Rockstar Library

What Regulators Mean by “Ongoing” Cyber Assurance

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Simon Sharp

Feb 2, 2026 11:59:59 PM

Regulators rarely define requirements in technical terms. Instead, they use words like reasonable,...

From “Are We Secure?” to “Can We Prove It?”

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Simon Sharp

Feb 1, 2026 11:59:59 PM

“Are we secure?” is the wrong question.

Why One-Off Cyber Audits No Longer Provide Real Assurance

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eve Cooper

Jan 31, 2026 11:59:59 PM

Annual cyber audits and compliance assessments remain common. They are familiar, structured, and...

Governance Tells You Who Owns Cyber Risk - Assurance Tells You If You’re Safe

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eve Cooper

Jan 31, 2026 12:00:00 AM

Cyber governance and cyber assurance are often used interchangeably. They shouldn’t be.

Why Cyber Risk Assurance Is Now a Board Requirement - Not a Security Nice-to-Have

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eve Cooper

Jan 30, 2026 2:56:03 PM

For many organisations, cyber risk governance has improved significantly over the past few years....

What “Good” Cyber Governance Actually Looks Like in 2025 (And How Regulators Will Test It)

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Simon Sharp

Jan 16, 2026 12:00:00 AM

Cyber Governance Is Now a Commercial Requirement, Not Just a Compliance One

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eve Cooper

Jan 13, 2026 11:59:59 PM

AI in Cybersecurity: The Governance Question No One Is Asking

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eve Cooper

Jan 12, 2026 12:00:00 AM

Artificial intelligence is now embedded across cybersecurity tooling - from detection and response...

Why Traditional vCISO Models Still Leave Boards Exposed

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Simon Sharp

Jan 9, 2026 12:00:00 AM

Cyber Insurance Is Now a Governance Audit in Disguise

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Simon Sharp

Jan 8, 2026 12:00:00 AM

Cyber insurance is no longer a safety net.

Resource centre

Rockstar Library

Download our e-book

What Regulators Mean by “Ongoing” Cyber Assurance

From “Are We Secure?” to “Can We Prove It?”

Why One-Off Cyber Audits No Longer Provide Real Assurance

Governance Tells You Who Owns Cyber Risk - Assurance Tells You If You’re Safe

Why Cyber Risk Assurance Is Now a Board Requirement - Not a Security Nice-to-Have

What “Good” Cyber Governance Actually Looks Like in 2025 (And How Regulators Will Test It)

Cyber Governance Is Now a Commercial Requirement, Not Just a Compliance One

AI in Cybersecurity: The Governance Question No One Is Asking

Why Traditional vCISO Models Still Leave Boards Exposed

Cyber Insurance Is Now a Governance Audit in Disguise