Cyber Security, not a dirty word. The irony of our so-called security accreditation rules and regulations is that they are so inflexible that they leave us more vulnerable and less secure. The mob has obsessed with "reputational security" ever since the completely benign RN promotional website was hacked by a rank amateur for want of very basic housekeeping through readily available security patches which were never uploaded. There are still non secure pages (non https) on the promotional website.
Very often the people working in this specialist sphere are only "experts" because the job title on the door suggests as much. They even insist standalone laptops without intranet access and without protective data is encrypted and USB ports disabled. Risk management? Clueless.