Business Continuity

In this article, Katie Barnett, Director of Cyber Security, and Gavin Wilson, Director of Physical Security and Risk at Toro Solutions, warn that many organisations talk about convergence but stop short of true accountability. While cyber, physical and people risks are increasingly connected, ownership of those risks often remains fragmented. Different teams manage different parts of the picture, with no single leader responsible for how those threats combine. The result is blurred accountability, slow decision-making and gaps that only become visible during an incident. Barnett and Wilson argue that collaboration alone is not enough. Without clear authority, board-level visibility and a culture that supports joined-up thinking, risk continues to sit between functions rather than being actively managed. Convergence, they conclude, only works when someone is clearly accountable for the whole picture.

Who actually owns risk in a converged world?

In this article, Katie Barnett, Director of Cyber Security, and Gavin Wilson, Director of Physical Security and Risk at Toro Solutions, warn that many organisations talk about convergence but stop short of true accountability.

While cyber, physical and people risks are increasingly connected, ownership of those risks often remains fragmented. Different teams manage different parts of the picture, with no single leader responsible for how those threats combine. The result is blurred accountability, slow decision-making and gaps that only become visible during an incident.

Barnett and Wilson argue that collaboration alone is not enough. Without clear authority, board-level visibility and a culture that supports joined-up thinking, risk continues to sit between functions rather than being actively managed. Convergence, they conclude, only works when someone is clearly accountable for the whole picture.

Read More »
People not plans

People not plans

In this recent press piece, Toro Solutions’ Directors of Cyber Security and Physical Security and Risk discuss why resilience is about people, not paperwork.

They argue that most organisations don’t fall short because they lack plans, but because their teams operate in silos. When cyber, physical and operational functions fail to share context early, warning signs are missed and response slows down. Convergence, they explain, isn’t about restructuring it’s about getting the right people talking before small issues turn into bigger problems.

Because when pressure hits, it’s not the plan that makes the difference, it’s how well your teams work together.

Read More »
Interviews How threat actors really operate

How threat actors really operate

Most attacks don’t begin with a breach – they begin with a decision. In this article, Toro Solutions’ Directors of Cyber Security and Physical Security explore how modern threat actors quietly assess risk, observe behaviour, and exploit the spaces between cyber, physical, and human security. By understanding the converged pathways attackers follow long before an incident occurs, organisations can reduce exposure, improve early detection, and make themselves a far harder target.

Read More »
The NCSC Says “It Is Time to Act”, But How?

The NCSC Says “It Is Time to Act”, But How?

One theme runs through the NCSC’s latest Annual Review: resilience isn’t optional anymore and as Peter Connolly, CEO of Toro Solutions, points out, many organisations still haven’t built the foundations they need.

Connolly stresses that frameworks like ISO 27001 aren’t about box ticking. They give leaders a clear, practical way to weave security into everyday business, not just the IT team. “It’s a framework that forces you to look at people, processes and physical security as well as the tech,” he says. “Once that thinking becomes part of daily operations, you’re in a far stronger position when something goes wrong.”

His message fits closely with the government’s call for FTSE 350 boards to take cyber risk seriously: resilience has to be led from the top, and it has to be consistent.

Read the full piece to see how Connolly believes UK organisations can move beyond firefighting and start building the kind of resilience the current threat landscape demands.

Read More »
Converged Resilience

Converged Resilience

A candid discussion on converged resilience – bringing together leaders to share challenges, insights, and practical steps toward a truly integrated approach to security and risk.

Read More »

How Can Companies Avoid Major Cyber Attacks like JLR’s?

The recent cyberattack on Jaguar Land Rover (JLR) has sent shockwaves through the manufacturing sector. With production halted across the UK, China, Slovakia and India, and sensitive data affected, the incident shows just how quickly a single breach can disrupt an entire operation.

In a recent article published by Technology Magazine, Katie Barnett, Director of Cyber Security at Toro Solutions, was quoted highlighting the importance of spotting vulnerabilities across the supply chain early:

“Early detection of supply chain weaknesses is crucial to limiting the impact of such attacks.”

The attack also underscores the value of zero trust architecture in modern manufacturing, ensuring systems are designed to contain threats quickly rather than relying solely on traditional defences.

The full article explores the lessons JLR’s experience offers to businesses everywhere – from protecting operational technology to strengthening supplier networks – and provides practical guidance for avoiding similar disruptions.

Read More »