Insights

The Patching Blog

Practical thinking on security, productivity, AI, and what growing businesses actually need to know.

CybersecuritySecretsIT StrategyOperating ModelShadow ITAISoftware Engineering

27 May 2026

Vibe coding and the AI sprawl problem

Helping business leaders understand how to tame the sprawl that comes with lots of people vibe coding.

IT StrategyOperating ModelAISoftware Engineering

19 May 2026

What is AI actually good for?

Helping business leaders understand where AI is a massive value unlock and where it needs significant engineering to create predictable, reliable value.

IT StrategyOperating ModelAISoftware Engineering

5 May 2026

Machine speed feedback loops

How owning your website code lets you improve SEO and AEO in hours, not weeks

CybersecurityMalware Detection & ResponseSecurity Operating CentresSecretsSoftware Update ManagementIT StrategyOperating ModelIdentity ManagementDevice ManagementShadow ITBackupsSecurity Awareness Training24/7 Log MonitoringIncident ManagementAISoftware Engineering

29 April 2026

Introducing The Defensive Dozen

A blog post on why I made the Defensive Dozen; a curated list of twelve prioritised plain english cyber controls, including what good looks like.

IT StrategyOperating ModelAISoftware Engineering

22 April 2026

Context compounds — until it doesn't!

Two days with Claude and Replit, and what a 90-minute deck, a 30-minute deck, and a 5-minute one-shot actually taught me about managing AI context.

CybersecuritySecretsIT StrategyOperating ModelIdentity ManagementShadow ITSecurity Awareness Training

15 April 2026

Not all passkeys are created equal

A blog post highlighting the differences between different passkey types, and exposing the risks with synced passkeys.

Learnings from a 1.5-day agentic website rebuild

IT StrategyOperating ModelAISoftware Engineering

25 March 2026

Learnings from a 1.5-day agentic website rebuild

A blog post showing how agentic web development can rebuild a website fast and cheap

Why executive engagement in regular cyber risk reviews is critical

CybersecurityIT StrategyOperating ModelSecurity Awareness Training

12 November 2025

Why executive engagement in regular cyber risk reviews is critical

A blog post highlighting the importance of executive engagement in regular cyber risk review

Firewalls - an often overlooked staple of cybersecurity

CybersecurityMalware Detection & ResponseSecurity Operating CentresSoftware Update ManagementDevice Management24/7 Log Monitoring

4 November 2025

Firewalls - an often overlooked staple of cybersecurity

A blog post highlighting the importance of firewalls - one of the original staples of cybersecurity.

Vulnerability management - update everything, all the time!

CybersecuritySoftware Update ManagementIT StrategyOperating ModelDevice ManagementShadow IT

28 October 2025

Vulnerability management - update everything, all the time!

A blog post highlighting the importance of keeping all software updated to minimise the software vulnerabilities available to attackers.

CybersecuritySecretsIT StrategyIdentity ManagementDevice ManagementShadow ITSecurity Awareness Training

21 October 2025

AI - Its unavoidable, so lean in!

A blog post highlighting the importance of leaning into use of AI tools in your organisation to reduce the cybersecurity risks associated with them.

Incident management: Why every business needs a playbook.

CybersecurityMalware Detection & ResponseSecurity Operating CentresIT StrategyOperating ModelBackupsSecurity Awareness Training24/7 Log MonitoringIncident Management

14 October 2025

Incident management: Why every business needs a playbook.

A blog post highlighting the critical importance of rehearsed incident management plans and SOPs to organisational resilience.

Why immutable backups are critical to organisational resilience.

CybersecurityMalware Detection & ResponseSecurity Operating CentresIT StrategyOperating ModelBackupsSecurity Awareness TrainingIncident Management

7 October 2025

Why immutable backups are critical to organisational resilience.

A blog post highlighting the critical importance of immutable backups to organisational resilience.

The human factor - why staff training is critical to cybersecurity.

CybersecurityIT StrategyOperating ModelSecurity Awareness Training

30 September 2025

The human factor - why staff training is critical to cybersecurity.

A blog post highlighting the critical importance of staff training to cybersecurity.

What is an XDR tool? Why are they the first line of defence?

CybersecurityMalware Detection & ResponseSecurity Operating CentresIT StrategyOperating ModelIdentity ManagementDevice Management24/7 Log MonitoringIncident Management

23 September 2025

What is an XDR tool? Why are they the first line of defence?

A blog post about the importance of XDR solutions, explaining how they sense across your environment, detecting and mitigating threats before impact.

Why 24/7 Security is critical and more affordable than you think.

CybersecurityMalware Detection & ResponseSecurity Operating CentresIT StrategyOperating ModelIdentity ManagementDevice Management24/7 Log MonitoringIncident Management

16 September 2025

Why 24/7 Security is critical and more affordable than you think.

A blog post outlining the importance of a 24/7 Security Operations Centre and how they can be implemented more cost effectively than you think.

Why a corporate password manager is essential for a secure business.

CybersecuritySecretsIT StrategyOperating ModelIdentity ManagementDevice ManagementShadow ITSecurity Awareness Training24/7 Log Monitoring

9 September 2025

Why a corporate password manager is essential for a secure business.

A blog post outlining the importance and benefits of a corporate password manager than employees can use with personal vaults too.

CybersecurityMalware Detection & ResponseSecretsSoftware Update ManagementIT StrategyOperating ModelIdentity ManagementDevice Management24/7 Log Monitoring

2 September 2025

Why do my laptops need to be 'managed'?

A blog post outlining the importance of proper device management, and the benefits to both security and productivity.

CybersecuritySecretsIT StrategyOperating ModelIdentity Management

26 August 2025

How do I manage admin accounts?

A blog post outlining the importance of properly segregating and managing privileged admin accounts.

Digital Identity and the Employee Lifecycle.

CybersecurityIT StrategyOperating ModelIdentity Management

19 August 2025

Digital Identity and the Employee Lifecycle.

Blog post describing the importance of managing digital identities through the employee lifecycle and leveraging SSO and password managers.

CybersecurityIT StrategyOperating Model

12 August 2025

Who owns IT?

Blog post about importance of clear ownership to driver cybersecurity risk reduction

CybersecurityIT StrategyOperating Model

21 July 2025

Introducing Patching.

blog post introducing Patching and the rationale for creating the company

Subscribe to be notified of future posts

Practical thinking on security, productivity and AI — straight to your inbox.