Building Cyber Resilience: Enterprise Architecture and ArchiMate for Strategic Security

14 Tuesday Oct 2025

Posted by in ArchiMate, Enterprise Architecture, Security

Leave a comment

Tags

, , , , , ,

The Boardroom Imperative

The NCSC Annual Review 2025 serves as a powerful reminder that cyber risk is no longer confined to the IT department. Instead, it has become a critical issue that demands attention at the highest levels of leadership. The NCSC report emphatically urges decision-makers to “open your eyes to the imminent risk to your economic security.” It makes clear that cyber incidents have the potential to disrupt essential operations, inflict lasting reputational damage and result in significant financial and legal repercussions.

In an environment where threats are ever-present and the risk of future threatsis growing rapidly, true organisational resilience depends on strategic foresight, thorough preparation and the capacity to recover effectively from attacks.

The pressing question then, is how organisations can translate these warnings and insights into practical action. A compelling solution lies in the adoption of robust Enterprise Architecture practices. Specifically the use of ArchiMate enables organisations to systematically document their enterprise landscape and the relationships between systems, providing the clarity needed to strengthen resilience.

Enterprise Architecture: A Blueprint for Cyber Resilience

The NCSC report makes it clear: cyber security is now critical to business longevity and success. It is not just about technology anymore. It is about understanding how your organisation operates, how systems interact and where vulnerabilities lie. The report calls for all business leaders to take responsibility for their organisation’s cyber resilience, moving beyond technical silos to a holistic, strategic approach.

Enterprise Architecture provides the blueprint for this approach. It helps organisations map out their business processes, applications, data and technology infrastructure. By visualising these elements and their interconnections, leaders can take meaningful steps towards resilience.

Key Benefits of Enterprise Architecture for Cyber Resilience

  • Identify critical assets and dependencies
  • Assess risk exposure across the enterprise
  • Plan for continuity and rapid recovery
  • Communicate cyber risk in business terms

ArchiMate: Documenting the Enterprise

ArchiMate is an open and widely adopted modelling language specifically designed for enterprise architecture. It allows organisations to create clear and consistent diagrams that illustrate how business processes, application landscapes, and technology layers align and interact with one another.

Using ArchiMate, organisations can achieve several key objectives:

Model business processes and their supporting systems – Providing a structured view of how core operations are underpinned by technology.

Map data flows and integrations between applications – Offering clarity on how information moves throughout the organisation and where potential integration points or vulnerabilities may exist.

Visualise technology infrastructure and network boundaries – Enabling a comprehensive understanding of the technology landscape and its security perimeters.

Document relationships and dependencies between systems – Ensuring that all critical interconnections and dependencies are recorded, which is essential for risk assessment and resilience planning.

This approach is particularly important in the context of cyber resilience. The NCSC report underscores that attackers often exploit the complexity and interconnectedness of systems. Without a clear understanding of how systems depend on and relate to each other, organisations risk overlooking critical vulnerabilities or being unable to recover swiftly from security incidents.

Source of diagram: https://www.opengroup.org/archimate%C2%AE-forum-0

The Importance of Documenting Relationships

The NCSC Annual Review emphasises that resilience extends beyond mere prevention; it encompasses an organisation’s capacity to continue operating and to recover effectively after a disruptive incident. One crucial aspect of building such resilience is the thorough documentation of relationships between systems. This practice serves several essential purposes:

Risk Assessment – A clear understanding of how systems depend on one another is fundamental for identifying single points of failure as well as recognising where cascading impacts may arise. By mapping out these dependencies, organisations can better anticipate and manage risks that might jeopardise operational continuity.

Incident Response – In the event of a cyberattack or other disruptive incident, having documented knowledge of system interconnections allows for quicker isolation and containment of threats. This, in turn, enables a more efficient recovery process, minimising downtime and damage.

Compliance and Governance – With regulatory bodies increasingly demanding proof of robust cyber risk management, having comprehensive documentation of system architecture provides the necessary assurance. It demonstrates a proactive approach to governance and supports compliance with industry standards.

Continuous Improvement – The technology landscape and threat environment are constantly evolving. Maintaining up-to-date architecture documentation ensures that organisations remain agile, capable of adapting to new risks, and able to reinforce their defences as needed.

Identification of Organisational and Technical Debt – Documenting relationships also helps in pinpointing areas of organisational and technical debt. This awareness is vital for planning improvements and ensuring that legacy issues do not compromise cyber resilience.

