Insights
The AI Enabled Director
Plain-English writing on AI governance, cyber security, and emerging risk, written for the directors who carry the accountability rather than the technologists who build the systems.
Outlook Has No "Advanced Protection" Switch. The Reason Is the Lesson.
There is no Microsoft equivalent of Google's Advanced Protection, and once you see why, the whole series resolves into a single instruction: the organisation must own the account.
Moving Your Board's Email to Proton Won't Fix the Real Problem
Switching email providers feels like action. The governance gap is somewhere else entirely. The first of three posts on where board email really lives.
The Free Setting Every Director on Gmail Should Switch On Today
Google's Advanced Protection Programme takes ten minutes and costs nothing. It also won't fix the thing your board should actually be worried about.
What Directors Are Actually Doing with AI — And What They Should Stop
At least one director on your board is summarising the board pack in ChatGPT. No policy. No risk register entry. Here's what the FRC thinks about that.
The Board AI Policy You Can Write in an Afternoon
A step-by-step guide to producing a basic AI acceptable use policy for a UK board. Two pages. Three tiers. One afternoon.
Quantum Risk: What UK Boards Need to Know Now, Not Later
The encryption protecting your data today will be breakable. The NCSC says have a plan by 2028. Here's what that plan looks like for a UK board.
How to Share Board Materials Without Creating a Security Problem
A RAG-rated guide to the six methods boards actually use to distribute sensitive documents, and which ones you should stop using today.