What’s your organisation’s type when it comes to cyber security? Is everything justified by the business risks, or are you hoping for the best? Over the decades, I have found that no two businesses or organisations have taken the same approach to cybersecurity. This is neither a criticism nor a surprise. No two businesses are the same, so why would their approach to digital risk be? However, I have found that there are some trends or clusters. In this article, I’ve distilled those observations, my understanding of the forces that drive each approach, and some indicators that may help you recognise it. I have also suggested potential advantages and disadvantages. Ad Hoc Let’s start with the ad hoc approach, where the organisation does what it thinks needs to be done, but without any clear rationale to determine “How much is enough?” The Bucket of Sand Approach At the extreme end of the spectrum is the 'Bucket of Sand' option which is characterised by the belief that 'It will never happen to us'. Your organisation may feel that it is too small to be worth attacking or has nothing of any real value. However, if an organisation has nothing of value, one wonders what purpose it serves. At the very least, it is likely to have money. But it is rare now that an organisation will not hold data and information worth stealing. Whether this data is its own or belongs to a third party, it will be a target. I’ve also come across businesses that hold a rather more fatalistic perspective. Most of us are aware of the regular reports of nation-state attacks that are attempting to steal intellectual property, causing economic damage, or just simply stealing money. Recognising that you might face the full force of a cyber-capable foreign state is undoubtedly daunting and may encourage the view that 'We’re all doomed regardless'. If a cyber-capable nation-state is determined to have a go at you, the odds are not great, and countering it will require eye-watering investments in protection, detection and response. But the fact is that they are rare events, even if they receive disproportionate amounts of media coverage. The majority of threats that most organisations face are not national state actors. They are petty criminals, organised criminal bodies, opportunistic amateur hackers or other lower-level actors. And they will follow the path of least resistance. So, while you can’t eliminate the risk, you can reduce it by applying good security and making yourself a more challenging target than the competition. Following Best Practice Thankfully, these 'Bucket of Sand' adopters are less common than ten or fifteen years ago. Most in the Ad Hoc zone will do some things but without clear logic or rationale to justify why they are doing X rather than Y. They may follow the latest industry trends and implement a new shiny technology (because doing the business change bit is hard and unpopular). This type of organisation will frequently operate security on a feast or famine basis, deferring investments to next year when there is something more interesting to prioritise, because without business strategy guiding security it will be hard to justify. And 'next year' frequently remains next year on an ongoing basis. At the more advanced end of the Ad Hoc zone, you will find those organisations that choose a framework and aim to achieve a specific benchmark of Security Maturity. This approach ensures that capabilities are balanced and encourages progressive improvement. However, 'How much is enough?' remains unanswered; hence, the security budget will frequently struggle for airtime when budgets are challenged. It may also encourage a one-size-fits-all approach rather than prioritising the assets at greatest risk, which would cause the most significant damage if compromised. Regulatory-Led The Regulatory-Led organisation is the one I’ve come across most frequently. A market regulator, such as the FCA in the UK, may set regulations. Or the regulator may be market agnostic but have responsibility for a particular type of data, such as the Information Commissioner’s Office’s interest in personal data privacy. If regulatory compliance questions dominate most senior conversations about cyber security, the organisation is probably in this zone. Frequently, this issue of compliance is not a trivial challenge. Most regulations don’t tend to be detailed recipes to follow. Instead, they outline the broad expectations or the principles to be applied. There will frequently be a tapestry of regulations that need to be met rather than a single target to aim for. Businesses operating in multiple countries will likely have different regulations across those regions. Even within one country, there may be market-specific and data-specific regulations that both need to be applied. This tapestry is growing year after year as jurisdictions apply additional regulations to better protect their citizens and economies in the face of proliferating and intensifying threats. In the last year alone, EU countries have had to implement both the Digital Operational Resilience Act (DORA) and Network and Infrastructure Security Directive (NIS2) , which regulate financial services businesses and critical infrastructure providers respectively. Superficially, it appears sensible and straightforward, but in execution the complexities and limitations become clear. Some of the nuances include: Not Everything Is Regulated The absence of regulation doesn’t mean there is no risk. It just means that the powers that be are not overly concerned. Your business will still be exposed to risk, but the regulators or government may be untroubled by it. Regulations Move Slowly Cyber threats are constantly changing and evolving. As organisations improve their defences, the opposition changes their tactics and tools to ensure their attacks can continue to be effective. In response, organisations need to adjust and enhance their defences to stay ahead. Regulations do not respond at this pace. So, relying on regulatory compliance risks preparing to 'Fight the last war'. The Tapestry Becomes Increasingly Unwieldy It may initially appear simple. You review the limited regulations for a single region, take your direction, and apply controls that will make you compliant. Then, you expand into a new region. And later, one of your existing jurisdictions introduces an additional set of regulations that apply to you. Before you know it, you must first normalise and consolidate the requirements from a litany of different sets of rules, each with its own structure, before you can update your security/compliance strategy. Most Regulations Talk about Appropriateness As mentioned before, regulations rarely provide a recipe to follow. They talk about applying appropriate controls in a particular context. The business still needs to decide what is appropriate. And if there is a breach or a pre-emptive audit, the business will need to justify that decision. The most rational justification will be based on an asset’s sensitivity and the threats it is exposed to — ergo, a risk-based rather than a compliance-based argument. Opportunity-Led Many businesses don’t exist in heavily regulated industries but may wish to trade in markets or with customers with certain expectations about their suppliers’ security and resilience. These present barriers to entry, but if overcome, they also offer obstacles to competition. The expectations may be well defined for a specific customer, such as DEF STAN 05-138 , which details the standards that the UK Ministry of Defence expects its suppliers to meet according to a project’s risk profile. Sometimes, an entire market will set the entry rules. The UK Government has set Cyber Essentials as the minimum standard to be eligible to compete for government contracts. The US has published NIST 800-171 to detail what government suppliers must meet to process Controlled Unclassified Information (CUI). Businesses should conduct due diligence on their suppliers, particularly when they provide technology, interface with their systems or process their data. Regulations, such as NIS2, are increasingly demanding this level of Third Party Risk Management because of the number of breaches and compromises originating from the supply chain. Businesses may detail a certain level of certification that they consider adequate, such as ISO 27001 or a System & Organization Controls (SOC) report. By achieving one or more of these standards, new markets may open up to a business. Good security becomes a growth enabler. But just like with regulations, if the security strategy starts with one of these standards, it can rapidly become unwieldy as a patchwork quilt of different entry requirements builds up for other markets. Risk-Led The final zone is where actions are defined by the risk the business is exposed to. Being led by risk in this way should be natural and intuitive. Most of us might secure our garden shed with a simple padlock but would have several more secure locks on the doors to our house. We would probably also have locks on the windows and may add CCTV cameras and a burglar alarm if we were sufficiently concerned about the threats in our area. We may even install a secure safe inside the house if we have some particularly valuable possessions. These decisions and the application of defences are all informed by our understanding of the risks to which different groups of assets are exposed. The security decisions you make at home are relatively trivial compared to the complexity most businesses face with digital risk. Over the decades, technology infrastructures have grown, often becoming a sprawling landscape where the boundaries between one system and another are hard to determine. In the face of this complexity, many organisations talk about being risk-led but, in reality, operate in one of the other zones. There is no reason why an organisation can’t progressively transform from an Ad Hoc, Regulatory-Led or Opportunity-Led posture into a Risk-Led one. This transformation may need to include a strategy to enhance segmentation and reduce the sprawling landscape described above. Risk-Led also doesn’t mean applying decentralised, bespoke controls on a system-by-system basis. The risk may be assessed against the asset or a category of assets, but most organisations usually have a framework of standard controls and policies to apply or choose from. The test to tell whether an organisation genuinely operates in the Risk-Led zone is whether they have a well-defined Risk Appetite. This policy is more than just the one-liner stating that they have a very low appetite for risk. It should typically be broken down into different categories of risk or asset types; for instance, it might detail the different appetites for personal data risk compared to corporate intellectual property marked as 'In Strict Confidence'. Each category should clarify the tolerance, the circumstances under which risk will be accepted, and who is authorised to sign off. I’ve seen some exceptionally well-drafted risk appetite policies that provide clear direction. Once in place, any risk review can easily understand the boundaries within which they can operate and determine whether the controls for a particular context are adequate. I’ve also seen many that are so loose as to be unactionable or, on as many occasions, have not been able to find a risk appetite defined at all. In these situations, there is no clear way of determining 'How much security is enough'. Organisations operating in this zone will frequently still have to meet regulatory requirements and individual customer or market expectations. However, this regulatory or commercial risk assessment can take the existing strategy as the starting point and review the relevant controls for compliance. That may prompt an adjustment to security in certain places. But when challenged, you can defend your strategy because you can trace decisions back to the negative outcomes you are attempting to prevent — and this intent is in everyone’s common interest. Conclusions Which zone does your business occupy? It may exist in more than one — for instance, mainly aiming for a specific security maturity in the Ad Hoc zone but reinforced for a particular customer. But which is the dominant zone that drives plans and behaviour? And why is that? It may be the right place for today, but is it the best approach for the future? Apart from the 'Bucket of Sand' approach, each has pros and cons. I’ve sought to stay balanced in how I’ve described them. However, the most sustainable approach is one driven by business risk, with controls that mitigate those risks to a defined appetite. Regulatory compliance will probably constitute some of those risks, and when controls are reviewed against the regulatory requirements, there may be a need to reinforce them. Also, some customers may have specific standards to meet in a particular context. However, the starting point will be the security you believe the business needs and can justify before reviewing it through a regulatory or market lens. If you want to discuss how you can improve your security, reduce your digital risk, and face the future with confidence, get in touch with Tom Burton, Senior Partner - Cyber Security, using the below form.

