General Discussion - Breaking Cyber Security

When Companies Ignore Their Security Teams: A Costly Disconnect

December 18, 2025

(Moved from old site. Originally posted June 25, 2025) Organisations often treat cybersecurity as an afterthought, especially if it conflicts with business goals. This can create a dangerous disconnect between security operations (SecOps) teams and management. Instead of trusting the expertise of in-house SecOps staff, some companies downplay warnings, insisting on external validation. In practice, this often…

Riding the Cybersecurity Startup Bandwagon: Half-Baked Products and Unintended Risks.

December 18, 2025

General Discussion

The cybersecurity market has become a hotbed of venture investment and hype, spurring a flood of startups pursuing the latest trends, from AI-powered detection to Extended Detection and Response (XDR) platforms. In 2020 alone, investors poured a record $7.8 billion into security startups, with insiders noting that “investors rush to get in on the ground floor…

Certifiably Secure? “Tick-box tooling” and the Illusion of Compliance in Modern Cybersecurity Certification

December 18, 2025

General Discussion

(Moved from old site. Originally posted 26 June 2025) IntroductionAcross the UK, and globally, organisations increasingly pursue certifications such as ISO/IEC 27001 and Cyber Essentials as visible signals of trust. In theory, that is sensible. Buyers want assurance, regulators want consistency, and boards want a measurable story about risk. In practice, certifications can accidentally reward…

Category: General Discussion

When Companies Ignore Their Security Teams: A Costly Disconnect

Riding the Cybersecurity Startup Bandwagon: Half-Baked Products and Unintended Risks.

Certifiably Secure? “Tick-box tooling” and the Illusion of Compliance in Modern Cybersecurity Certification