Curious About

Category: Risk

  • The AI Boardroom Playbook – Approve Thoughtfully, Avoid Disaster

    The AI Boardroom Playbook – Approve Thoughtfully, Avoid Disaster

    Boards can’t blame the algorithm when AI goes wrong. Courts want human accountability. This guide shows how to govern AI projects without killing innovation—fix accountability, make oversight real, and distinguish between recoverable mistakes and catastrophic failures.

  • Cyber Risk is Business Risk: Why Security Belongs in the Boardroom

    Cyber Risk is Business Risk: Why Security Belongs in the Boardroom

    Cybersecurity is not a technical issue but a board-level ethical responsibility. Organisations make a promise to protect the data they collect, and failing to do so erodes trust, damages reputation, and creates strategic risk. Strong governance, honest risk decisions, and a security-driven culture are essential for leadership.

  • Stop Telling CISOs to ‘Stop Complaining’

    Stop Telling CISOs to ‘Stop Complaining’

    CISOs seem negative because you’ve created an environment that rewards negativity. You measure them on problems found, exclude them from planning, and ignore their proactive work. Change how you measure, engage, and fund security—and the “complaining” disappears. Most CISOs are already enabling business. You just need to notice.

  • The Board’s Cybersecurity Blind Spot

    The Board’s Cybersecurity Blind Spot

    Boards receive detailed cybersecurity presentations but leave meetings uncertain about actual business risk. Technical metrics like vulnerability counts fail to translate into meaningful governance insights. Effective oversight requires boards and management to collaborate, transforming cyber reporting from technical dashboards into business risk conversations that enable informed decision-making.

  • Cyber Risk Appetite – The Strategic Decision Every Board Must Master

    Cyber Risk Appetite – The Strategic Decision Every Board Must Master

    Setting a cyber risk appetite is a critical boardroom activity, defining how much risk a business can tolerate. Moving beyond technical metrics, boards must align cybersecurity with strategic goals using frameworks like NIST and MITRE ATT&CK. Clear governance and realistic stress-testing ensure resilience, fostering trust and competitive advantage.

  • AI’s Causal Illusion: A Hidden Threat to Business Decisions

    AI’s Causal Illusion: A Hidden Threat to Business Decisions

    LLMs simulate causal reasoning by recalling patterns from their training data, not by understanding cause and effect. This leads to a significant business risk: AI recommendations may seem confident but are often flawed, particularly in novel situations.

  • The language barrier that costs millions

    The language barrier that costs millions

    Security teams speak tech, boards speak money. This communication gap causes bad investments, slow crisis responses, and missed profits. The fix: translate technical risks into commercial impact using a simple table showing what could happen, business impact, probability, and costs.