Practical Steps for Enhancing Cyber Resilience

The following practical steps outline how to leverage enterprise architecture tools and the ArchiMate framework to strengthen your organisation’s defences:

Utilise Enterprise Architects and Tooling – A good Enterprise Architect understands how to get the best out of modelling a business and systems. Use Enterprise Architecture tools such as ArchiMate to streamline the process of mapping and documenting your organisation’s systems and their interconnections.

Start with a Baseline – Begin by creating a high-level overview of your organisation’s business processes, applications, and underlying technology. This baseline serves as the foundation for understanding how different elements interact and where vulnerabilities may exist.

Identify Relationships – Carefully document all integrations, data flows, and dependencies within your system architecture. Paying particular attention to legacy systems and third-party connections, as these often present unique risks and challenges.

Assess and Prioritise – Use your architectural model to pinpoint critical assets. This enables you to prioritise resilience measures, ensuring that essential systems receive appropriate attention and protection.

Communicate – Share your documented architecture with key stakeholders, including board members, IT teams, and external partners. Clear communication ensures all parties are aware of the risks involved and the responsibilities required to mitigate them.

Review Regularly – Continuously update your system documentation to reflect changes in technology, emerging threats, and lessons learned from past incidents. Regular reviews ensure that your organisation remains prepared to adapt to an evolving threat landscape.

Keep a copy offline – Keep a copy of your models so that you can access them when you cant access you systems.

Further Reading / Sources

The Role of Enterprise Architecture in Fostering Innovation

The Power of Focus: Why Quiet Time Matters

07 Tuesday Oct 2025

Posted by in Uncategorized

Leave a comment

Life often feels relentless, with work routines sometimes even more hectic. Despite our best efforts to organise diaries and schedules, there always seems to be another task or meeting demanding our attention. Finding moments of genuine quiet can be a challenge, especially where multitasking and constant connectivity are the norms.

Technology has a big part to play in the distractions of today with email, chat, news, social media and information feeds poping up on devices causing momentary lapses in concetration to see that latest ping and respond in some format.

Applications such as Outlook can be used to automatically put “Focus Time” blocks of time in to a calendar automatically and turn on a do not disturb status, however, it is all too common for these sessions to be interrupted or overridden by the need to attend other meetings or respond to the information or request for help ping on the screen, making it difficult to protect this valuable time.

The importance and significance of quiet time and focus sessions cannot be overstated. This time is a powerful tool that can enhance focus, foster deep thinking, and ultimately lead to more innovative and effective work.

The Benefits of Quiet Time

Quiet time is an invaluable aspect of maintaining both productivity and well-being. It provides an opportunity to step away from the constant stream of distractions and demands that characterise modern life, particularly in fast-paced and technology-driven environments. By intentionally setting aside moments of silence and solitude, individuals can reap a range of benefits that enhance both their professional effectiveness and personal health.

Enhanced Focus: Dedicating time to work in a quiet environment allows you to concentrate on a single task without interruptions. Freed from the continual barrage of notifications and external stimuli, you are able to immerse yourself more fully in your work. This increased level of concentration often leads to greater productivity and results of a higher standard.

Deep Thinking: Complex problem-solving and innovative thinking are most effective when given time to develop without disruption. Quiet time creates the mental space required to ponder and explore ideas thoroughly. This uninterrupted period supports deeper thinking, enabling the development of creative solutions and insightful approaches.

Stress Reduction: The relentless pace and high demands of the technology industry can often be overwhelming. Setting aside quiet time offers a necessary respite, helping to alleviate stress and mental exhaustion. Regular periods of silence allow you to recharge, returning to your responsibilities with renewed clarity and energy.

Improved Decision-Making: When constantly bombarded with information, there is a tendency to make quick, sometimes ill-considered decisions. Quiet time provides the opportunity to process information more carefully, resulting in decisions that are more thoughtful and informed.

Boosted Creativity: Moments of silence and solitude are often when creativity thrives. By making time for quiet reflection, you can tap into your creative potential, leading to more original ideas and innovative approaches to your work.

How to Incorporate Quiet Time into Your Routine

Establishing quiet time as a regular part of your routine requires intention and planning. By taking simple yet effective steps, you can ensure that these periods become an integral part of your daily schedule, supporting focus, creativity, and well-being.

Schedule Quiet Time: Treat quiet time with the same importance as meetings or project deadlines. Allocate specific blocks in your calendar dedicated solely to uninterrupted work, and regard these times as non-negotiable appointments. Prioritising quiet time ensures that it becomes a consistent and valued part of your day.