Jason Jennings | Elevate your project management with AI. This guide for senior leaders explains how AI tools can enhance project performance through predictive foresight, cognitive collaboration, and portfolio intelligence. Unlock the potential of AI in your organisation and avoid the common pitfalls.

A New Era of Local Power: What’s in the English Devolution Bill? The UK Government has taken a major step forward in reshaping local governance in England with the publication of the English Devolution and Community Empowerment Bill. This is more than a policy shift — it’s a structural rethink that sets out to make devolution the norm, not the exception. This is a welcome change in direction. This framework could unlock new potential for place-based leadership, community decision-making, and joined-up regional delivery. But as with any big reform, the opportunity lies in the detail — and in how we respond. Key Changes Introduced by the Bill Standardised Framework for Strategic Authorities: Combined Authorities, the GLA, and County Combined Authorities will all fall under a new, consistent legal model — making future devolution smoother and more transparent. Mayors Gain More Leverage: Elected mayors now have a legal right to request further powers, with the Government required to respond. This could pave the way for greater local control over transport, housing, energy, and skills. Neighbourhood Governance Becomes a Duty: Councils will be required to introduce or enhance neighbourhood governance models, supporting community voices and hyper-local decision-making. Simplified Local Government Reorganisation: The Bill makes it easier to create unitary authorities and restructure Strategic Authorities, while mandating the leader-and-cabinet model across councils. Expanded Local Powers: Local authorities will gain new tools to manage shared transport (e.g. e-scooters), protect community assets, and take greater ownership of local planning and infrastructure decisions. Financial Oversight with New Audit Body: A dedicated Local Audit Office will strengthen transparency and public trust in the financial performance of devolved authorities. Why This Matters This legislation has the potential to reshape the relationship between central and local government. It provides: Greater clarity for local leaders navigating the devolution journey Stronger alignment between regional planning, investment, and delivery Formalised community empowerment as a core part of local governance Faster implementation of reforms, removing historical friction with Whitehall If implemented well, it could accelerate levelling up, boost public confidence, and enable councils to better serve their communities. Things to Watch While the ambitions are clear, some areas need close attention: Will funding follow the powers? Without sustained financial backing, councils risk being given responsibilities without the means to deliver. Can neighbourhood structures scale inclusively? Capacity and engagement are key. Local authorities will need support to build neighbourhood governance that is truly representative and impactful. Is the framework flexible enough? A standardised model may reduce complexity, but different places have different needs. Will the new system allow enough room for local variation? Politics, Patchworks and Practicalities: Navigating the Real World of Devolution While the Bill sets out a bold framework, turning that into action won’t be straightforward. Key challenges include: 1. Political Variation Across England Party control differs widely across councils and combined authorities. Some areas will embrace the model enthusiastically; others may resist due to local politics, institutional inertia, or differing visions of place-based governance. The perception of centralisation vs. genuine empowerment may vary depending on the colour of national vs. local government. 2. Tension Between Standardisation and Local Identity The Bill’s aim to simplify and harmonise structures may clash with deeply rooted local differences. Places with strong local identities (e.g. Cornwall, Yorkshire) may be wary of “off-the-shelf” devolution deals or generic governance templates. 3. Differing Appetite for Mayoral Leadership Not all areas want or have elected mayors. Extending powers to Strategic Authorities with mayors may widen the gap between those “inside” and “outside” the model. This could reinforce a two-speed devolution system unless flexibility is built in. 4. Election Cycles and Political Continuity Leadership turnover, locally and nationally can stall momentum, undo hard-won consensus, or shift priorities mid-implementation. Cross-party collaboration will be essential, but not always easy in contested regions. The advantages will need to be sold well. 5. Capacity and Capability Gaps Even with strong local political will, some councils may struggle with resourcing, skills, or institutional readiness to implement new duties or governance changes. What Should Local Leaders Do Now? Start preparing governance structures in anticipation of new duties Identify gaps or priorities where additional powers could unlock outcomes Engage partners early—from VCS organisations to universities to SMEs — to co-design delivery models Assess audit and performance frameworks to ensure compliance and transparency Final Thoughts This Bill is a welcome statement of trust in local institutions. It’s now up to councils, combined authorities, and delivery partners to turn this framework into lasting, meaningful change.

Today, we are proud to be spotlighting Faye Holland, who became Managing Partner at Cambridge Management Consulting for Client PR & Marketing as well as for our presence in the city of Cambridge and the East of England at the start of this year, following our acquisition of her award-winning PR firm, cofinitive. Faye is a prominent entrepreneur and a dynamic force within the city of Cambridge’s renowned technology sector. Known for her ability to influence, inspire, and connect on multiple fronts, Faye plays a vital role in bolstering Cambridge’s global reputation as the UK’s hub for technology, innovation, and science. With over three decades of experience spanning diverse business ventures, including the UK’s first ISP, working in emerging business practices within IBM, leading European and Asia-Pacific operations for a global tech media company, and founding her own business, Faye brings unparalleled expertise to every endeavour. Faye’s value in the industry is further underscored by her extensive network of influential contacts. As the founder of cofinitive, an award-winning PR and communications agency focused on supporting cutting-edge start-ups and scale-ups in tech and innovation, Faye has earned a reputation as one of the UK’s foremost marketing strategists. Over the course of a decade, she built cofinitive into a recognised leader in the communications industry. The firm has since been featured in PR Weekly’s 150 Top Agencies outside London, and has been named year-on-year as the No. 1 PR & Communications agency in East Anglia. cofinitive is also acknowledged as one of the 130 most influential businesses in Cambridge, celebrated for its distinctive, edge, yet polished approach to storytelling for groundbreaking companies, and for its support of the broader ecosystem. Additionally, Faye is widely recognised across the East of England for her leadership in initiatives such as the #21toWatch Technology Innovation Awards, which celebrates innovation and entrepreneurship, and as the co-host of the Cambridge Tech Podcast. Individually, Faye has earned numerous accolades. She is listed among the 25 most influential people in Cambridge, and serves as Chair of the Cambridgeshire Chambers of Commerce. Her advocacy for women in technology has seen her regularly featured in Computer Weekly’s Women in Tech lists, and recognised as one of the most influential women in UK tech during London Tech Week 2024 via the #InspiringFifty listing. Faye is also a dedicated mentor for aspiring technology entrepreneurs, having contributed to leading entrepreneurial programs in Cambridge and internationally, further solidifying her role as a driving force for innovation and growth in the tech ecosystem. If you would like to discuss future opportunities with Faye, you can reach out to her here .

From left to right: Tim Passingham, Tom Burton, Erling Aronsveen, Polly Marsh, and Clive Quantrill.

