- For years now, HR and finance departments have been viewed as high-value cyber targets because of the data they hold and the access they have to critical business functions. Finance teams control payments, payroll, supplier relationships, and financial approvals. HR teams manage sensitive employee information, recruitment processes, onboarding, contracts, disciplinary matters, and internal communications. From a cyber security perspective, both functions sit close to some of the organisation’s most valuable assets. That part is not new. What has changed is how attackers approach them. The modern threat landscape is no longer driven purely by technical exploitation. Increasingly, attacks succeed because ...read more
- In April 2026, one of the world’s largest online travel agencies, Booking.com, suffered a data breach. The company confirmed that customer booking information had been accessed by unauthorised parties, which exposed reservation data including names, email addresses, phone numbers, and travel details. And while the company has stated that payment information wasn’t compromised, the incident has still attracted a lot of attention. Unlike many breaches where stolen data is then sold or stored for later use, this incident highlights a growing trend in cybercrime: the use of genuine, real-time information to make scams more convincing. For businesses, the breach serves ...read more
- If a serious incident happened tomorrow, could you confidently explain your organisation’s decisions to a regulator, a board, or a customer six months later? For many senior leaders, this question now matters more than whether policies exist or controls are documented. UK regulators are increasingly judging organisations not on intent, but on how they behave under pressure, how quickly issues are understood, how decisions are made, and whether those decisions still stand up when scrutiny arrives after the event. This reflects a broader change in how oversight works. Regulators are no longer satisfied that organisations intended to manage risk well. ...read more
- I thought long and hard about writing this piece, and to be completely honest, I very nearly didn’t. But I have noticed a pattern in the conversations I’ve been having with women who are leaving tech, and it’s impossible to ignore. Whenever we talk about attrition, it is often put down to burnout. And that’s not surprising. More than two in five tech workers in the UK suffer from it, and it would be wrong to overlook the pressure, relentless pace, and scale of responsibility. However, based on the conversations I’ve been having, I am convinced that burnout isn’t the only answer. The UK cyber sector continues to grow, yet businesses continue to report skills gaps and struggles finding talent. On ...read more
- I was back in the local North East news this week talking about something that, increasingly, isn’t just a tech issue; it’s a parenting issue, a business issue, and quite frankly, a life skill. The Information Commissioner’s Office (ICO) has just launched its ‘Switched on to privacy’ campaign, and the reason behind it is clear. Their research shows nearly a quarter of primary school-aged children have already shared personal details like their real name or address online, yet one in five parents have never had a conversation with them about online privacy. That gap between what our children are doing ...read more

