Founder @ Dvuln.Hacker. T̶h̶i̶n̶k̶i̶n̶g̶ Doing outside the box. Adversary Simulation, Pentesting.
Most businesses today run on infrastructure they do not fully understand. Cyberspace is not simply the delivery channel for your systems and data. It is the domain in which your operations live. It is dynamic, adversarial, and unevenly mapped. Because access is frictionless, many mistake ease of use for understanding. This misconception creates blind spots that prevent organisations from investing in the capability required to operate safely. This is why so many organisations struggle to get teams to take cybersecurity seriously - because they view it as an IT function, not as a domain that must be navigated with discipline, capability, and control. At the highest levels - inside the military, defence intelligence, and the military-industrial complex,this is already understood. They treat cyberspace as a domain of operations. Not a tool. Not a product. A battlespace. If you're leading a business or building a team, you need to adopt that same mindset. You are not just using technology, you are operating within a domain that exposes you to risks you are likely unprepared to navigate. The organisations that survive and lead in this domain will be those that train for it like any other operational environment: with structure, repetition, and the understanding that failure carries real consequences.
This disconnect between ease of access and understanding is costing businesses massively. I've seen companies spend millions on tools while their teams still think of cyber as 'someone else's problem.' The military gets it - why doesn't corporate leadership?
The reason organisations struggle with cybersecurity isn’t because they misunderstand cyberspace as infrastructure instead of a “battlespace.” It’s because too many leaders still see cybersecurity as someone else’s problem. Treating cyberspace like a battlefield sounds compelling, but it also risks outsourcing critical thinking to a metaphor. Most businesses aren’t being brought down by nation-state actors, they’re stumbling over complexity, poor discipline, and wilful blindness to systemic risks they’ve tolerated for years. Organisations don’t need war rhetoric, rather they need accountability. They don’t need more threat theatrics, they need clearer operational insights, honest dialogue about the trade offs they’ve accepted, and consequences when risks are ignored. If we want teams to take security seriously, stop reaching for metaphors and start having uncomfortable conversations about priorities, investments, and ownership. That’s harder, but infinitely more effective.
Thank you for emphasizing cybersecurity's crucial role in operations management.
Definitely worth reading
Great way to think about it Jamieson O'Reilly .Understand the system first before trying to solve problems. I'd also suggest that you need to think about building a "system of systems" in this domain and not focus on point solutions as a silver bullet.
Jamieson O'Reilly absolutely on the money - just because you don't understand something, does not absolve you from the risk its use brings. It is on each of us 'in' the tech/security space to continue the education of those not even aware of what they don't know on the risks of this domain of operation!
Founder @ Dvuln.Hacker. T̶h̶i̶n̶k̶i̶n̶g̶ Doing outside the box. Adversary Simulation, Pentesting.
3moAdrian Nish reminds me of what you've said in the past.