Cambridge Management Consulting is delighted to announce that we have been recognised as a Platinum-level telecommunications consultancy in Consultancy.uk’s 2025 ‘Top Consulting Firms in the UK’ ranking. This achievement places us among an upper tier of telecommunications consultancies across the UK, reflecting our continued commitment to delivering exceptional expertise and results for our clients in this rapidly evolving sector. A Rigorous Assessment The Consultancy.uk ranking represents one of the most comprehensive evaluations of the UK’s consulting landscape, assessing over 1,400 firms across the country. This methodology combines extensive client feedback from more than 800 clients and peer reviews from over 3,000 consultants, alongside detailed capabilities assessments that examine the reputation of each firm, project track records, analyst benchmarks, industry recognitions, and thought leadership. Within the telecommunications sector specifically, over 500 consulting firms were evaluated, with only 50 qualifying as top players. The ranking system operates across five distinct levels – Diamond, Platinum, Gold, Silver, and Bronze; thus, Platinum status cements Cambridge MC as one of the most trusted, expert, and influential telecommunications consultancies in the UK. This recognition is particularly meaningful given the competitive nature of the UK’s telecommunications consulting market, where established global firms compete alongside specialist independents. Our Platinum ranking demonstrates that Cambridge MC has successfully established itself as a leading authority in telecommunications strategy, transformation, and innovation. Building on a Foundation of Success This latest accolade adds to Cambridge MC’s impressive collection of recent achievements and industry recognition. At The Consultancy Awards 2024, we were honoured to receive three awards, winning in every category for which we were nominated. These included: Digital Transformation: Acknowledging our project management of a multinational oil and gas company’s EV charging hub portfolio. Productivity Improvement & Cost Reduction: Celebrating our delivery of over £10m in savings for a major UK online retailer. Fastest Growing: Recognising our remarkable 30% revenue growth and expansion across new geographies. Beyond organisational achievements, our individual team members continue to earn recognition for their expertise and contributions. Zoë Webster, expert at Cambridge Management Consulting for AI, Digital & Innovation, was named among AI Magazine’s Top 10 AI Leaders in the UK & Europe. Furthermore, Craig Cheney, Managing Partner for Public Sector & Education, was made an Alderman of the City of Bristol, and Marvin Rees OBE, a member of our advisory board, was introduced to the House of Lords. Craig and Marvin were also co-founders of the Bristol City LEAP project, which recently received the World Economic Forum’s 2024 Award of Distinction for Public-Private Collaboration in Cities. This £1bn partnership between Bristol City Council and Ameresco UK represents a world-first initiative in sustainable urban development, demonstrating our capacity to deliver transformational projects with genuine societal impact. At the Forefront of Digital Infrastructure and TMT Our Platinum ranking in telecommunications specifically reflects Cambridge MC’s deep expertise across the full spectrum of Telecoms, Media & Technology (TMT) challenges. We work alongside TMT companies to optimise digital infrastructure and estates while delivering integrated cost reduction services that enhance procurement and contract management functions. Our capabilities span from digital transformation, procurement and network transformation to data centre optimisation and emerging technology integration. The telecommunications landscape continues to evolve rapidly, with exponential data growth, IoT deployment, and the infrastructure demands of generative AI driving substantial transformation in both virtual and physical infrastructure. Our team support organisations to stay afloat in this changing market, with a proven track record including managing over $5bn in client revenues, saving organisations over $2bn, and driving procurement transactions exceeding $5bn. Recent case studies demonstrate the breadth of our telecommunications expertise, from conducting technical due diligence for major investment decisions, to designing and procuring modern network solutions for leading academic institutions. Our work with the University of Bristol, helping them to complete their progressive Modern Network transformation, exemplifies our ability to navigate complex technical and commercial requirements, while delivering measurable outcomes. Looking Ahead As we celebrate this Platinum recognition, Cambridge MC remains committed to pushing the boundaries of what’s possible in telecommunications consulting. Ever since Tim Passingham founded Cambridge Management Consulting, to support telecommunications startups in the city of Cambridge, UK, our purpose has been to help clients make a better impact on the world. This mission drives everything we do, from individual product delivery to industry-wide transformation initiatives. This achievement belongs to our entire team of specialist practitioners who bring decades of hands-on experience to every engagement. As we continue to expand our capabilities and global reach, this recognition serves as both validation of our progress and motivation for the challenges ahead. Thank you to everyone who has joined us on this journey.

Disclaimer: The text below was originally published on the Pembroke College website. Read the original post here to read the full article, including coverage of the award's other recipients, Duncan Rule and Ian Carry. 2025 Volunteers of the Year Announced Congratulations to Duncan Rule, Ian Carry and Tim Passingham (2022) whose contributions to Pembroke have been recognised in Pembroke’s Volunteer of the Year Awards for 2025. The award was introduced in 2022 to recognise not only the particular individuals who contribute their time and expertise for the benefit of the College and its community but also the value of volunteering itself. Duncan and Tim received their awards from the Master, Lord Smith of Finsbury, last week, with Ian set to receive his at the LEAP celebration event next term. Tim Passingham Since joining Pembroke as a William Pitt Fellow in 2022, Tim Passingham has become a highly valued member of the College community. A consistent supporter of the Corporate Partnership Programme, Tim has played a pivotal role in connecting students with real-world opportunities. Through his companies—Cambridge Management Consulting and partner firm edenseven—Tim has offered numerous internships to students on the LEAP programme, helping them build professional confidence and practical skills. Beyond internships, Tim and his team have supported LEAP students through reflective post-programme interviews, offering valuable feedback for both participants and the LEAP team. His impact is visible in many aspects of College life: from advisory work on the Milstein House sub-committee to generous support for Pembroke’s musicians, including the donation of a drum kit. Tim has also brought significant visibility to Pembroke within the wider Cambridge community. Under his leadership, the College was a key host during Cambridge Tech Week 2024, welcoming visitors for lectures, panels, and a Deep Tech Gala Dinner. Regularly using College spaces for high-profile meetings and team retreats, Tim has become a recognisable and influential figure around Pembroke—embodying the spirit of collaboration and innovation that the Corporate Partnership Programme aims to foster. On receiving this award, Tim said "when I was invested as a William Pitt Fellow in 2022, I stated that my desire was to give to the College and work hard to bring the worlds of Academia and Industry closer together. Since then, me and some of my team at Cambridge Management Consulting have supported numerous LEAP interns, sponsored our first PhD student at Pembroke, supported the CARA charity and initiative, supported the Mill Lane site programme, and given as much time and money as we have been able to support the Development Team and the growth of the College. I feel enormously honoured to receive this award which, for me, represents very much the beginning of a partnership which I hope will deepen and grow over many years to come. I look forward to the years ahead and to serving the College as we seek to continue to build on the incredible legacy of Pembroke by having a disproportionate impact for good on the world around us.”

Disruption now occurs with unprecedented regularity, as industries are upended not by traditional competitors but by unexpected entrants wielding innovative technologies and business models.  The difference between thriving and becoming obsolete increasingly hinges on your organisation's ability to anticipate and adapt to disruption before it's too late. The Ur-case of this was Blockbuster, who ignored the threat of streaming technologies, and specifically Netflix (which it could have bought), until it was far too late to pivot and catch up. Our article explores how businesses can develop strategies that offer predictions and agility, embedding creativity and insight into frameworks and actionable steps that plot a course through the disruptive landscapes of the next few years and beyond. Understanding the Nature of Disruption Disruption is no longer just a buzzword — or the philosophy of ‘break things and move fast’ that drove the early tech start-ups that now dominate our waking lives. The theory of disruptive innovation, popularised by Harvard Business School professor Clayton Christensen, explains how new technologies, products, or services can start small but eventually surpass established offerings in existing markets[1]. This process typically begins when smaller companies with fewer resources challenge established or traditional businesses by addressing underserved market needs[5] in new ways; usually with business models that bypass normal routes to market and allow these companies to scale at pace. Recent examples include: fintech banks that challenge the need for brick-and-mortar; online over-the-top media applications that replace the need for print media and traditional broadcast television; digital media and the success of subscription models, replacing physical media for music, films and other forms of entertainment; and platform apps like Uber, which connect us to a fleet of independent drivers who are paid per ‘gig’ and regulated by a ratings system. Today's notion of disruption is characterised by several key features: Accelerated Pace of Change The pace of disruption has accelerated beyond anything previously seen, with transformative technologies reaching mainstream adoption faster than ever[15]. While it took decades for technologies like electricity and telephones to achieve mass adoption, modern innovations like smartphones and AI have transformed entire industries in just a few years. Cross-Industry Disruption Disruptive threats increasingly come from outside traditional industry boundaries. Companies must now monitor not only direct competitors but also adjacent industries and completely unrelated sectors where transferable innovations might emerge[15]. For example, tech giants have disrupted financial services, retail, healthcare, and automotive industries without prior experience in these sectors. Technology-Enabled Business Models Today's most powerful disruptions combine technological innovation with business model innovation. Examples include: Platform models: Uber revolutionised transportation by connecting riders and drivers through a user-friendly mobile app, utilising independent drivers who pay for their own vehicles for rapid scalability[1]. Subscription services: Netflix and Spotify transformed entertainment consumption by shifting from physical media to on-demand streaming with personalised algorithmic content recommendations[1]. Direct-to-consumer approaches: Tesla's direct sales model bypassed traditional dealership networks while integrating advanced electric vehicle technology and autonomous capabilities[1]. From Traditional to Adaptive Strategy Traditional strategic planning approaches — characterised by multi-year roadmaps and rigid implementation plans — have become increasingly inadequate in today's fast-moving business environment. We look at some of the challenges businesses now face below. The Limitations of Traditional Strategy Conventional strategies often fail because they: Assume relative stability in market conditions Take too long to develop and implement Lack flexibility to respond to unexpected changes Rely heavily on historical data to predict future outcomes The Adaptive Strategy Advantage Adaptive strategy, often described as the "Be Fast" approach, emphasises agility, experimentation, and continuous evolution[3]. This approach thrives in fluid industries with high uncertainty and a fast pace of change, such as technology, fashion, entertainment, and start-ups[3]. Organisations that embrace adaptive strategies gain significant advantages: Higher profitability: Companies ranking high in adaptability enjoy up to 75% higher profitability than their less adaptive counterparts[10]. Faster market response: Adaptive firms achieve approximately 60% faster time-to-market compared to traditional competitors[10]. Innovation capacity: The ability to experiment boldly and rapidly iterate creates an environment where breakthrough innovations are more likely to emerge[10]. Real-World Adaptive Strategy Success Consider Netflix's journey from DVD rental service to streaming giant to content producer. Rather than creating a 10-year plan, Netflix constantly evolved based on emerging technologies, customer preferences, and market opportunities. This adaptive approach allowed them to pivot whenever necessary while maintaining their core value proposition of convenient entertainment access[1]. A New Framework for Ensuring Strategy Relevance To maintain strategic relevance amid disruptive trends, companies need a systematic framework that balances stability with flexibility. Anticipate Disruption Through Trend Analysis Successful businesses identify potential disruptions before they manifest fully by monitoring Hard Trends — future certainties based on measurable facts[15]. These include demographic shifts, technological advancements, and regulatory changes that provide predictable directional guidance. For example, financial services firms that recognised the Hard Trend of increasing digital connectivity were better positioned to respond to the rise of mobile banking and fintech disruption. Build your Agility Organisational structures and processes must be designed to support rapid adaptation: Decentralised decision-making: Empower teams closest to customers and market changes to make decisions without lengthy approval chains[3]. Cross-functional collaboration: Break down silos between departments to enable faster information sharing and coordinated responses to change[3]. Agile methodologies: Adapt software development approaches like sprints, continuous integration, and iterative testing to broader business strategy[3]. Foster a Culture of Innovation Innovation cannot be an isolated function — it must permeate your entire organisation: Encourage experimentation: Create safe spaces for testing new ideas with minimal bureaucracy and fear of failure[3]. Customer-centric innovation: Ground innovation efforts in a deep understanding of customer needs rather than internal assumptions[14]. Structured innovation processes: Establish clear pathways for moving ideas from conception to implementation while maintaining flexibility[14]. KPIs that support innovation: For example, looking at the value of a portfolio of innovations rather than a specific innovation project. Leverage Data & Technology Data-driven insights provide a vital competitive advantage in your disruption response: Real-time market intelligence: Deploy advanced analytics to detect weak signals of change before they emerge fully-formed[3]. Predictive modelling: Use Agentic AI to identify patterns and forecast potential disruptions[2]. Digital transformation lifecycle: Invest in the necessary expertise and infrastructure to undertake on-going programmes of transformation — a big step, and potentially expensive, but it can help immunise your business against disruptive technologies and new models. Practical Implementation Steps Translating disruption awareness into effective action requires specific tactical approaches.

