Cisco ASA to Firepower or FortiGate: a UK migration playbook
Cisco ASA is end-of-engineering for new features — the product line continues to receive security patches but Cisco directs all new investment to Fire…
Best EDR platform UK 2026: CrowdStrike vs SentinelOne vs Sophos vs Microsoft Defender XDR
CrowdStrike Falcon, SentinelOne Singularity, Sophos Intercept X, and Microsoft Defender for Endpoint / Defender XDR are the four endpoint detection + …
How to choose an EDR platform: a 7-question framework for UK IT teams
Most UK organisations evaluating EDR end up shortlisting CrowdStrike, SentinelOne, Sophos, and Microsoft Defender XDR — the four we cover in our head-…
Migrating from legacy VPN to ZTNA (Zscaler or Prisma Access): 90-day UK playbook
Legacy IPSec / SSL VPN concentrators were the model for the 2000s — they don't fit a hybrid-work, multi-cloud, M&A-active 2026 estate. Zero Trust Netw…
Best firewall UK 2026: FortiGate vs Palo Alto vs Cisco Firepower vs Juniper SRX
Most UK firewall RFPs land on the same shortlist: FortiGate, Palo Alto, Cisco Firepower, Juniper SRX. They all do NGFW + IPS + SSL inspection + ZTNA +…
Migrating from legacy AV to modern EDR (CrowdStrike or SentinelOne): UK playbook
Legacy signature-based antivirus (Symantec, McAfee, Trend Micro, ESET) is end-of-life for ransomware defence. Modern EDR — CrowdStrike Falcon, Sentine…
Best SASE platform UK 2026: Zscaler vs Palo Alto Prisma vs Netskope vs Cato vs Microsoft Entra Internet Access
Secure Access Service Edge (SASE) is now the default replacement for legacy VPN + perimeter firewall + URL filtering. The UK shortlist is Zscaler, Pal…
DSP Toolkit 2026 submission guide for NHS organisations
The Data Security and Protection (DSP) Toolkit is the annual mandatory submission for any UK organisation accessing NHS data. The 2025-26 version refr…
Server BMC and firmware security in 2026: the attack surface beneath the OS
Every server has a small computer inside it that almost no security programme watches: the baseboard management controller. The BMC - iDRAC on Dell, i…
ISO 27001:2022 Annex A control mapping for UK IT teams
ISO 27001:2022 restructured Annex A from 114 controls (2013 version) down to 93 — but the change is substantive, not cosmetic. The new structure organ…
Cyber insurance discounts: how Cyber Essentials Plus cuts UK SII premiums
UK cyber insurance premiums rose 50-200% across 2022-2024 as ransomware claims escalated. Cyber Essentials Plus increasingly attracts material discoun…
PCI-DSS 4.0 UK survival guide 2026
PCI-DSS 4.0 fully replaced 3.2.1 in March 2024, with the most-onerous new controls becoming mandatory in March 2025. UK retailers, hospitality groups,…
Cyber Essentials Plus 2026 UK buyer's guide
Cyber Essentials Plus (CE+) is the UK government-backed cyber certification scheme that has become a de-facto baseline for supplier-onboarding, insura…
How to pick a UK MSSP: 12 procurement questions
Most UK mid-market organisations evaluating Managed Security Services Providers (MSSPs) for SOC + MDR + incident response struggle to compare apples-t…
NIS2 UK implementation checklist 2026
The EU's NIS2 Directive came into force in October 2024. UK organisations with EU operations, EU customers, or supply-chain reach into EU "essential" …
UK GDPR for IT teams: DPIA, DSAR, data residency
UK GDPR (the post-Brexit version of EU GDPR) has been law since January 2021. The ICO's enforcement appetite increased significantly in 2024-25 — mult…
SOC 2 Type II readiness for UK SaaS vendors
SOC 2 Type II is an American certification (AICPA, designed for US-headquartered service organisations) — but UK SaaS vendors selling to US customers,…
DORA Article 30: what UK financial services firms need in their ICT third-party contracts
The Digital Operational Resilience Act (DORA) came into force across the EU in January 2025. UK-headquartered firms with EU subsidiaries, EU-licensed …