Insights

The AI Enabled Director

Plain-English writing on AI governance, cyber security, and emerging risk, written for the directors who carry the accountability rather than the technologists who build the systems.

Board Email · Part 3 of 3

Outlook Has No "Advanced Protection" Switch. The Reason Is the Lesson.

There is no Microsoft equivalent of Google's Advanced Protection, and once you see why, the whole series resolves into a single instruction: the organisation must own the account.

6 min read
Board Email · Part 1 of 3

Moving Your Board's Email to Proton Won't Fix the Real Problem

Switching email providers feels like action. The governance gap is somewhere else entirely. The first of three posts on where board email really lives.

7 min read
Board Email · Part 2 of 3

The Free Setting Every Director on Gmail Should Switch On Today

Google's Advanced Protection Programme takes ten minutes and costs nothing. It also won't fix the thing your board should actually be worried about.

6 min read
AI Governance

What Directors Are Actually Doing with AI — And What They Should Stop

At least one director on your board is summarising the board pack in ChatGPT. No policy. No risk register entry. Here's what the FRC thinks about that.

7 min read
Practical

The Board AI Policy You Can Write in an Afternoon

A step-by-step guide to producing a basic AI acceptable use policy for a UK board. Two pages. Three tiers. One afternoon.

6 min read
Emerging Risk

Quantum Risk: What UK Boards Need to Know Now, Not Later

The encryption protecting your data today will be breakable. The NCSC says have a plan by 2028. Here's what that plan looks like for a UK board.

7 min read
Security

How to Share Board Materials Without Creating a Security Problem

A RAG-rated guide to the six methods boards actually use to distribute sensitive documents, and which ones you should stop using today.

8 min read