SMEs make up 99% of UK businesses, three fifths of employment, over 50% of all business revenue, are in everyone's supply chain, and are exposed to largely the same threats as large enterprises. How should they get started with cyber security? Small and Medium sized Enterprises (SME) are not immune to the threat of cyber attacks. At the very least, if your business has money then it will be attractive to criminals. And even if you don’t have anything of value, you may still get caught up in a ransomware campaign with all of your data and systems made inaccessible. Unfortunately many SMEs do not have an IT team let alone a cyber security team. It may not be obvious where to start, but inaction can have significant impact on your business by both increasing risk and reducing the confidence to address new opportunities. In this article we outline 5 key questions that can help SMEs to understand what they need to do. Even if you outsource your IT to a supplier these questions are still relevant. Some can’t be delegated, and others are topics for discussion so that you can ensure your service provider is doing the right things, as well as understanding where their responsibilities stop and yours start. Q1: What's Important & Worth Defending Not everything needs protecting equally. In your personal life you will have some possessions that are dear to you and others that you are more laissez-faire about. The same applies to your digital assets, and the start point for any security plan needs to be an audit of the things you own and their importance to your business. Those ‘things’, or assets, may be particular types of data or information. For instance, you may have sensitive intellectual property or trade secrets; you may hold information about your customers that is governed by privacy regulations; or your financial data may be of particular concern. Some of this information needs to be protected from theft, while it may be more important to prevent other types of data from being modified or deleted. It is helpful to build a list of these assets, and their characteristics like the table below:

To acknowledge and celebrate the end of the Falklands war on 14 June 1982, we are publishing this story about the unlikely friendship of two amateur radio enthusiasts 8,000 miles apart that allowed more than 50 soldiers the opportunity to get messages home to their loved ones. Disclaimer: This story was originally brought to light by bfbs Forces News on 7 December 2022. Certain linguistic changes have been made in the subsequent article from Cambridge Management Consulting, but all of the information comes from the original article, written by Hannah King Ros Moore, which you can read here , and an accompanying video on their YouTube page, which we encourage you to watch . Between April and June 1982, Argentina and the United Kingdom engaged in a 10-week conflict which would come to be known as the Falklands War. Battling over the sovereignty of the Falkland Islands and its territorial dependency, South Georgia and the South Sandwich Islands, the conflict began with the invasion of the former by Argentina on 2 April, and ended with their ultimate surrender on 14 June – Falklands Liberation Day. During this time, more than 100 villagers were being held captive in a hall by the Argentinians for almost seven weeks, before being free on 29 May by 2 PARA, following a battle to take Goose Green. Eighteen British soldiers were sadly lost during this fight, but back at home their families had heard nothing since the soldiers set sail. That was until the unlikely friendship of two amateur radio enthusiasts 8,000 miles apart allowed more than 50 soldiers the opportunity to get messages home to their loved ones. Bob McLeod, a ham radio operator, had already made history by making the announcement to the world that the Falkland Islands had been invaded. However, in doing so, he had also drawn the attention of the Argentinians, who were quick to confiscate his equipment. Alan Bullock was the Forward Observation Officer of D Company, 2 PARA, and, while walking through the main street of Goose Green, spotted an antenna on a house belonging to Bob. Alan knocked on Bob’s door, “Hello… is there any chance you are a radio amateur?” “Yes… But the Argentinians took my transmitter and smashed it up.” Bob’s wife then suggested that they use his 50W amplifier that was safely hidden under the stairs. As Forward Observation Officer, Alan had his state-of-the-art at the time, military clansman radio, which, although only 20 watts for communicating over short distances, could be combined. In order to get messages back to the UK, Bob made contact with John Wright, a radio amateur in Oxford with whom he had been chatting to over the airwaves for many years. Together, Bob and John devised a cryptic code for their conversation and each transmitted on different frequencies, in case anyone was listening. John would be given a soldier’s phone number and short messages to pass on to his family. John said of the plan: “Normally amateur radio enthusiasts talk about their radio equipment, experiments they’re doing. “In this case, the communication was to pass family traffic which, under normal circumstances, isn’t allowed, but I threw caution to the wind and did what I could as quickly and clandestinely as possible.” Word quickly got around the troops and soon it wasn’t just D Company’s families Bob and John were contacting. Before long, there was a queue outside Bob’s door, with each message always the same: "I am safe." About BFBS BFBS is a pioneering military charity with a mission to entertain, inform, connect and champion the UK armed forces, their families and veterans. Our armed forces do a tough yet invaluable job, often working in extreme conditions – so BFBS believes they deserve our unfailing support. Find out more at: https://about.bfbs.com/ The Positive Impact of Telecommunications This story, and the combined initiative, intuition, and innovation between Allan Bullock, Bob McLeod and his wife, and John Wright, is testament to the transformative power of technology for forging connection and bringing optimism at times of difficulty, danger, and otherwise disconnect. This story is particularly inspiring for Cambridge Management Consulting as an organisation currently working hard to enhance the telecommunications and technology infrastructure of the Falkland Islands. For more information about how we are achieving this, you can read about our consultancy work on the Islands here , and the opening of Falklands IT here .

Welcoming Simon Crimp Cambridge Management Consulting is delighted to welcome Simon Crimp as Managing Partner and Lead for our Digital Transformation practice. With more than 25 years of international technology leadership, Simon joins us at a pivotal moment as our clients seeking to drive meaningful change across their portfolios. His extensive experience spans hands-on technology operation and engineering, setting global technology strategy, and C-suite advisory, positioning him as a powerful asset for businesses navigating the next wave of digital innovation. Simon began his career in the demanding world of capital-markets technology, supporting trading floors at JP Morgan and managing service delivery across major exchanges. This early immersion laid the groundwork for a deep technical understanding and an ability to deliver resilient, high-availability systems in some of the world’s most high-pressure environments. His next chapter at Euronext LIFFE (now part of ICE Futures Europe) saw him rise through the ranks from service management to become Global Head of Systems Engineering. There, he was instrumental in delivering two state-of-the-art data centres and modern trading infrastructure, ensuring the reliability and resilience required by global financial markets. The next decade of Simon’s career took him to IG Group, where he led the transformation of infrastructure and operations on a global scale. As Head of Infrastructure & Operations and later Regional CTO and Global Head of Shared Technology Services, Simon architected IG’s pioneering hybrid cloud strategy, orchestrating seamless integration across AWS, Google Cloud, and multiple colocation facilities. He didn’t just modernise technology, he reshaped how teams operated, leading over 400 technologists across regions, managing a significant budget, and redesigning operating models to accelerate delivery while enhancing security and compliance. Notably, Simon developed IGs Security Operations and Cyber Defence function, further strengthening the company’s posture in a fast-evolving threat landscape. His versatility was clear during his tenure as Interim CEO and Head of the Japan Office, where he secured C-level buy-in for localisation and expansion into new markets. Before leaving IG in 2024 Simon developed the Data Strategy for the company and led build out of the Data and AI capability into GCP. Beyond his technical and commercial expertise, Simon has invested in leadership development, qualifying as an Executive Coach at Henley Business School. This enables him to drive not only digital transformation, but the cultural shifts essential for lasting impact. This helps organisations embed agile, product-focused ways of working alongside technology renewal. Reflecting on his decision to join Cambridge Management Consulting, Simon shares: “I’m really excited to get the opportunity to take 25 years of technology and organisational transformation across Finiancial Services and Fintech into new industries and markets. Cambridge MC has had great success since opening its doors, and I’m thrilled to be part of the leadership team that will drive the next phase of growth.” In this new role he will lead end-to-end digital transformation programmes — from initial vision and business case to execution and ongoing improvement. He will focus on orchestrating cloud-first, data and AI strategies, embedding modern operating models, guiding post-merger technology integration, and advising boards on security, compliance, and the adoption of emerging technologies. Whether your organisation is looking to modernise legacy estates, scale digital operations globally, or embed new ways of working, Simon Crimp and the Cambridge Management Consulting team are ready to help drive value at any stage of the programme. To connect with Simon and explore how he can support your digital transformation journey, reach out to us at info@cambridgemc.com or scrimp@cambridgemc.com

