James Blake

BREAKING: Middlesbrough Council has allocated £25,000 to cyber security for the next 12 months - safeguarding £300 million in public funds, services, and citizen data. That’s 0.0083% of annual turnover. Or £0.11 per resident. Or roughly the cost of a mid-range firewall and a motivational poster about password hygiene. In an era of ransomware-as-a-service, AI-driven fraud, and cascading supply chain breaches, this is a bold gesture - not toward resilience, but toward plausible deniability. What does £25,000 buy you in 2025? • A phishing simulation, two awareness emails, and a laminated “Think Before You Click” sign • A procurement trail proving “something was done” • A future FOI response that reads: “Cyber security measures were in place at the time.” Obviously tongue in cheek, as hopefully they’ve allocated more budget and resources toward cyber security than this, but it got my attention anyway. :) #CyberSecurity #LocalGovernment #DigitalRisk #SymbolicSpending #Middlesbrough #PublicSectorPriorities #Procurement #Accountability #LinkedInIrony

204

82 Comments

#CyberAlert | Foundations for OT cyber security We have joined international partners to release guidance for owners and operators on foundations for operational technology cyber security and asset inventory. Read it here: https://lnkd.in/esEEhNFc

54

3 Comments

*** 𝗖𝗣𝗗𝗣 𝗖𝗼𝗻𝗳𝗲𝗿𝗲𝗻𝗰𝗲 𝟮𝟬𝟮𝟱 *** First day of an insightful week at Computers, Privacy and Data Protection (CPDP) Conference as the EDPS actively engages in discussions on a range of key topics, from the evolving landscape of AI to combatting spyware and enhancing vulnerability management. Today, we had the opportunity to discuss: 𝗔𝗜'𝘀 𝗜𝗺𝗽𝗮𝗰𝘁 𝗼𝗻 𝗙𝘂𝗻𝗱𝗮𝗺𝗲𝗻𝘁𝗮𝗹 𝗥𝗶𝗴𝗵𝘁𝘀 Supervisor, Wojciech Wiewiorowski, shared his insights in a panel organised by the European Union Agency for Fundamental Rights titled "𝘈𝘴𝘴𝘦𝘴𝘴𝘪𝘯𝘨 𝘍𝘶𝘯𝘥𝘢𝘮𝘦𝘯𝘵𝘢𝘭 𝘙𝘪𝘨𝘩𝘵𝘴 𝘙𝘪𝘴𝘬𝘴 𝘰𝘧 𝘈𝘐: 𝘖𝘱𝘱𝘰𝘳𝘵𝘶𝘯𝘪𝘵𝘪𝘦𝘴 𝘢𝘯𝘥 𝘊𝘩𝘢𝘭𝘭𝘦𝘯𝘨𝘦𝘴 𝘈𝘩𝘦𝘢𝘥". The discussion focused on navigating the delicate balance between leveraging AI for societal benefits and safeguarding fundamental rights. In his intervention, the Supervisor spoke about the AI Act reinforcing the protection of fundamental rights, including the right to data protection, by requiring every high-risk AI system to undergo a prior identification and analysis of known and reasonably foreseeable risks to fundamental rights, and mandates the adoption of appropriate measures to mitigate any such risks. “The AI Act complements existing regulatory frameworks, therefore its implementation raises a number of challenges, in terms of interplay and possible overlapping - he said. Cooperation is the key word. The multiplication of regulatory frameworks is a response to the development of new technologies, which have profound implications on our societies, for better or for worse. Their effective implementation requires a close and strong cooperation among all stakeholders. At the EU level, we have launched the Digital Clearinghouse 2.0 to foster collaboration among competent authorities. 𝗦𝘁𝗿𝗲𝗻𝗴𝘁𝗵𝗲𝗻𝗶𝗻𝗴 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆: 𝗖𝗼𝗺𝗯𝗮𝘁𝗶𝗻𝗴 𝗦𝗽𝘆𝘄𝗮𝗿𝗲 Anna Buchta, Head of Policy and Consultation Unit, contributed to the Society for Civil Rights panel discussion "𝘊𝘭𝘰𝘴𝘪𝘯𝘨 𝘵𝘩𝘦 𝘋𝘪𝘨𝘪𝘵𝘢𝘭 𝘉𝘢𝘤𝘬𝘥𝘰𝘰𝘳: 𝘚𝘵𝘳𝘦𝘯𝘨𝘵𝘩𝘦𝘯𝘪𝘯𝘨 𝘝𝘶𝘭𝘯𝘦𝘳𝘢𝘣𝘪𝘭𝘪𝘵𝘺 𝘔𝘢𝘯𝘢𝘨𝘦𝘮𝘦𝘯𝘵 𝘵𝘰 𝘊𝘰𝘮𝘣𝘢𝘵 𝘚𝘱𝘺𝘸𝘢𝘳𝘦." The panel addressed critical strategies to enhance cybersecurity measures and protect against the threat of spyware. 𝗘𝗻𝗳𝗼𝗿𝗰𝗶𝗻𝗴 𝗗𝗮𝘁𝗮 𝗣𝗿𝗼𝘁𝗲𝗰𝘁𝗶𝗼𝗻 𝗶𝗻 𝗔𝗜 Fanny Coudert, Deputy Head of Supervision and Enforcement Unit, moderated the EDPS panel "𝘕𝘢𝘷𝘪𝘨𝘢𝘵𝘪𝘯𝘨 𝘙𝘦𝘨𝘶𝘭𝘢𝘵𝘰𝘳𝘺 𝘊𝘰𝘮𝘱𝘭𝘦𝘹𝘪𝘵𝘪𝘦𝘴: 𝘌𝘯𝘧𝘰𝘳𝘤𝘪𝘯𝘨 𝘋𝘢𝘵𝘢 𝘗𝘳𝘰𝘵𝘦𝘤𝘵𝘪𝘰𝘯 𝘪𝘯 𝘵𝘩𝘦 𝘍𝘪𝘦𝘭𝘥 𝘰𝘧 𝘈𝘐". This session explored the challenges and solutions to ensure robust data protection in the fast-paced world of AI development. Follow us to stay up to date on Day 2 of #CPDP25!

