Blog:

On 2026-07-17
by Rhidian Jowers
Cybersecurity

The Perimeter Paradox: Airport Supply Chains and the Cyber Security and Resilience Bill

The Perimeter Paradox: Airport Supply Chains and the Cyber Security and Resilience Bill
Regulations for Airports The legislative progression of the UK’s Cyber Security and Resilience Bill represents an aggressive modernisation of the ageing Network and Information Systems (NIS) Regulations 2018. For airport operators, this legislation fundamentally alters the boundaries of legal accountability. While the enforcement mechanisms, with fines capped at the greater of £17 million or 4% [...]
  • Share

Discover all the latest releases

Replacement of Black Chromium - Qualification of a REACh compliant alternative

Replacement of Black Chromium – Qualification of a REACh compliant alternative

Context: Protecting Tungsten Weights Black chromium is a specific plating applied to tungsten substrates (heavy metal cores) used as balancing weights. These weights are critical for stabilising helicopter rotors and reducing vibrations.  While the coating is non-decorative (matte black) and set up for anti-reflective applications, its primary function here is anti-corrosion. It is widely used [...]

Read more
Beyond the alert: Engineering true resilience through a unified, AI-enhanced SOC Cybersecurity

Beyond the alert: Engineering true resilience through a unified, AI-enhanced SOC

Navigating the modern threat landscape is an ongoing challenge for UK Critical National Infrastructure (CNI) and Government organisations. As cyber threats grow more sophisticated and regulations tighten, the limitations of traditional, isolated "black box" monitoring become more apparent. When a complex incident occurs, a flood of automated notifications is rarely enough to ensure continuity; teams [...]

Read more
The human factor in security architecture Cybersecurity

The human factor in security architecture: Designing for usability without compromising security

In cybersecurity, conversations often focus on advanced threats and complex algorithms. Yet, a crucial element is frequently overlooked: the human factor. No matter how robust a security system, its effectiveness depends on how well it works with the people who use it. This highlights a fundamental challenge: designing for usability without compromising security. The inherent […]

Read more
Cybersecurity

The 120-Hour Threat: the timeline of a Devman 2.0 intrusion from VPN to Domain Admin

Key points Initial Access via Vulnerable Perimeter: The intrusion began with a compromised VPN appliance. While logging deficiencies obscured the exact entry mechanism, strong evidence suggests the Devman 2.0 operators leveraged a Remote Code Execution (RCE) exploit to hijack a valid account.  Living Off the Land & Open-Source Tooling: The attackers maintained a low profile [...]

Read more
Table mythos or mirage Cybersecurity

Mythos or mirage: The hidden burden of agentic security

The recent arrival of Claude Mythos Preview has been met with the usual industry fanfare, promising a new era of agentic security where AI finally moves from being a passive observer to an active defender. However, as we have seen with every previous iteration of machine learning in this space, unbridled enthusiasm usually precedes a [...]

Read more
product security Cybersecurity

What is Product Security?

Product Security: The invisible Shield.  In the era of modern and interconnected world, Product Security acts as an unseen defense whose tangible effects are clearly observed and felt in our daily lives. While Product Security and Cybersecurity are intrinsically linked, however, they diverge in their priorities especially within the Operational Technology and Critical infrastructure. Cybersecurity, [...]

Read more