Introduction In today's interconnected world, submarine cable networks form the backbone of global communication, enabling the seamless exchange of data across continents. While these undersea cables are the epitome of engineering marvels, their effectiveness hinges not only on the ‘wet' network in the seabed, but also on the often-overlooked terrestrial network backhaul. The terrestrial backhaul — the infrastructure that connects submarine cable landing stations to inland data centres and networks — is as crucial as the submarine network itself. Proper management and handling of terrestrial backhaul partners is essential to ensure the optimal performance, cost-efficiency, and security of all submarine networks. The Vital Importance of Backhaul Management Submarine networks are only as strong as their weakest link, and the terrestrial backhaul is a pivotal link in this ecosystem. Without a well-designed and managed backhaul, even the most sophisticated submarine network can face inefficiencies, bottlenecks, and vulnerabilities.  Key reasons why managing terrestrial network backhaul partners is so critical include: Cost Optimisation Terrestrial backhaul costs constitute a significant portion of the total network expenditure. Poorly negotiated contracts or suboptimal supplier relationships can inflate operational costs, diminishing the overall profitability of submarine networks. Network Performance The design, quality, and reliability of terrestrial backhaul networks directly affect latency, throughput, and overall user experience. A poorly managed partner ecosystem can lead to performance degradation, affecting service delivery. Security and Risk Mitigation The terrestrial segment is often more vulnerable to physical and cyber threats compared to submarine cables. Effective partner management ensures that security measures are prioritised, and risks are mitigated. Scalability and Flexibility As data demands grow, submarine networks must scale effectively. Well-managed terrestrial backhaul partners enable seamless scaling and adaptability to meet changing requirements.