Create a Quiet Space: Designate a particular area where you can work without interruptions. This could be a dedicated room, a comfortable corner, or even a peaceful spot outdoors. The key is to ensure the space is free from distractions and conducive to maintaining deep focus.

Set Boundaries: Communicate to colleagues and family members when you are observing quiet time, and ask for their cooperation in respecting this period. To further minimise disturbances, turn off notifications, silence your phone, and create an environment that supports undisturbed work.

Practice Mindfulness: Incorporate mindfulness techniques such as meditation or deep breathing exercises during your quiet time. These practices can help calm the mind, fostering a sense of readiness for focused work and greater mental clarity.

Reflect and Review: Use a portion of your quiet time to reflect on your work and progress. Activities such as journaling or note-taking provide space to process thoughts, assess achievements, and identify areas for improvement.

Further Reading

Research Papers

Blogs

Overcoming Mental Clutter for Improved Productivity
Journey to 21C Human – Getting your head space sorted
Adaptability: The Key to Thriving as a Technologist

Overcoming Mental Clutter for Improved Productivity

06 Monday Oct 2025

Posted by in 21st Century Human, Mindset

1 Comment

Tags

,

Mental clutter can reduce or block our thinking in creativity, decision making and emotional clarity providing the foundation for thoughtful decisions, creative problem-solving, mental clarity and resilience.

Mental clutter has a significant impact on our cognitive abilities. It can diminish or even block our capacity for creativity, sound decision-making, and emotional clarity. These qualities are essential for making thoughtful choices, tackling problems creatively, maintaining mental sharpness, and building resilience in the face of challenges.

Tools and systems now allow is to easily multitask, provide productivity hacks and drive to the zero inbox. Yet many feel overwhelmed by the mental clutter that accumulates silently in our cognitive workspace, which these solutions do not always address.

Understanding Mental Clutter

Mental clutter refers to the build-up of unresolved thoughts, persistent distractions, ongoing worries, and an overload of information in our minds. It operates as a kind of background noise, making it difficult to concentrate or maintain focus on important tasks.

Mental clutter often manifests as numerous ‘open tabs’ in our heads (Like the open tab on an internet browser) often consisting of thoughts and task such as unfinished ideas, pending decisions, and reminders that keep our attention fragmented. This can lead to:

  • Difficulty focusing or prioritising
  • Feeling mentally fatigued despite low physical effort
  • Overthinking or indecision
  • Reduced creativity or problem-solving ability

Key Consequences of Mental Clutter

  • Reduced Sprint Velocity: Mental clutter can slow down the pace at which you or teams complete work, making it harder to maintain momentum and meet deadlines.
  • Lower Quality of Retrospectives and Planning: When your mind or teams minds are overloaded, the depth and effectiveness of reflections and future planning sessions diminish, leading to missed opportunities for improvement.
  • Negative Impact on Team Dynamics and Communication: An overloaded mind can cause misunderstandings, reduce collaboration, and make it challenging to communicate clearly and within a team.
  • Burnout and Disengagement: Prolonged exposure to mental clutter may result in team members feeling exhausted or disconnected from their work, ultimately risking burnout and a drop in engagement.

Strategies to Declutter Your Cognitive Workspace

Taking steps to reduce mental clutter is not merely a personal wellness strategy, but an essential strategy for enhancing productivity and effective leadership within teams. Actively addressing mental clutter can help you and a team foster a healthier, more focused, and productive working environment. Here are some strategies that can help you create a clearer cognitive workspace:

