peter bassill · operator
$ ls writing/ -lt

writing.

Notes from the desk, not thought leadership. Specifics over slogans. If a piece couldn't earn its keep at a kitchen table, it didn't make it here.

Total · 114 pieces Latest · 2026·07·04 Page · 3 / 5 Locale · en_GB License · CC BY 4.0
$ grep -l tag:* | sort | uniq
2025·08·22 Carrying the pager: a list, not a manifesto Things you can only learn by being woken up by them. Plain language. No revelations promised. ir · operator · craft 5 min 2025·08·09 From prepositioning to action Iran has shifted its UK-facing cyber activity from quiet infrastructure presence to operational disruption. The NCSC's August advisory on Salt Typhoon names three Chinese firms. The trajectory of 2025 is no longer ambiguous. state-aligned · attribution · governance · cni 5 min 2025·08·05 Determinism and regulatory defensibility, eighteen months later Post 14 of the AI series. The bit-identical-inference property I wrote about in 2024 is showing up in regulatory drafting. What the Cyber Security and Resilience Bill drafting work suggests about how regulators are going to evaluate AI-driven security decisions. ai · regulation · soc · series 7 min 2025·07·26 Carrying the pager, revisited A reflection on a year of mature incident-response practice — what carrying the on-call pager has taught me about the shape of leadership, the cost of not training your successor, and what the work actually looks like at three in the morning. incident response · craft · leadership 6 min 2025·07·08 The thing an accreditation cannot do I have sat on the CREST European Council since 2022. This is what the work has taught me about what accreditation can and cannot do, and why I think the next chapter is harder than the last. crest · governance · craft · standards 6 min 2025·06·29 Synnovis, a year on One year after the Qilin ransomware attack on Synnovis took NHS pathology services in south-east London offline, what did we actually learn — and what is still unfixed? case-study · healthcare · ransomware · ned 7 min 2025·06·24 Agents in production, eighteen months on Post 13 of the AI series. The agent demos at RSA and Black Hat have got slicker. The agent in production cyber operations has, mostly, not arrived. The honest 18-month read on a category whose marketing has run ahead of its engineering. ai · agentic · soc · series 7 min 2025·06·14 What the retail wave actually cost M&S resumed online orders this week after 46 days offline. Co-op is counting £206m. Harrods got off relatively lightly. Three compromises, one actor, one Easter weekend — and a lesson UK retail boards are still digesting. retail · ransomware · scattered-spider · governance 6 min 2025·05·13 Cross-tenant intelligence: the privacy architecture problem Post 12 of the AI series. The architecture that turns one customer's experience into another's protection — without exposing either to the other. The privacy engineering problem nobody in the LLM space is talking about, and EmilyAI's seven principles. ai · soc · privacy · architecture · series 8 min 2025·04·01 Continuous learning at scale Post 11 of the AI series. EmilyAI has been learning from analyst feedback for six years. The LLM-as-frozen-artefact shape gets the operational properties of *the model that improves over time* structurally wrong. What that means in practice. ai · soc · learning · series 7 min 2025·02·18 Computer Use and the operator question Post 10 of the AI series. Anthropic's Computer Use, OpenAI's Operator, Google's Project Astra. The category where AI literally moves the mouse. What this shape changes for cyber operations — and how it reads against EmilyAI's tighter action vocabulary. ai · agent · operator · series 8 min 2025·01·07 Year in cyber AI 2024: what was real, what was not Post 9 of the AI series. The 2024 retrospective. Six security copilots shipped; one major outage reshaped the resilience conversation; reasoning models arrived; agents mostly did not. The honest read going into 2025. ai · retrospective · soc · series 8 min 2024·12·10 The law, the insurance, the incident plan, and the culture that holds it all together Year-end consolidation. Your UK GDPR obligations, cyber insurance, the one-page incident response plan you need, and how to build a security culture that lasts beyond this series. small business · cyber essentials · plain english · series 9 min 2024·11·26 Agentic AI, year one: the demo vs the deployment Post 8 of the AI series. AI agents in cyber operations have been demoed everywhere this year. The agent that actually ships looks different from the demo. The honest read after twelve months — and the shape of agent EmilyAI already is, not by accident. ai · agentic · soc · series 8 min 2024·11·19 Passing it on: to the next director, to your children Part 18 of 18, the closing post. The privacy work you have done over the last two years has to outlive you in the role. How to write it down, how to teach it, and how to make sure the people who inherit it can actually use it. privacy · series · ned · closing 6 min 2024·11·12 AI-powered threats — and the usage policy you actually need AI is making phishing better and deepfake fraud cheaper. It is also a real risk when your own staff paste customer data into ChatGPT. Both sides of the AI coin, and a simple policy that handles both. small business · cyber essentials · plain english · series 6 min 2024·10·22 Building a personal privacy posture Part 17 of 18. Sixteen posts of specifics, condensed into a posture rather than a list. The five sentences that should govern personal privacy for a board director and their household. How to keep it current. privacy · synthesis · ned · series 7 min 2024·10·15 The basics you can pick up and walk away with: physical security and social media Screen locks, premises, disposing of old kit, USB drives, social media account security, and the risks of oversharing. The unglamorous but high-leverage controls that prevent entire categories of attack. small business · cyber essentials · plain english · series 7 min 2024·10·08 Reasoning models: what o1 changes for SOC work Post 7 of the AI series. OpenAI's o1 launched in September with a different model shape — *think longer, reason step by step*. What this means for the SOC, where the gains are real, and where EmilyAI's purpose-specific architecture continues to win. ai · soc · reasoning · series 7 min 2024·09·17 The AI year, deepfakes, and what changes for children Part 16 of 18, last of the five children-focused posts. Generative AI changed what 'a picture of a child' can mean. What parents should be alert to in 2024, what is genuinely new, and the practical conversations that still work. privacy · children · ai · deepfake · series 8 min 2024·09·10 Backups: the only thing that recovers you from ransomware The 3-2-1 rule, what to back up, why testing your backups is more important than having them, and the specific changes that protect backups from modern ransomware. small business · cyber essentials · plain english · series 6 min 2024·08·27 Single-vendor concentration: the CrowdStrike lesson applied to AI Post 6 of the AI series. The July 2024 CrowdStrike outage was not an AI incident, but it tells us a great deal about where the AI-in-security market is heading. Why single-vendor concentration of intelligent agents is a structural risk worth modelling now. ai · soc · concentration · resilience · series 7 min 2024·08·20 CrowdStrike: cyber resilience without a bad actor Four weeks after the CrowdStrike Falcon update that took 8.5 million Windows machines offline, the post-mortem is in. The interesting question is not what CrowdStrike did wrong. It is what the rest of us did wrong by assuming this kind of event could not happen. resilience · supply chain · ned · governance 7 min 2024·08·13 Malware and the layered defence Antivirus is necessary but not sufficient. The defence-in-depth approach that actually catches malware — and how it joins up with everything else we have done this year. small business · cyber essentials · plain english · series 6 min 2024·07·23 Hotels, conferences, and public Wi-Fi Part 15 of 18, third and last of the travel posts. The day-to-day mechanics — the hotel network, the conference Wi-Fi, the airport lounge, the coffee shop on the way to the meeting. The small kit and habits that compound over a year of travel. privacy · travel · ned · series 7 min

back to home  ·  subscribe by email  ·  rss