Procurement, like many other sectors, is currently being transformed by AI technologies. Organisations are rapidly adopting AI solutions to enhance efficiency, reduce costs, and gain a competitive advantage in their procurement processes. According to recent research by Economist Impact, AI tools are already helping procurement professionals at 64% of firms, with larger organisations leading this digital transformation [7]. However, given the challenges of effectively implementing AI tools and their tendency to produce inaccurate or misleading outputs, it is essential for organisations to critically assess the immediate value of this technology, the costs involved in its deployment, and the potential impact on procurement teams. This article explores the user cases of AI in procurement, the emergence of Agentic AI, implementation challenges and strategies, and how Cambridge Management Consulting can guide you through this complex process and over the hurdles. We also stress that AI in procurement is not a panacea — it can be leveraged successfully for certain user cases when it is integrated with the support of well-trained teams who can spot errors and who understand the limits of these tools. Let's Start with the Limits AI, despite the marketing hype in the media, is not yet a ‘silver bullet’ or an all-encompassing fix when it comes to procurement. It will not solve everything on day one, but it will change how a procurement function operates and will no doubt drive efficiency alongside data accuracy and linkage. Now, more than ever, having a skilled Procurement team alongside cutting-edge technologies like AI is essential for unlocking new efficiencies and elevating procurement to the next level. AI will make a procurement team even more data driven in their analysis and decision making. AI tools will allow procurement teams to sift through vast amounts of data quickly and will draw conclusions for review and assessment. The power of being data driven should not be underestimated and as the American composer and economist W. Edwards Deming once said, “Without data, you’re just another person with an opinion, […] in God we trust; all others bring data” [22]. Each and every organisation must carefully consider how to leverage AI-generated data effectively. While AI can enhance procurement processes, an experienced procurement team remains essential for defining and prioritising key challenges, navigating contract negotiations, and implementing structured cost-reduction strategies. The human touch — particularly in managing and driving commercial supplier relationships — will continue to be a vital component of procurement. While relationship management may not be the single most important aspect of supplier management, it is undeniably critical. It encompasses relationship-building, communication, collaboration, and trust: elements that are fundamental to maximising supplier value and mitigating risks. Supplier management is more than just overseeing transactions; it demands a proactive approach that fosters strong partnerships. AI can revolutionise data management, but it must be complemented by the human expertise that ensures strategic decision-making, relationship stewardship, and long-term supplier success. One could argue that it is easy to get lost in an AI discussion or defining a procurement strategy, but bottom-line supplier relationship management is critical and integral for any procurement department to be successful. If you cannot build, leverage and maintain relationships, you shouldn’t be at the table. The Current State of AI in Procurement Generative AI (GenAI) is having the same disruptive effect in procurement that it is in many other business areas, initially by completing quite simple tasks with incredible speed, accuracy and efficiency. This includes automating routine tasks, providing actionable insights from data sets, and freeing up time for your teams to focus on higher-level tasks such as managing processes and vendor relationships. Below we highlight which tasks can be successfully enhanced or supported by AI. AI-Powered Procurement Automation For business leaders, AI is the tireless digital assistant that procurement teams have long needed. By automating tedious tasks like purchase order processing, linking third-party costs back to revenue services to strive for gross margin clarity, invoice management, and contract administration, AI frees professionals to focus on strategic initiatives. The impact is substantial: according to recent data, 45% of AI investments in procurement are focused on contract automation, highlighting organisational priorities for efficiency improvement and error reduction [1]. Real-world implementation has shown significant results. For example, a global manufacturing company deployed AI to automate invoice processing, reducing errors by 80% and cutting processing time by half [1]. Data-Driven Decision-Making AI spares procurement from wading through hours of paperwork, a process that is time-consuming and prone to cascades of errors. Rather than being overwhelmed by huge data sets and unsure on which useful information to extract, AI does this with much more precision and many orders of speed. With AI-driven analytics, procurement teams can manage and link multiple data sets, identify trends, and make more informed purchasing decisions in real time. McKinsey reports that procurement leaders implementing AI-driven analytics have accelerated supplier selection by 30%, demonstrating the significant impact on workflow efficiency [1]. The Rise of Agentic AI in Procurement While traditional AI has already made significant inroads in procurement, a more advanced form — Agentic AI — is now emerging as a step-change for the profession. What is Agentic AI? Agentic AI represents the next phase in artificial intelligence models. Unlike previous automation tools that require human oversight for key decisions, AI agents can operate independently, leveraging machine learning, predictive analytics, and natural language processing to interact with suppliers, assess risks, and optimise sourcing strategies with minimal supervision[4]. According to The Hackett Group's 2025 Procurement Agenda and Key Issues Study, Agentic AI is the top trend impacting procurement this year, alongside digital procurement and automation[4]. The technology is expected to disrupt nearly 50% of procurement activities over the next five to seven years, creating entirely new opportunities for strategy[4]. The outlook for procurement teams might be more climatic, depending on the consistency and accuracy of Agentic AI. These models will be capable of independent reasoning and it currently unclear how close this will bring us to Artificial General Intelligence (AGI). Adoption Trends and Strategic Focus The shift in Agentic AI from concept to a reality might be surprisingly rapid. A recent survey by ProcureCon found that 90% of procurement leaders are considering AI agents for optimising their procurement functions[4]. This technology is becoming central to orchestrating complex procurement activities with unprecedented efficiency — from sourcing and contract negotiations to spend classification, supplier onboarding, compliance, and risk assessment. There is relatively little data or evidence at this point to suggest the likely error-rate among these agents and to what degree all results and actions will need to be checked and validated by human teams. It is also underappreciated that in order to successfully implement AI, businesses must have set up basic data structures, metadata, and processes. A significant number of companies are not yet ready to adopt these technologies and must get their house in order first. Implementation is a potentially complex and expensive task, requiring long phases of design and testing to fine-tune the outputs. Benefits of AI Procurement The adoption of AI in procurement delivers multiple advantages that will enhance organisational performance across various metrics. We look at the key advantages below: Cost Reduction & Efficiency Gains AI implementation in procurement delivers measurable financial benefits. McKinsey highlights a 10% reduction in procurement costs through AI adoption[1]. By automating routine tasks, businesses reduce labour costs while simultaneously increasing throughput and accuracy. Enhanced Supplier Management AI transforms supplier relationships by providing deeper insights into supplier performance, risk profiles, and market dynamics. This enables procurement teams to make more informed decisions about supplier selection, negotiation strategies, and relationship management. Agentic AI will bring predictive analytics that will be able to flag and correct issues in your supply chain before they occur. Improved Risk Management Leading AI platforms apply advanced machine learning techniques to uncover signals in supplier data that indicate potential disruptions, from financial issues and bankruptcy risks to geopolitical challenges, climate events, and cyber threats. This allows procurement teams to mitigate risks proactively rather than reactively, creating a significantly lower threat to spend, compliance and reputational damage[6]. Contract Intelligence Natural language processing tools extract insights from legacy contracts and external databases to benchmark terms. AI can negotiate agreements with suppliers in real-time chat sessions, optimise renewals, and highlight risks — significantly reducing the manual burden on procurement teams. Smart contracts can then self-execute when conditions are met and provide comprehensive audit trails[6]. See our separate article on AI in Contract Management for more details: https://www.cambridgemc.com/how-to-successfully-integrate-ai-into-your-contract-lifecycle-management Challenges in Implementing AI in Procurement Despite the clear benefits, companies face several significant challenges when implementing AI in their procurement functions. Data Quality & Availability AI systems require vast amounts of accurate data to function effectively. Many supply chains struggle with data silos and inconsistent formats, making it difficult to create the comprehensive, high-quality datasets needed for AI[2]. Data fragmentation across different systems — legacy platforms, ERP systems, sensors, and IoT devices — creates integration challenges that can undermine the effectiveness of AI [8]. Integration with Existing Systems Many legacy procurement systems were not designed to integrate with modern AI technologies, leading to compatibility issues and potential disruptions in system functionality [2]. This technical challenge often requires significant IT resources to overcome. Implementation Costs Implementing AI involves substantial initial expenses for software, hardware, and skilled personnel. Additionally, there are ongoing costs to retrain AI models as business environments evolve [2]. These financial considerations can be barriers to adoption, particularly for smaller organisations. Internal Resistance Resistance to adopting new technologies often stems from a lack of understanding, fear of job displacement, or discomfort with changing established workflows[2]. This human factor can significantly slow or derail AI implementation efforts if not properly addressed with training, careful messaging and change management methodologies. Data Security Concerns As AI systems process sensitive procurement data, including confidential pricing information and intellectual property, security becomes a critical concern. Businesses must engage comprehensive data protection measures while still enabling AI systems to access the information they need. Responsible AI As well as data security concerns, there is also a strong need and argument for companies to strive for fitness and non-discrimination when it comes to AI. Companies should have an AI Risk and Assessment process in place to ensure that data bias is avoided and that ethical guidelines when it comes to data analysis and management are followed. The ‘AI Ethics Guidelines Global Inventory (AEGGI)’, created by Algorithm Watch, currently contains 167 sets of principles and guidelines, which it recommends should be followed, and there are also responsible AI training tools available, such as Google’s ‘People & AI Guidebook’ and Omidyar Networks ‘Ethical Explorer’, that can be used. Additionally, new legislation is also being introduced, for example, the ‘EU’s Artificial Intelligence Act’, to ensure that AI is used responsibly. It’s widely acknowledged that 8 core principles should be assessed and evaluated when developing AI accountability [20]: Privacy & Security Reliability & Safety Transparency & Explainability Fairness & Non-discrimination Professional Responsibility Human Control Promotion of Human Values Strategies for Successful AI Implementation To overcome implementation challenges and maximise the benefits of AI in procurement, you should consider the following strategies: Establish Strong Data Foundations Before diving into AI adoption, you must ensure that your business has the right data infrastructure in place. This includes: Improving data quality, governance, and standardisation Integrating disparate data sources Establishing real-time data capabilities, which are prerequisites for effective AI implementation[4] Implementing foundational tools like spend analysis and decision optimisation[1] Take a Targeted Approach Rather than attempting wholesale transformation, you should: Identify specific areas where AI can complement existing processes Focus initial implementation on high-value, low-complexity use cases Use AI where it adds the most value rather than applying it universally [1] Consider a phased implementation approach Address the Human Element Successful AI implementation requires careful attention to the people involved: Equip your workforce with the skills to leverage AI effectively Implement comprehensive change management strategies Educate employees about how AI will enhance their roles rather than replace them Rethink how procurement teams interact with AI-driven systems [4] Balance AI with Human Intelligence The most effective procurement functions will be those that: Combine the efficiency of AI with human judgment and expertise Preserve crucial human skills in negotiation, relationship management, and strategic decision-making Use AI to augment human capabilities rather than replace them entirely [1] Create collaborative human-AI workflows that maximise the strengths of both approaches Conclusion: Blending AI & Human Expertise AI is fundamentally reshaping procurement, transforming it from a primarily transactional function to a strategic and predictive driver of value. From automating routine tasks to enabling sophisticated predictive analytics and autonomous decision-making, AI technologies are creating unprecedented opportunities for efficiency, intelligence, and innovation. While implementation challenges exist, businesses that approach AI adoption strategically, with proper attention to data foundations, targeted use cases, and human factors, can realise significant benefits. As we look into the near future, the most successful procurement functions will be those that effectively blend AI capabilities with human expertise, creating a powerful synergy that drives an ongoing competitive advantage. Cambridge MC: Your Partner for AI-Powered Procurement Implementing AI in procurement requires specialised expertise and experience. Cambridge Management Consulting (Cambridge MC) offers you the guidance needed to navigate this complex transformation successfully. We have dedicated Data and AI teams as well as a deep background in procurement and contract management expertise. Comprehensive Implementation Support Cambridge MC offers: Strategic assessment of procurement AI opportunities Roadmap development for AI implementation Integration of AI solutions with existing procurement systems Change management support to ensure successful adoption Ongoing optimisation of AI-powered procurement processes Get in touch with Andy Everest or one of our procurement experts to discuss your current needs and any issues pertaining to AI and procurement. Use the form below or email: aeverest@cambridgemc.com . Visit our Commercial & Procurement page: https://www.cambridgemc.com/procurement-and-commercial Citations [1] https://consultingquest.com/insights/generative-ai-in-procurement/ [2] https://www.linkedin.com/pulse/6-key-challenges-ai-implementation-supply-chain-industry-chris-clowes-1r67c [3] https://www.oracle.com/scm/ai-in-procurement/ [4] https://www.gep.com/blog/technology/agentic-in-procurement-overview-benefits-implementation [5] https://futuria.ai/futuria-and-cambridge-management-consulting-announce-innovative-ai-driven-partnership/ [6] https://www.gep.com/blog/technology/how-ai-is-revolutionizing-the-procurement-cycle [7] https://impact.economist.com/perspectives/strategy-leadership/ai-demands-new-era-procurement-skills [8] https://www.qservicesit.com/9-common-challenges-in-supply-chain-management-with-ai [9] https://precoro.com/blog/ai-in-procurement/ [10] https://www.cio.com/article/3853910/how-agentic-ai-can-deliver-profound-transformation-in-procurement.html [11] https://www.cambridgemc.com/futuria-and-cambridge-management-consulting-announce-innovative-ai-driven-partnership [12] https://www.spendflo.com/blog/ai-in-procurement-orchestration [13] https://media-publications.bcg.com/BCG-Executive-Perspectives-Future-of-Procurement-with-AI-2025-27Feb2025.pdf [14] https://pmc.ncbi.nlm.nih.gov/articles/PMC11788849/ [15] https://www.cappo.org/news/660146/Pros-and-Cons-of-Using-Artificial-Intelligence-for-Procurement.htm [16] https://pactum.com/understanding-agentic-ai-in-procurement-how-autonomous-ai-has-been-transforming-supplier-deals/ [17] https://digitalisationworld.com/news/67692/qarbon-technologies-collaborates-with-cambridge-management-consulting [18] https://www.coupa.com/blog/ai-in-procurement/ [19] https://suplari.com/10-procurement-job-roles-most-impacted-by-ai/ [20] https://stockiqtech.com/blog/disadvantages-ai-supply-chain/ [21] ‘ Responsible AI: Principles and Practical Applications ’ – LinkedIn Course, By: Tsu-Jae Liu, Brandie Nonnecke , and Jill Finlayson ( https://www.linkedin.com/learning-login/share?forceAccount=false&redirect=https%3A%2F%2Fwww.linkedin.com%2Flearning%2Fai-accountability-build-responsible-and-transparent-systems%3Ftrk%3Dshare_ent_url%26shareId%3DhTdANzytTi28DI30mdTN%252BQ%253D%253D ) [22] Top 200 W. Edwards Deming Quotes (2025 Update). QuoteFancy . https://quotefancy.com/w-edwards-deming-quotes.