  1. Externalise Your Thoughts: The process of writing things down aids in organising and prioritising your thoughts and ideas, allowing them to be more manageable and actionable. Using tools such as journalling and mind mapping can help.
  2. Practice Cognitive Offloading: Avoid depending on your memory to keep track of tasks, reminders, or decisions. Utilising task lists, calendars, task boards, and AI tools can reduce your mental load, allowing focus on what matters the most.
  3. Limit Context Switching: Group similar tasks together to minimise unnecessary transitions. Reduce the times you switching between meetings, emails, and periods of concentrated work. Book focus slots in calendar to concentrate on a task without disruption.
  4. Declutter Your Digital Environment: Take time to tidy your digital workspace. Maintaining a clean digital environment supports mental clarity and helps you concentrate on your priorities.
  5. Use Reflection to Close Mental Loops: Unfinished thoughts and unresolved issues, which are often referred to as “open loops” and can weigh heavily on your mind. Incorporate daily or weekly periods of reflection to address these. Ask yourself:
    • What’s unresolved?
    • What can I let go of?
    • What needs action?
  6. Embrace Mindfulness and Stillness: Incorporate brief moments of stillness into your routine. Simple activities such as breathing exercises, taking a walk and meditation can help reset your mental state and reduce internal noise.
  7. Set Boundaries for Information Intake: Reduce and be selective about the information you allow into your cognitive space. Reduce your screen time in some apps and unsubscribe from unnecessary sources of noise in social feeds. Prioritise and schedule specific times for learning developing your growth mindset. A PKMS (Personal Knowledge Management System) can help sort the right information to consume.
  8. Dont be afraid to fail: Every failure provides an opportunity to learn. Whether this is a missed deadline, code bug, or something else, there is always a learning and something for you to gain from the experience.

“Your mind is for having ideas, not holding them” – a core principle from productivity expert David Allen, Getting Things Done (GTD) methodology,

Further Reading

Getting Things Done (GTD) methodology

Journey to 21C Human – Getting your head space sorted
2025 PKMS Updates: Boost Productivity and Knowledge Retention
Mastering the CPD Cycle for Professional Growth
Journaling my Daily Musings
Stay Ahead of the Curve: Essential Strategies for Technologists to Stay Informed
Turning Failures into Success: The Mindset of Failing Forward for Technologists
Mastering Performance Under Pressure: The Importance of Training
Adaptability: The Key to Thriving as a Technologist

Harnessing the Power of Informal Conversations for Innovation

27 Wednesday Aug 2025

Posted by in 21st Century Human, Innovation, Technologists Toolkit

Leave a comment

Tags

, ,

With constant deadlines, rapid innovation, and nonstop information, it’s easy to overlook the simple human factors that drive our best insights. One such element is casual conversation, unplanned, informal discussions that take place over beverages like tea or coffee (other beverages available).

These are often called “Watercooler Moments,” but with remote work, they’re more like “Video Chat Moments”. These moments, often seen as small breaks in the day, hold the potential to teach us profound lessons.

The Power of Unstructured Dialogue

Casual conversations differ from structured meetings by being spontaneous and unplanned, encouraging open idea exchange without a set agenda. This lack of structure allows for genuine exchange of ideas without the pressure of an agenda.

Where innovation thrives on creativity, these unstructured dialogues can spark new ideas and approaches that might not emerge in formal settings.

Building Relationships and Trust

Taking time to share a cup of tea or coffee with your colleagues does more than simply break up the workday by laying the groundwork for genuine camaraderie and mutual trust.

Informal interactions among team members contribute to a greater sense of belonging and cultivate an environment where individuals feel respected and acknowledged. Such exchanges enable colleagues to connect on a personal level, thereby facilitating more effective collaboration and communication.

Trust serves as the cornerstone of successful collaboration, while informal interactions contribute to fostering collegial relationships and facilitating cooperation towards shared objectives. Teams that engage in effective informal communication are typically better equipped to manage formal deliberations and address challenges constructively.

Learning from Diverse Perspectives

Engaging in informal dialogue encourages the exchange of diverse perspectives. In a comfortable environment, individuals are more inclined to contribute their experiences and viewpoints. Considering these varied insights can enhance comprehension and enable a multifaceted approach to challenges and solutions. This is especially relevant in the technology sector, where innovation frequently emerges from the integration of different ideas.

Reflecting on Personal and Professional Growth

Pausing for a tea/coffee break offers much more than a simple moment of respite, by providing a period of thoughtful reflection.

These informal breaks let you and your colleagues discuss personal and professional experiences. Sharing challenges and accomplishments in a relaxed setting can clarify goals, reinforce insights, and support growth.

Sharing your thoughts with trusted peers helps clarify ideas and invites valuable feedback. Conversations with colleagues can offer new perspectives, solutions, and encouragement, especially when diverse experiences are involved.

Inspiring Creativity and Innovation

Casual conversations can encourage creative thinking, without the restrictions of a formal meeting agenda. You and your colleagues may feel more at ease to share unconventional ideas and discuss hypothetical scenarios. These exchanges sometimes result in solutions and ideas that might not arise in structured settings.

Promoting Well-being and Work-Life Balance

Taking a break also helps as a reminder to step away from the screen, decompress, and enjoy a moment of human connection. These breaks can reduce stress, improve mood, and boost overall productivity. A healthy work-life balance is essential for sustained performance in an industry.