49

1 Comment

❗New Research - Cyber Security in CNI 2025❗ At last week's CNI Cyber Security Summit, we launched our annual research looking at the top cyber threats, trends and challenges facing UK CNI organisations in 2025. Now in it's fifth consecutive year, the research surveyed over 600 respondents across critical sectors. Some of our key findings were: 👉95% of organisations surveyed have experienced a data breach 👉41% of CNI organisations rank data protection as one of their biggest security challenges. 👉37% of CNI organisations have experienced costs in excess of £500,001 due to ransomware Read more ➡️ https://lnkd.in/eC8ceFsQ #CNIResearch2025 #CyberSecurity

28

1 Comment

Today we published the government's 🇬🇧 UK Cyber Security Sectoral Analysis 2025. It shows another year of very strong growth for the UK cyber sector: ⬆️ Sector revenue up by 12% ⬆️ Gross Value Added (GVA) up by 21% ⬆️ Employment up by 11% The UK cyber sector is a consistent high performer and we have been measuring this performance since 2017. The compound annual growth rate for sector revenue works out at 13%. While venture capital investment has not grown this year, investors surveyed remain bullish and there has been significant other investment activity in the UK market including mergers, acquisitions, loan and equity funding. https://lnkd.in/ea_fMdez Department for Science, Innovation and Technology / techUK / CyberFirst / National Cyber Security Centre / Plexal Cyber / UK Cyber Security Council / UKC3 - UK Cyber Cluster Collaboration / Cyber Security Academic Startup Programme

123

If you were too busy to note, the UK’s National Cyber Security Centre published its latest "Annual Review": https://lnkd.in/etWxVb2Y Notably, NCSC calls for “radical transparency” in technology, quipping that we know more about what’s in our sausages than our software. It’s a brilliant and frankly damning indictment. For too long, we’ve allowed critical business decisions to be made in a fog of technical jargon and ambiguity. We’ve hidden behind vague, qualitative statements that do more to obscure reality than illuminate it. The chief culprit seems to be the “risk appetite.” It has become a boardroom euphemism, a convenient way to justify underinvestment without a rigorous analysis of the consequences. A board states it has a “moderate risk appetite” and the conversation ends. But what does that actually mean? It’s a statement devoid of the specificity needed for effective governance. To achieve the radical transparency our industry needs, we must shift our entire mindset: from managing an ill-defined attack surface to managing a quantifiable risk surface. This requires a new engine room for security: the Risk Operations Centre (ROC) and a ruthless intolerance for ambiguity.

82

6 Comments

🚀 CISOs, CIOs, and CTOs – Your Expertise Can Shape the Next Generation of Cybersecurity Businesses! CyberSight25, led by the Wales Cyber Innovation Hub, is identifying 25 critical cybersecurity challenges that will define our industry by 2025. But solving these challenges requires more than just ideas—it demands visionary leadership and market-driven solutions. That’s where you come in. 🔹 Want to be recognized as a thought leader driving cybersecurity innovation? 🔹 Interested in mentoring and shaping the next generation of cyber entrepreneurs? 🔹 Looking to connect with groundbreaking startups and ensure market-fit solutions? Join us and The Alliances on our CyberSight PodCast series!! You can check out our first 6 challenges here 👉 https://lnkd.in/d2s2XkuT The Cyber Innovation Hub’s 12-month venture-building programme matches idea creators with budding entrepreneurs, guiding them from concept to launch. At the end of the programme, a new high-impact cyber business is born. To succeed, these ventures need insight from industry leaders like you—mentors who can provide real-world guidance, ensure solutions meet market demand, and introduce them to the right partners. 💡 Your leadership can help turn cutting-edge ideas into the next big thing in cybersecurity. Join us in driving innovation, fostering the next generation of cyber leaders, and ensuring the future of cybersecurity is built on real-world expertise. 🔗 Get involved today: drop me a message #CyberSight25 #CyberLeadership #CISO #CIO #CTO #CyberSecurityInnovation #Mentorship #VentureBuilding #ThoughtLeadership

43

1 Comment

The Home Office is making plans to strengthen the national Fire and Rescue Data Platform #FaRDaP - It has indicated in a market notice that it is looking for support in #cloud hosting, #infrastructure software, #application software, helpdesk services, continuous improvement and change management, with a projected value on the work of £3.2 million. https://lnkd.in/etVrsJ7i

18

1 Comment