinely consequential shifts were for UK cyber security at board level. annual review · governance · ned · board
8 min
2025·12·20
Where I trusted, where I didn't Post three of six on the Covert Cyber Deck. The supply chain decisions behind the build — why I chose the parts I chose, why I rejected several I considered, and why I ended up drawing the carrier PCB myself rather than buying one. cyberdeck · supply-chain · craft · sovereignty
7 min
2025·12·09
Year in cyber AI 2025: the agentic year that mostly was not Post 17 of the AI series. The 2025 retrospective. Operator agents arrived but mostly in pilot, the determinism property went mainstream in procurement, the regulators caught up, and constrained agency became the named shape. The honest read going into 2026. ai · retrospective · soc · series
8 min
2025·11·22
The threat model, written down Post two of six on the Covert Cyber Deck. The threat model I have spent the last month writing down — what I am protecting against, what I am not, and why putting it in plain English changed the rest of the build. cyberdeck · threat-model · privacy · sovereignty
6 min
2025·11·17
What the merger was actually for Hedgehog Security and UK Cyber Defence merged this month. Here is the thinking the announcement did not contain — what we were trying to fix, and what kind of firm we are now trying to be. leadership · ukcd · hedgehog · craft
7 min
2025·10·28
Frontier AI in CNI: the regulators are paying attention Post 16 of the AI series. The autumn joint statements from the BoE, FCA and HM Treasury on frontier AI and operational resilience signal where financial-services regulators have arrived. The implications for AI in cyber security are sharper than the public conversation suggests. ai · regulation · cni · series
7 min
2025·10·18
Building a machine I can fully describe First in a six-post series on the Covert Cyber Deck — a portable slate I am building around a Pi CM5, two SDRs, a custom carrier PCB, and a hardened Ubuntu. The argument is not the hardware. It is what designing it forces you to think about. cyberdeck · privacy · sovereignty · craft
6 min
2025·09·27
The line the ICO is now drawing Capita £14m. Advanced Computer Software £3.07m. Neither fine was for the breach. Both were for the controls that preceded it. The ICO has redrawn what "adequate security" means in evidence — and most boards have not noticed. ico · enforcement · governance · regulatory
6 min
2025·09·23
The single-tin posture: why we still ship on a Dell Post 15 of the AI series. A single Dell PowerEdge R760, racked at the customer site, running the whole platform — analyst, inference, persistence, audit. The deployment shape the hyperscaler default would have us abandon, and why we have not. ai · soc · deployment · series
7 min
2025·09·15
What pen testing now actually buys you AI-assisted offensive tooling, cloud-native estates, supply-chain shaped scope — what pen testing in 2025 actually looks like, and what boards are still mis-reading in the deliverable. pen testing · craft · governance · ned
7 min
2025·08·23
The incidents that do not make the papers What three years on the CREST Incident Response Pan-Europe board has taught me about the work the headlines never cover, and the kind of firm a customer should actually want to be on the end of the phone with. crest · incident response · craft · standards
6 min