When is your next informal discussion?

The Impact of Enterprise Architecture on Innovation Culture

23 Wednesday Jul 2025

Posted by in Enterprise Architecture, Innovation

Leave a comment

Tags

,

Enterprise Architecture (EA) can play a pivotal role in fostering innovation by providing a structured approach to aligning technology with business goals.

However, innovation does not happen in isolation. It requires an innovation mindset being embedded into the very fabric of an organisation’s mindset and culture.

EA as the Framework for Innovation

EA is one of the catalysts that can enable this and provide the blueprint that makes this possible. The Role of Enterprise Architecture in Fostering Innovation goes into more detail on what an EA’s role is in innovation.

Rather than existing as a static blueprint, EA functions as a dynamic system that connects strategy, processes, people, and technology, creating an environment in which innovation can thrive at scale and speed. Enabling organisations to break down entrenched silos, fostering collaboration and enabling the free flow of information across it’s business units.

By mapping the relationships between different components of the enterprise, EA exposes inefficiencies and redundancies, providing clarity on where innovation efforts can have the most impact. This systemic visibility ensures that creative ideas do not remain isolated within departments but can be shared, refined, and implemented organisation-wide.

EA plays a pivotal role in integrating emerging technologies (such as artificial intelligence (AI), quantum and advanced analytics) into existing business models. Through a well-architected and constructed framework and model an organisation can assess the readiness of their infrastructure, applications, security, evaluate the risks, and identify the most valuable opportunities/outcomes for innovation and transformation. As an example, EA can guide the implementation of AI-powered customer service platforms by ensuring alignment with existing data governance policies and operational workflows, thereby accelerating adoption while managing complexity.

Another key function of EA is the establishment of robust feedback loops. These loops enable organisations to continuously evaluate the effectiveness of new initiatives, collect insights from stakeholders, and iterate rapidly.

Through the use of structured innovation labs, cross-functional workshops, and digital collaboration tools, EA helps embed a culture of learning and adaptation. Having a growth mindset is a key factor for both the orgainsation and individuals. As a result, organisations become more resilient and responsive, capable of pivoting strategies in response to evolving market conditions or technological advances.

The Design Mindset as a Catalyst for Innovation

Another catalyst for innovation is having a design mindset.

A design mindset (using “design thinking“), is more than having the ability to think creatively, it is a way of seeing, framing, and solving problems that are often unarticulated or complex. A design mindset enables you to move fluidly between problem identification and solution development, fostering a culture of curiosity, experimentation, and continuous learning. This mindset is deeply linked to innovativeness, which is defined by the willingness to adopt new ideas, master new knowledge, and tolerate uncertainty throughout the innovation journey.

Cultivating a design mindset within an organisation means fostering a willingness to challenge assumptions, explore alternative perspectives, and embrace ambiguity. It encourages people to seek out new ideas, rapidly test hypotheses, and iterate based on feedback, all while remaining open to unexpected outcomes.

Crucially, the design mindset fuels innovativeness—the organizational trait defined by readiness to adopt novel approaches, quickly assimilate emerging knowledge, and confidently navigate the uncertainties that inevitably arise during the pursuit of innovation. By embedding this mindset into the cultural fabric, organisations can unlock their collective creative capacity and drive meaningful, sustainable change at scale.

The journey toward sustained innovation is neither accidental nor effortless. By embedding both EA and design mindsets into their core, organisations can unlock remarkable potential, foster resilience, and lead with purpose in the face of constant change.

Further Reading

The Role of Enterprise Architecture in Fostering Innovation
Mastering Performance Under Pressure: The Importance of Training
Embracing Humility: Staying Open to Feedback and Continuous Improvement in Tech
Turning Failures into Success: The Mindset of Failing Forward for Technologists
Using the best of the Q Continuum
Stay Ahead of the Curve: Essential Strategies for Technologists to Stay Informed
Mastering the CPD Cycle for Professional Growth

UK Compute Roadmap 2024: Transforming National Infrastructure for AI, HPC & Digital Growth

22 Tuesday Jul 2025

Posted by in Uncategorized

Leave a comment

The United Kingdom (UK) Government’s newly published Compute Roadmap sets out a bold vision for transforming the nation’s computing infrastructure. As digital needs grow in fields like Analytics, artificial intelligence (AI), Quantum, and climate modelling, the roadmap details how the UK will expand its computing power to stay competitive and technologically independent.

