Strathberg
Insights
Perspectives on cyber governance, operating practice, and regulatory change.
A lower-cost route to portfolio cyber confidence for mid-cap funds
Large funds manage portfolio cyber risk with dedicated teams. Mid-cap funds can reach the same confidence by a lighter route, turning cyber and technology posture into a value lever at exit.
George Mudie
NIS2 for UK groups with EU operations: why a federated model works best
NIS2 compliance should not become a central compliance machine. A federated model is more accurate, more cost-efficient, and more defensible than blanket rollouts.
Dan Vale
26 May 2026
What good cybersecurity maturity looks like in practice
A high maturity score does not mean a mature security function. Good maturity shows up in operating discipline, adoption discipline, and cost discipline.
Dan Vale
19 May 2026
NIS2, DORA, and the UK Cyber Security and Resilience Bill: what boards need to do
Three regulatory frameworks are converging on one expectation: boards must evidence oversight, not just receive reports. The question is whether governance is real.
Dan Vale
12 May 2026
Operational drift in cyber: why performance weakens before cost becomes visible
Operational drift in cyber rarely shows up first as a cost problem. It usually appears as a confidence problem — and by then the operating model has been under strain for some time.
Dan Vale
5 May 2026
Building GRC from scratch in a €20 billion retailer
Most GRC functions in large retailers look credible on paper. The gap between appearance and operating grip is where cost, confidence, and deal friction accumulate.
Dan Vale
28 April 2026