UK universities are under mounting financial pressure; in 2024, the Office for Students (OfS) warned that 72% of universities in England could be operating at a deficit by the 2025-26 academic year. While institutions such as Durham University and Newcastle University are already being forced to reduce their workforce by the hundreds, Cardiff University is also discontinuing certain degree programmes, particularly nursing, music, and modern languages. In this article, we will analyse the root causes of these challenges, including the declining student population, rising infrastructure costs, and the inability of tuition fees to keep pace with inflation – all of which pose long-term threats to the entire academic ecosystem. We Don’t Need No Education: Why the Student Population is Declining Despite decades of steady growth, the UK is now experiencing an unprecedented decline in university enrolments. Where initial projections anticipated that applications could surpass one million by 2030, more recent predictions suggest a potential drop of around 7% between 2030 and 2035, and up to 20% by 2040. This decrease is particularly visible among three key groups: Gender imbalance: Despite a higher birthrate, there is a significant deficit of male students compared to their female counterparts. Underprivileged students: While access had improved over the past two decades for those from underprivileged backgrounds to attend university, progress has since stalled in the past few years. International students: UK universities are also experiencing a sudden downturn in the numbers of international students by 40-50%, a major revenue loss. Tuition fees alone aren’t to blame; adjusted for inflation, the £9,000 fee of 2012 will only be worth £5,800 in real terms by 2025. Alongside the price of enrolling, cultural factors also have a hand in deterring applications. Political figures and media rhetoric have questioned the value of certain degrees, undermining public confidence in higher education. Furthermore, several of the most prestigious universities are lowering their entry requirements and widening their pool, and in doing so reducing the number of students to other universities. This severe decrease in student numbers has the potential to cause a worst-case reduction in net annual income for universities by £9.7bn. This means that up to 176 institutions could be in deficit if there is no growth in either domestic or international students. Another Brick in the Wall: The Impact of Infrastructural Costs Expecting continued growth, many universities have already invested heavily into building and infrastructural projects. An article published in 2021 revealed that the debt burden pressurising the UK’s 20 largest universities had increased from £6.3bn to £9.5bn (50%) since 2016. This debt will only grow if, as the current statistics anticipate as likely, these new facilities will not reach the capacity to make them profitable. An added burden is the discovery of Reinforced Autoclaved Aerated Concrete (RAAC) in at least fifteen universities (as of 2023). RAAC is a lightweight alternative to regular concrete used commonly between the 1950s and 1990s; with a lifespan of only 30 years and vulnerability to moisture, RAAC has proven structurally unsound, and could cost up to £1m per building to replace. Tuition Fees-ible? The Problem of Inflation As the most substantial source of university income, tuition fees are uniquely vulnerable to inflation. Having been capped at £9,250 since 2017, universities are one of the only industries whose primary source of income has not matched the otherwise steep incline in the rate of inflation, and are now worth just £5,925. The cumulative financial impact of the freeze comes to a loss of around £6bn in real terms since the freeze, with the pace of loss only accelerating each year. Even with a modest rise to £9,535 in the 2025-26 academic year, this increase of 3.1% will not close the gap. Fee caps, though political motivated to protect accessibility, may be unsustainable without alternative funding mechanisms. Without reform, universities could lose a further £17bn over four years. Back to the Mortarboard: Manoeuvring Financial Strain Universities are urged to respond proactively to these challenges. Leo Hannah of TechnologyOne emphasises the criticality of technology in getting the most out of a university’s budget, arguing that higher education entities must prioritise long-term forecasting and streamlined and comprehensive data to make robust, informed decisions. Peter Mandelson suggested linking tuition fees to inflation, as a ‘stabilising move ahead of further much-needed reform both to improve university finances and make the loans system fairer for individuals’. On the other hand, Universities UK highlight the need for internal reform, encouraging universities to ‘increase efforts to widen access, improve the efficiency of their operations, support economic growth, enhance their local and civic roles, and improve outcomes for students.’ Professor Susan Lea, former Vice Chancellor or Hull, emphasises purposeful leadership and culture change: ‘Leadership is primarily about social change on two levels: social change within the university to maximise delivery of an institution’s strategy and academic mission […] and social change beyond the university through, among other things, educating the next generation’. How Cambridge MC Can Help At Cambridge Management Consulting, we help universities respond to financial pressures with clarity and confidence. Our Public Sector & Education team combines deep sector experience with hands-on expertise in cost reduction, efficiency, and financial sustainability. We work with leadership teams to identify and unlock savings, streamline operations, and ensure funding it directed where it delivers the most value. Our proven cost reduction service focuses on actionable insights, fast delivery, and long-term value – typically identifying savings of 10-20% across non-pay spend, procurement, and process improvement. Combined with our digital and culture transformation support, we can help your institution stay financially resilient and future-ready. Learn more about how Cambridge MC can support the Education Sector here .