The roadmap has a focus on compute power which is a fundamental basis of the paper to contemporary innovation. Compute underpins advancements such as large language model training, complex system simulations, and real-time data analytics. (However it should also be noted that applications and data that play a big part in this success as well). High-performance computing (HPC) and AI infrastructure serve as strategic assets essential for progress, a priority recognised within the roadmap.

Key Components of the Roadmap

Here are some of the key components extracted from the roadmap:

World-Class Infrastructure

The UK is committed to developing a federated national compute ecosystem that will integrate exascale systems, AI accelerators, and cloud platforms. This initiative includes significant investments in new data centres and enhancements to current facilities.

Access and Usability

Ensuring broad access is central to the roadmap’s objectives. It outlines the creation of unified platforms and intuitive interfaces, enabling researchers, small and medium-sized enterprises, and public sector organisations to utilise compute resources effectively.

Sustainability and Skills

Sustainability remains a core focus, with the roadmap advocating for energy-efficient architectures and environmentally responsible data centre practices. It also highlights the importance of workforce development through programmes designed to cultivate future compute specialists.

Implications for Industry and Government

For organisations operating in this landscape, the roadmap presents clear opportunities to align with national priorities. This roadmap highlights that compute strategy extends beyond hardware, serving as a catalyst for transformation at scale.

Future Outlook

As the UK advances toward a compute-driven future, collaboration among government, academia, and industry will be critical. Whether focused on AI model development, network security, or public service delivery, the roadmap provides a coherent direction and encourages collective action.

Thoughts on the Roadmap

The roadmap does provide steps forward to shape a resilient, innovative and inclusive digital future. The commitment to accessibility ensures that the benefits of these advancements extend across academia, industry, and public services, while a collaborative spirit strengthens the nation’s capacity to address both present and emerging challenges. The challenge as always is ensuring that everything in the roadmap is implemented and the benefits realised.

Further Reading

UK Compute Roadmap

The Technologist’s Odyssey: A Modern Epic Inspired by Homer

19 Monday May 2025

Posted by in 21st Century Human, Mindset, Story Telling, Technologists Toolkit

Leave a comment

Tags

, , , , , , , ,

One of the skills a technologist needs and draws on is the ability to tell stories to help reach the goals and outcomes of the task at hand. So as a bit of fun, here is a comparison of today’s technologist and Homer’s Odyssey, drawing parallels between ancient adventures and modern innovation.

The journey of a technologist is much like the grandeur of an epic odyssey – an endless pursuit fuelled by curiosity, innovation, ingenuity, and the drive to reshape the world.

One of the skills a technologist needs and draws on is the ability to tell stories to help reach the goals and outcomes of the task at hand. So as a bit of fun, here is a comparison of today’s technologist and Homer’s Odyssey, drawing parallels between ancient adventures and modern innovation.

In Homer’s timeless masterpiece “The Odyssey”, we are taken on a journey of perseverance, discovery, and triumph over adversity. The tale of Odysseus navigating treacherous seas and facing formidable challenges resonates deeply with the modern odyssey undertaken by technologists today. While the landscapes may differ—one physical, the other digital—the indomitable spirit of curiosity, resilience, and ingenuity binds these stories across centuries.

The modern odyssey is a voyage of a technologist (in this case) marked by relentless exploration, failures (including learnings) and triumphs and a desire to transcend the limitations of today to and the promises of the future carve out the possibilities of tomorrow.

To quote a phrase that is often attributed to Homer’s The Odyssey but isn’t in translated text – “The journey is the thing.” This phrase emphasises the process which you go through in reaching your destination or goal (exploration, learning, failure, strength and growth).

Not every journey has a map, but you can chart your journey for others to follow. Although not every journey will be the same a guide helps keep you on the path.

The Hero’s Call: Beginnings of the Journey

In “The Odyssey”, Odysseus’s journey begins with the call to return home after the Trojan War. His longing for Ithaca symbolises a burning desire for purpose and belonging. This echoes the genesis of a technologist’s journey beginning usually with an ask to meet a business outcome, with the voyage being accepted often sparked by curiosity and wonder.

Whether it’s creating an architecture and system, dismantling an existing one to uncover its secrets or writing their first lines of code, technologists, too, experience their own call to adventure. The purpose of the journey being set by the outcome / goal to be achieved.

