Insights & Resources
Expert perspectives from onionio and industry leaders on the future of cyber, how to shape the narrative and where to start your zero trust - trusted AI journey
A quarter-century of NHS cyber, data & digital change
Two adjacent journeys: how governance and cyber regulation have evolved, and how local digital estates have (and often haven't) kept pace from 2000 to 2025.
Read articleShould the NHS Scrap the DSPT? A Case For and Against
The NHS Data Security and Protection Toolkit has long anchored cyber assurance across health and care. As the threat landscape evolves and national capabilities grow, the question is no longer whether the DSPT is useful — but whether it is still the right instrument for the job.
Read articleFrom Minimum Compliance to Gold Standard: Hardening Windows 11, Defender, ASR and WDAC Across NHS Trusts
Most NHS Trusts now have the Microsoft security tooling in place. The question is whether it is configured to genuinely reduce ransomware risk, or simply installed. This article sets out a practical, progressive approach to endpoint hardening that acknowledges clinical constraints while moving from detection toward prevention and true resilience.
Read articleActive Directory Security and its importance to clinical resilience and achieving the NHS 10 year plan
Active Directory is no longer just infrastructure — it is the identity control plane for patient care. This article outlines a pragmatic approach to strengthening identity resilience in NHS Trusts, particularly during mergers, while aligning with CAF compliance expectations and building long-term clinical resilience.
Read articleT1078 Valid Accounts and Active Directory Tiering in Legacy On-Premises Windows Estates
T1078 — Valid Accounts — is the hinge around which most serious intrusions in Windows Active Directory environments turn. This article traces how credential abuse operates across the full attack lifecycle, explains what AD tiering actually prevents, maps specific controls to the techniques they disrupt, and sets out the detection signals that matter.
Read articleThe AI Vulnerability Storm: What Claude Mythos Means for Healthcare, Government and Essential Services
Anthropic's Claude Mythos has autonomously found thousands of critical vulnerabilities across every major operating system and browser, generating working exploits without human guidance. The Cloud Security Alliance's emergency briefing makes clear this is not a temporary spike — it is a structural shift in how attack and defence work. Here is what it means for public sector and critical infrastructure organisations.
Read article