Two Tribes, One Fire

By Mike Wager | 20 November, 2025

A long simmering tension exists between Security Awareness and Business Resilience. When the two finally work as one, prevention strengthens recovery and recovery strengthens behaviour. This is where modern cyber culture grows up.  Behaviour ● Culture ● Human Risk If you’ve ever sat in a meeting where Security Awareness and Business Resilience glare at each…

Read More

When Learning Becomes Real

By Amy Stokes-Waters | 24 September, 2025

There’s a particular kind of madness in the corporate world where we ask people to defend their company from sophisticated cyber criminals, then hand them a slide deck with clipart padlocks and a three-question quiz at the end. It’s the equivalent of teaching someone to defuse a bomb by reading aloud from a manual. And…

Read More

The Myth of “Not My Job”

By Amy Stokes-Waters | 8 August, 2025

The strange thing about security rhetoric is how quickly it slides into fantasy. A few LinkedIn posts, a handful of panel quotes, and suddenly we’re entertaining the idea that security is not everyone’s problem, that it belongs to the blessed few sitting somewhere between IT, compliance, and a metaphorical fucking fire exit. It’s a seductive…

Read More

Don’t teach me anything.

By Birgitte Skorge-Steen | 2 July, 2025

John Oliver was joking when he barked that line at Edward Snowden. Yet it might as well be every employee staring down another mandatory cyber module. Beneath the comedy is a truth most organisations refuse to face. People do not reject cyber security because they are stupid. They reject it because the learning experience reeks…

Read More