Homer writes, “Tell me, O Muse, of that ingenious hero who travelled far and wide…” (*The Odyssey*, Book 1), capturing the essence of exploration and ingenuity. For technologists, this “travelling far and wide” takes the form of navigating uncharted territories of innovation, driven by the same thirst to discover and create.

Trials and Tribulations: Overcoming Challenges

The path of innovation is rarely straightforward, much like Odysseus’s voyage through turbulent seas. Technologists encounter numerous challenges—developing solutions to existing problems, debugging seemingly insurmountable errors, adapting to rapid technological changes, and resolving complex issues. The ambiguity often faced by technologists requires an understanding and adaptation to change, both personally and professionally. Developing the ability to navigate uncertainty and act without complete information is essential, while also forming new habits that facilitate acceptance and management of change.

Odysseus’s encounter with the Cyclops Polyphemus teaches a valuable lesson about resourcefulness. “My name is Nobody; my mother and father call me Nobody…” (*The Odyssey*, Book 9) exemplifies his cleverness in overcoming adversity. Similarly, technologists use their creativity and problem-solving skills to “outwit” the hurdles that block their path toward innovation.

Challenges foster growth, helping technologists build resilience and enhance their skills. Overcoming obstacles leads to new discoveries.

The Collaborative Spirit: Navigating Together

A significant similarity between *The Odyssey* and a technologist’s path is the role of collaboration. Odysseus’s crew supports him throughout his journey, highlighting teamwork in overcoming challenges. Homer writes, “So we sent out two picked men and a herald as third…” (*The Odyssey*, Book 9).

In the field of technology, collaboration is important. Teams of technologists exchange ideas, learn from each other, and leverage their combined strengths. This collective effort leads to significant innovations that expand the possibilities. This teamwork emphasises that no substantial progress is made independently (Pack Learning).

Moments of Revelation: The Spark of Innovation

Technologists have moments where ideas become reality, similar to Odysseus’s moments of clarity and accomplishment. These are the instances when a concept transforms into significant innovation. For example, Odysseus’s escape from the Sirens – “I stopped the ears of my men with wax…” (*The Odyssey*, Book 12) – illustrates human problem-solving and planning.

For technologists, these moments are comparable to developing a new solution, using emerging technologies, or creating the next innovative thing. Each milestone represents not only technical progress but also the results of creativity, collaboration, and effort.

Redefining Horizons: A Journey with Purpose

Ultimately, Odysseus’s journey is about finding Ithaca, which represents both home and the culmination of his experiences and perseverance. For technologists, their Ithaca is the continually changing field of technology, innovation and growth. The pursuit of innovation involves not just reaching the outcome / goal of the task, technical progress and growth in knowledge, but also purpose, collaboration, and human elements.

Homer’s words, “There is nothing worse for mortals than a wandering life…” (*The Odyssey*, Book 15), highlight the importance of having direction and meaning in our journeys. For technologists, their journey involves continuous learning, exploring new areas, and redefining possibilities. Set your goals and have a vision of where you want your journey to take you.

It is important to note though that the journey of learning and knowledge is one that is continual, with some rest stops along the way.

Further Reading

Mastering Performance Under Pressure: The Importance of Training
Embracing Humility: Staying Open to Feedback and Continuous Improvement in Tech
Turning Failures into Success: The Mindset of Failing Forward for Technologists
Using the best of the Q Continuum
Stay Ahead of the Curve: Essential Strategies for Technologists to Stay Informed
Mastering the CPD Cycle for Professional Growth

Understanding the EU Cyber Resilience Act

24 Thursday Apr 2025

Posted by in Applications, Certification, Programming

Leave a comment

Tags

, ,

The EU Cyber Resilience Act (CRA) is a significant piece of legislation that establishes a common set of standards and requirements on various types of software, including open source, to ensure cybersecurity and resilience. Products will bear the CE marking  to indicate that they comply with the CRA requirements.

The CRA entered into force on the 10th December 2024 with parts of the act coming into place with the full act coming into force on 11 December 2027.

Key requirements of the act:

  • The Act mandates compliance strategies for digital products and outlines how to navigate uncertainties in the law, particularly for open source software
  • It includes provisions for ICT risk management, incident reporting, resilience testing, and third-party risk management 

To help gain and understanding of the CRA, The Linux Foundation and Open SSF have recently launched a course: The Linux Foundation – Understanding the EU Cyber Resilience Act (CRA) (LFEL1001)

I have to thank a former colleague for posting about it on LinkedIn which drew my attention to the course. Having taken the the course I found it to be very informative and provides a good overview. There are useful links and material that can be used for further research into the CRA.

