Notes on running and leading technology.
Practical writing on IT management, fractional leadership, security and strategy. No thought leadership — just what we have found to be true.
What is DORA? A plain-English primer
The Digital Operational Resilience Act in five minutes — what it is, who it applies to, and the five things it actually asks for.
Achieving Cyber Essentials Plus: what the assessment actually involves
Cyber Essentials Plus adds a hands-on, audited test to the self-assessment. Here's what an assessor actually checks — and how to pass first time.
Cyber Essentials for financial firms: getting it, and keeping it
Cyber Essentials is the baseline clients, insurers and the FCA increasingly assume you have. Here's how to pass without drama — and not let it lapse.
DORA is in force: what it means for your firm's IT
The Digital Operational Resilience Act applies now. If you operate in or serve the EU, here's what it actually asks of your technology — in plain terms.
The security basics that prevent most incidents
The majority of breaches exploit the absence of ordinary controls, not the presence of clever attackers. Get the basics right first.
Explaining technology to a board that isn't technical
Boards don't need to understand the technology. They need to understand the decision. The translation is the job.
Outsourcing your IT without losing control of it
The fear with managed IT is dependence — handing over the keys and never getting them back. It does not have to be that way.
What good IT management actually looks like
Well-run IT is quiet. Nothing breaks, nothing surprises you, and the bill makes sense. Here is what sits behind that calm.
When to hire a fractional CTO — and when not to
Most companies don't need a full-time technology leader. They need senior judgement, at the right moments. Here is how to tell the difference.
Technology that simply works.
Let’s talk.
A 30-minute call, no obligation. We’ll listen to where you are and tell you plainly whether we can help.