In April 2025 we saw Marks and Spencer virtually shut down for weeks by a ransomware attack, and the Co-op suffered a similar fate even though, by common consent, the attack on the Co-op was unsuccessful. They were the lucky ones: many companies never recover from such an event. We’ve seen credit ratings agencies leaking all their subject records, hospitals and transport systems being shut down, and military secrets being posted in public.

It seems almost every day brings news of another big hack, wrecking companies and compromising customers. How do systems administrators sleep at night?

I think, businesses get hacked because their systems are built to be insecure-by-design. What we need is an architectural approach to security. This might help.