The course is presented in 4 chapters which cover:

  • Course Introduction
  • CRA Overview and Key Concepts
  • Requirements and Conformity Assessments
  • Adapting to the CRA

Upon taking a final exam, a digital badge is awarded.

I would recommend the course to anyone wanting a greater understanding of CRA and looking to implement it. 

Key Steps for a Successful Migration to Post-Quantum Cryptography

20 Thursday Mar 2025

Posted by in Quantum, Security

1 Comment

Tags

, , , , , ,

With quantum computing progressing, transitioning to post-quantum cryptography (PQC) is crucial. Quantum computers threaten current cryptographic systems by efficiently solving complex mathematical problems used in asymmetric Public Key Cryptography (PKC).

Post-Quantum Cryptography (PQC), or quantum-resistant cryptography, develops algorithms secure against quantum computer attacks, which uses problems quantum computers can’t solve efficiently.

The NCSC (National Cyber Security Centre) has released the “Timelines for migration to post-quantum cryptography” today (20/03/25), detailing steps organisations need to take to protect against Post Quantum Cryptography (PQC).

The national migration to PQC is a major technological shift that will take years and it is important that organisations start now. The NCSC provides guidance on early-stage migration activities and sets timelines for UK industry, government, and regulators. These timelines apply to all organisations, especially large ones, critical infrastructure operators, and those with custom IT systems.

Key Milestones

As highlighted in the report the key milestones are:

  • By 2028: Define migration goals, conduct a full discovery exercise, and build an initial migration plan.
  • By 2031: Carry out early, high-priority PQC migration activities and refine the migration plan.
  • By 2035: Complete the migration to PQC for all systems, services, and products.

Migration Strategy Selection

Organisations have several options for migration detailed in the report.

  • In-place migration: Replacing vulnerable PKC components with PQC equivalents.
  • Re-platform: Switching to a new or upgraded platform that supports PQC.
  • Retire the service: Setting a future date for withdrawal.
  • Tolerate the risk: Continuing to operate without mitigation.

What to do next?

The report highlights a series of steps you should take next with an expectation of 2-3 years timeline to migrate to PQC.

Given the intricacies involved in PQC migration, looking at external help should be considered through a company/consultancy with expertise in cryptographic assessments and migration strategies. They can provide invaluable support in several key areas:

  1. Comprehensive Assessment: Conducting a detailed discovery and assessment of your current cryptographic infrastructure, identifying vulnerabilities and dependencies that need to be addressed.
  2. Tailored Migration Plan: Develop a customised migration plan that aligns with your organisation’s specific needs and regulatory requirements. This plan will include timelines, resource allocation, and risk management strategies.
  3. Expert Recommendations: Leveraging deep knowledge of cryptographic technologies, can recommend the most suitable PQC algorithms and protocols for your systems. Provide guidance on integrating these new technologies without disrupting your existing operations.
  4. Ongoing Support: Throughout the migration process, offering continuous support, ensuring that your transition to PQC is seamless and that any issues are promptly addressed.

Are you considering PQC migration yet?

Further Reading

NCSC Report: Timelines for migration to post-quantum cryptography

Understanding ISO/IEC 42001: A Course Review

27 Thursday Feb 2025

Posted by in AI, Technologists Toolkit

1 Comment

Tags

,

There has been a lot in the news recently on AI standards and whilst watching a recent panel discussion on the Global State of AI standardisation on YouTube I picked up on the announcement of a course from AIQI Course on ISO/IEC 42001.

The course is aimed at Implementation Teams and Senior Leadership, however I would recommend this course having just completed it myself to anyone interested in AI and wanting to know more about the standard.

The learning objectives set out on the AIQI website are:

  • Understand the structure and key requirements of ISO/IEC 42001
  • Identify and analyze organizational context and requirements for AI management systems
  • Apply the standard’s framework to implement an effective AI management system
  • Understand relationships and differences between the standard and other relevant AI policies

I would recommend the course to anyone wanting a greater understanding of ISO 42001 and looking to implement it. The course contains a lot of useful information and is well structured and formatted stepping through the standard and how it can be implemented. Also how the standard works with other standards and frameworks.

The course also provides a workbook that can be downloaded to help through the course, but more importantly used with your business/organisation when looking to implement the standards.

It would have been nice to see a digital badge awarded at the end, however here is a screen grab of my completion of the course.