It's a People Problem

I had the privilege of being invited to the Cyber Leadership Symposium organised by Lancaster University and Templar Executives. It was a great event, bringing together many of our best cyber security leaders from government, public service, industry and academia to engage with each other and with us mere mortals. I am far from being a cyber leader, though I think I may have been the oldest and longest serving in the field: being a family company focusses your ambition and perhaps limits it. I had a few hidden agendas in attending. First, we are working with four students from the Lancaster MSc in Cyber Security on projects that are basically my brain children: some might say my pet projects or even 'bees in my bonnet' - more about them in a later post; so this was a nice opportunity to chat with those students and with their tutors, which was enjoyable and rewarding. Second, and perhaps because I have throughout my career worked with many students and new entrants to the profe

Early Years

 I always wanted to be a teacher. Well, not quite: I wanted to be a superhero with a magic flying Rolls Royce Silver Phantom: then, briefly, during Apollo, an astronaut, and then an RAF fighter pilot but they wouldn't have me because my eyesight wasn't good enough so I transferred to the Flight Navigator program but they rejected me for having no personality or leadership qualities. But by the time I applied to University I wanted to be a teacher: to study physics so I could be a primary school teacher and teach physics - and maths - differently, as I, in my teenage arrogance, felt it should be taught. I've wondered since why I felt that way: what was wrong with maths and physics teaching, that I wanted to go to University to study and learn how to teach it better? Mr Wyatt started it: he was our primary school teacher and he went on a year's teacher exchange to Canada and when he came back he showed us how to make hot air ballons out of plastic bags and cotton wool and

The Matrix That Isn't

 Being invited to offer a tutorial on the MATLAB and Gnu Octave matrix languages, for cyber security specialists, prompted me to revisit a question that has bothered me for some time. In cyber security, as in many other fields, a ‘Risk Matrix’ is a table of likelihood versus severity, into whose boxes one places various risk events. Likelihood times severity gives a useful metric for the ‘likely severity’ – called ‘impact’ - so we can focus our attention on the most likely and severe events. Likelihood Severity Low likelihood Medium likelihood High likelihood High severity High severity High severity Low likelihood Medium likelihood High likelihood Medium severity Medium severity Medium severity Low likelihood Medium likelihood High likelihood Low severity Low severity Low seve

Wave Watching

A few years back I found oceanographer Mirjam Gleesmer’s blog ‘Wave Watching’: which is just what it says: a fascinating and insightful blog about watching waves – and what we can learn from doing so, not only about waves but about what they traversed, reflected off, diffracted around, broke over… It spoke to me particularly because I was then watching waves almost obsessively: ripples on puddles, waves on our local lake, splashes from moorhens and coots and ducks on the canal; sea waves, coastal waves, every kind of wave. I wouldn’t quite say it risked losing me friends but people certainly got used to walking on and eventually looking back surprised to see me stopped staring at some interesting wave phenomenon. Although I became interested in those sorts of waves they weren’t the source of my interest: radio wave were. I’ve studied and worked with waves a lot: it’s a foundation topic in physics and electronics, and I’ve worked on soun