By Dan McBooth - Head of Technology at Naimuri
Myself and a few of the team at Naimuri recently had the opportunity to attend CyberUK 2025, hosted right on our doorstep in Manchester and bringing together a formidable lineup of cybersecurity leaders from across the globe and what an event it was!
Our parent company QinetiQ (alongside Inzpire) had a stand at the event and it was sponsored by organisations like NCSC, DSIT, The Alan Turing Institute. It was a powerful reminder of how cybersecurity is no longer just about defence, but about resilience.
The central theme of the event, “Transforming resilience, countering threats,” couldn’t be more timely. As one speaker put it, cyber threats aren’t just about malicious attacks, they're about how well systems and organisations can adapt and continue in the face of disruption.
Transforming resilience in particular plays well to Naimuri’s strength, looking at the big picture and creating systems which are fault tolerant, thinking not just about the development but also the operations of systems; how is it supported, what do we do when it goes wrong, how do we keep going through adversary?
Lessons in resilience
One sobering case study involved the Irish health service executive, which suffered a devastating cyber attack on the 14th May 2021. It showed how anyone (even organisations doing good) can come under attack.
Recovery took months and it highlighted that their disaster recovery plans were never designed around total failure and relied on other hospitals to fall back onto. Their fallback to paper-based processes showed how unprepared many organisations are for a total digital failure.
The message was clear: planning for attacks or outages must be holistic, spanning every department and scenario.
Secure by design: Buzzword or blueprint?
"Secure by Design" (SbD) was another major talking point.
Some of it was frustrating, some of it was interesting. A lot of SbD focuses on systems as a whole, or how non-technical leaders ensure a program is secure from the offset, with a lens more on processes over policies.
While often presented as a vague aspiration, the most insightful takeaways came from speakers who emphasised security across entire organisations, from supply chains and finance to legal and support teams. True SbD is a mindset, not a checklist.
Still, guidance is lacking. With fragmented approaches across departments and agencies, there’s an opportunity, especially for companies like ourselves at Naimuri, to lead by example and push for clearer standards and actionable frameworks.
Supply chain realities
Supply chain security was front and centre. As both consumers and providers of technology, we face risks from every direction. From open-source dependencies to global cloud infrastructure, our systems are interconnected and vulnerable. As a supplier, we must continue to lead by example and remain vigilant. Security isn’t just the job of the infosec team, it’s everyone’s responsibility from finance to marketing.
Cyber as a differentiator
Too often, cybersecurity is framed as a looming threat of doom and gloom. Yes there are continual threats but it should be seen as a way of raising standards, improving things and being a market differentiator. Strong cyber is a way of helping organisations cope with uncertainty. But there was a refreshing call to reframe it as an opportunity, a way to raise standards, improve processes, and stand out in a competitive market.
CyberUK and other events and initiatives like this are a reminder of the evolving nature of our work. Whether it's cyber resilience, full-life delivery models, or data innovation, we at Naimuri are proud to be contributing meaningfully to a safer and smarter digital future.
