Opinion & Analysis
Commentary
Practitioner perspectives on security strategy, threat trends, and industry challenges. Opinionated, argued from experience, and written for professionals in the trenches — not the boardroom.
Patch Tuesday Is Not a Patching Programme — It's Proof We've Accepted Defeat
Microsoft patched 167 vulnerabilities in a single Tuesday. We treated it as routine. That reaction — more than the vulnerabilities themselves — is what should concern every security leader.
James Calloway
Head of Vulnerability Management, Global Financial Services
We Need to Stop Pretending TOTP Is Secure — AiTM Phishing Won That Battle
The FBI just dismantled a phishing kit that bypassed MFA for 17,000 victims. The kit cost $500. We keep deploying TOTP and calling it secure. It isn't, and we've known that for years.
Priya Menon
Principal Security Architect, Identity & Access Management
Your Threat Intelligence Feed Is a Library With No Librarian
Most organisations buy threat intelligence. Very few operationalise it. The gap between the feed arriving and an analyst actually using it to change a decision is where threat intel programmes go to die.
Marcus Oduya
Threat Intelligence Lead, Critical National Infrastructure