St Georges Strategy

Signals / Cyber

Threats, vulnerabilities, identity, and response

The cyber page links threat and vulnerability signals to practical evidence: who owns the risk, what was tested, what was patched, and how the firm would recover.

Curated memory

Still material

These signals remain live after editorial review. Most stay for up to 90 days; exceptional structural anchors can remain for six months with a recorded reason.

  1. Structural referenceReviewed 9 Jul

    Basic control hygiene remains the first test of cyber governance

    Official guidance / NCSC 10 steps
  2. Structural referenceReviewed 9 Jul

    Identity and access management should be treated as a board-visible cyber control

    Official guidance / NCSC 10 Steps IAM
  3. Structural referenceReviewed 9 Jul

    Known exploited vulnerabilities should drive risk-based patch prioritisation

    Threat source / CISA KEV catalog
  4. 90-day windowReviewed 9 Jul

    NIST proof keeps continuous adversarial monitoring ahead of fixed AI guardrails

    Primary / NIST / 2026-06-09
  5. Structural referenceReviewed 9 Jul

    Incident management needs rehearsed decisions, not only technical playbooks

    Official guidance / NCSC incident management

Why it made the weekly brief

The editorial judgement

Cyber matters when it changes the evidence a firm needs to produce about exposure, response readiness, recovery, supplier control, and customer impact.

So what

Cyber is an operating-risk signal, not a technology sidebar

Threats only matter to the brief when they change service continuity, customer outcomes, legal notification, or board confidence.

Who cares

CISO, CIO, COO, resilience, legal, compliance, procurement, and boards

The same incident can trigger cyber, resilience, third-party, conduct, privacy, and regulatory-notification questions.

Evidence needed

Exposure, ownership, test results, patch decisions, and recovery evidence

Good assurance explains what is vulnerable, what is prioritised, what is accepted, and what happens if the control fails.

Cyber evidence checklist

What the reader should ask for

Cyber evidence should show how a threat becomes a governed decision and a tested operating response.