What is the Contract Lifecycle Management and Why does it Matter? The future success of your business depends on realising the value that’s captured in its contracts. From vendor agreements to employee documents, everywhere you look are commitments that need to be met for your business to succeed. The type of contract and the nature of goods or services it covers will determine what sort of management activities might be needed at each stage. How your company is organised will also determine which departments or individuals are responsible for what activities at each stage. Contract Lifecycle Management, from a buyer's perspective, is the process of defining and designing the actual activities needed in each stage for any specific contract, allocating ownership of the activities to individuals or groups, and monitoring the performance of those activities as the contract progresses through its lifecycle. The ultimate aim is to minimise surprises, ensure the contracted goods or services are delivered by the vendor in accordance with the contract, and realise the expected business benefits and value for money. The Problem of Redundant Spend in Contracts Despite the built-in imbalance of information favoring suppliers, companies still choose to oversee these vendors internally. However, many adopt a reactive, unstructured approach to supplier management and struggle to bridge the gap between contractual expectations and actual performance. Currently, where governance exists, it is often understaffed, with weak, missing, or poorly enforced processes. The focus is primarily on manual data collection, validation, and basic retrospective reporting of supplier performance, rather than on proactively managing risk, relationships, and overall performance. The amount of redundant spend in contracts can vary widely depending on the industry, the complexity of the contracts, and how rigorously they are managed. For further information on this, Cambridge MC’s case studies provide insights into typical ranges and common sources of redundant spend. As a general estimate, industry analysts often state that redundant spend can account for as much as 20% of total contract value. In some cases, especially in poorly managed contracts, this can be much higher. What is AI-driven Contract Management? Artificial Intelligence (AI) is redefining contract management, transforming a historically time-consuming and manual process into a streamlined, efficient, and intelligent operation. Traditionally, managing contracts required legal teams to navigate through extensive paperwork, drafting, reviewing, and monitoring agreements — a process prone to inefficiencies and human error. With the emergence of artificial intelligence, particularly generative AI and natural language processing (NLP), this area of operations is undergoing a paradigm shift. This step change is not without concerns however, as there are the inevitable risks of AI hallucinations, training data biases and the threat to jobs. AI-driven contract management solutions not only automate repetitive tasks but also uncover valuable insights locked up in contract data, improving compliance and reducing the risks that are often lost in reams paperwork and contract clauses. Put simply, AI can automate, analyse, and optimise every aspect of your contract lifecycle. From drafting and negotiation to approval, storage, and tracking, AI-powered platforms enhance precision and speed across these processes; in some cases reducing work that might take several days to minutes or hours. By discerning patterns and identifying key terms, conditions, and concepts within agreements, AI enables businesses to parse complex contracts with ease and efficiency. In theory, this empowers your legal and contract teams (rather than reducing them), allowing personnel to focus on high-level tasks such as strategy rather than minutiae. However, it is important to recognise that none of the solutions available in the marketplace today offer companies an integrated supplier management solution, combining a comprehensive software platform, capable of advanced analytics, with a managed service. Cambridge Management Consulting is one of only a few consultancies that offers fully integrated Contract Management as a Service (CMaaS). Benefits of Integrating AI into your Contract Lifecycle Management Cambridge MC’s Contract Management as a Service (CMaaS) 360-degree Visibility: Enable your business to gain 360-degree visibility into contracts and streamline the change management process. Real-time Data: Gain real-time performance data and granularly compare it against contractually obligated outcomes. More Control: Take control of your contracts and associated relationships with an integrated, centralised platform. Advanced meta data searches provide specific information on external risk elements, and qualitative and quantitative insights into performance. Reduces Costs: By automating manual processes, businesses can significantly reduce administrative costs associated with contract management. AI-based solutions eliminate inefficiencies in the contract lifecycle while minimising reliance on external legal counsel for routine tasks. Supplier Collaboration: Proactively drive supplier collaboration and take a data-driven approach towards managing relationships and governance process health. Enhanced Compliance: AI tools ensure that contracts adhere to internal policies and external regulations by flagging non-compliant clauses during the drafting or review stage. This proactive approach reduces the risk of costly disputes or penalties. Reduces Human Errors: In traditional contract management processes, human errors can lead to missed deadlines and hidden risks. AI-powered systems use natural language processing to identify inconsistencies or inaccuracies in contracts before they escalate into larger issues. Automates Repetitive Tasks: AI-powered tools automate time-consuming tasks such as drafting contracts, reviewing documents for errors, and extracting key terms. This frees up legal teams to focus on higher-value activities like strategic negotiations and risk assessment. We can accurately model and connect commercial information across end-to-end processes and execution systems. AI capabilities then derive and apply automated commercial intelligence (from thousands of commercial experts using those systems) to error-proof complex tasks such as searching for hidden contract risks, determining SLA calculations and performing invoice matching/approvals directly against best-in-class criteria. Contract management teams using AI tools reported an annual savings rate that is 37% higher than peers. Spending and tracking rebates, delivery terms and volume discounts can ensure that all of the savings negotiated in a sourcing cycle are based on our experience of managing complex contracts for a wide variety of customers. Our Contract Management as a Service, underpinned by AI software tooling, has already delivered tangible benefits and proven success. 8 Steps to Transition Your Organisation to AI Contract Management Implementing AI-driven contract management requires a thoughtful and structured approach to ensure seamless integration and long-term success. By following these key steps your organisation can avoid delays and costly setbacks. Step 1 Digitise Contracts and Centralise in the Cloud: Begin by converting all existing contracts into a digital format and storing them in a secure, centralised, cloud-based repository. This ensures contracts are accessible, organised, and easier to manage. A cloud-based system also facilitates real-time collaboration and allows AI to extract data from various file formats, such as PDFs and OCR-scanned images, with ease. Search for and retrieve contracts using a variety of advanced search features such as full text search, Boolean, regex, fuzzy, and more. Monitor upcoming renewal and expiration events with configurable alerts, notifications, and calendar entries. Streamline contract change management with robust version control and automatically refresh updated metadata and affected obligations. Step 2 Choose the Right AI-Powered Contract Management Software: Selecting the right software is a critical step in setting up your management system. Evaluate platforms based on their ability to meet your organisation’s unique contracting needs. Consider key factors such as data privacy and security, integration with existing systems, ease of implementation, and the accuracy of AI-generated outputs. A well-chosen platform will streamline workflows while ensuring compliance and scalability. Step 3 Understand How AI Analyses Contracts: To make the most of AI, it’s essential to understand how it processes contract data. AI systems use Natural Language Processing (NLP) to interpret and extract meaning from human-readable contract terms, while Machine Learning (ML) enables the system to continuously improve its accuracy through experience. These combined technologies allow AI to identify key clauses, conditions, and obligations, as well as extract critical data like dates, parties, and legal provisions. Training your team on these capabilities will help them to understand the system and diagnose inconsistencies. Step 4 Maintain Oversight and Validate AI Outputs: While AI can automate repetitive tasks and significantly reduce manual effort, human oversight is indispensable. Implement a thorough process for spot-checking AI-generated outputs to ensure accuracy, compliance, and alignment with organisational standards. Legal teams should review contracts processed by AI to verify the integrity of agreements and minimise risks. This collaborative approach between AI and human contract management expertise ensures confidence in the system. Step 5 Refine the Data Pool for Better Results: The quality of AI’s analysis depends heavily on the data it is trained on. Regularly refine and update your data pool by incorporating industry-relevant contract examples and removing errors or inconsistencies. A well-maintained data set enhances the precision of AI outputs, enabling the system to adapt to evolving business needs and legal standards. Step 6 Establish Frameworks for Ongoing AI Management: To ensure long-term success, set clear objectives and measurable goals for your AI contract management system. Define key performance indicators (KPIs) to track progress and prioritise features that align with your organisation’s specific requirements. Establish workflows and governance frameworks to guide the use of AI tools, ensuring consistency and accountability in contract management processes. Step 7 Train and Empower Your Teams: Equip your teams with the skills and knowledge they need to use AI tools effectively. Conduct hands-on training sessions to familiarise users with the platform’s features and functionalities. Create a feedback loop to gather insights from your team, allowing for continuous improvement of the system. Avoid change resistance by using change management methodologies, as this will foster trust in the technology and drive successful adoption. Step 8 Ensure Ethical and Secure Use of AI: Tools Promote transparency and integrity in the use of AI-driven contract management. Legal teams should have the ability to filter sensitive information, secure data within private cloud environments, and trace data back to its source when needed. By prioritising data security and ethical AI practices, organisations can build trust and mitigate potential risks. With the right tools, training, and oversight, AI can become a powerful ally in achieving operational excellence as well as reducing costs and risk. Overcoming the Technical & Human Challenges While the benefits are compelling, implementing AI in contract management comes with some unique challenges which need to be managed by your leadership and contract teams: Data Security Concerns: Uploading sensitive contracts to cloud-based platforms risks data breaches and phishing attacks. Integration Complexities: Incorporating AI tools into existing systems requires careful planning to avoid disruptions and downtime. Change Fatigue & Resistance: Training employees to use new technologies can be time-intensive and costly. There is a natural resistance to change, the dynamics of which are often overlooked and ignored, even though these risks are often a major cause of project failure. Reliance on Generic Models: Off-the-shelf AI models may not fully align with your needs without detailed customisation. To address these challenges, businesses should partner with experienced providers who specialise in delivering tailored AI-driven solutions for contract lifecycle management. Case Study 1: The CRM That Nobody Used A mid-sized company invests £50,000 in a cutting-edge Customer Relationship Management (CRM) system, hoping to streamline customer interactions, automate follow-ups, and boost sales performance. The leadership expects this software to increase efficiency and revenue. However, after six months: Sales teams continue using spreadsheets because they find the CRM complicated. Managers struggle to generate reports because the system wasn’t set up properly. Customer data is inconsistent, leading to missed opportunities. The Result: The software becomes an expensive shelf-ware — a wasted investment that adds no value because the employees never fully adopted it. Case Study 2: Using Contract Management Experts to Set Up, Customise and Provide Training If the previous company had invested in professional services alongside the software, the outcome would have been very different. A team of CMaaS experts would: Train employees to ensure adoption and confidence in using the system. Customise the software to fit business needs, eliminating frustrations. Provide ongoing support, so issues don’t lead to abandonment. Generate workflows and governance for upward communication and visibility of adherence. The Result: A fully customised CRM that significantly improves the Contract Management lifecycle, leading to: more efficient workflows, more time for the contract team to spend on higher value work, automated tasks and event notifications, and real-time analytics. With full utilisation and efficiency, the software delivers real ROI, making it a strategic investment instead of a sunk cost. Summary AI is reshaping the way organisations approach contract lifecycle management by automating processes, enhancing compliance, reducing risks, and improving visibility into contractual obligations. From data extraction to risk analysis, AI-powered tools are empowering legal teams with actionable insights while driving operational efficiency. However, successful implementation requires overcoming challenges such as data security concerns and integration complexities. By choosing the right solutions, tailored to their needs — and partnering with experts like Cambridge Management Consulting — businesses can overcome the challenges and unlock the full potential of AI-based contract management. A Summary of Key Benefits Manage the entire lifecycle of supplier management on a single integrated platform Stop value leakage: as much as 20% of Annual Contract Value (ACV) Reduce on-going governance and application support and maintenance expenses by up to 60% Deliver a higher level of service to your end-user community. Speed without compromise: accomplish more in less time with automation capabilities Smarter contracts allow you to leverage analytics while you negotiate Manage and reduce risk at every step of the contract lifecycle Up to 90% reduction in creating first drafts Reduction in CLM costs and extraction costs How we Can Help Cambridge Management Consulting stands at the forefront of delivering innovative AI-powered solutions for contract lifecycle management. With specialised teams in both AI and Contract Management, we are well-placed to design and manage your transition with minimal disruption to operations. We have already worked with many public and private organisations, during due diligence, deal negotiation, TSAs, and exit phases; rescuing millions in contract management issues. Use the contact form below to send your queries to Darren Sheppard , Senior Partner for Contract Management. Go to our Contract Management Service Page

6 May 2025 – Stanley, Falkland Islands – United Kingdom (UK) based consultancy firm Cambridge Management Consulting (Cambridge MC) will establish a new IT and professional services business in the Falkland Islands after securing support from the Falklands Islands Development Corporation (FIDC), the former having since established Falklands IT (FIT), which will begin offering a full suite of managed IT services and professional services to the entire Falkland Islands starting from 1st June 2025. Cambridge MC was selected following a rigorous process and proposal submission to the FIDC Board, which determined the company would move quickly to expand its in-country operations in IT services, offering a mix of permanent, on-Island support in IT equipment, and systems and applications, as well as full remote support services to begin offering a full suite of IT services to meet the needs of the Falkland Islands. Additionally, Cambridge MC will also offer project-based IT work for the business community and Falkland Islands Government (FIG). As part of the support, FIDC is providing a cost-neutral, unsecured loan to Cambridge MC, to be repaid to FIDC over a period of years, as the newly established FIT entity grows. Tim Passingham, Chairman of Cambridge MC: “We are delighted to be selected for this partnership and consider it an enormous privilege to be asked to help the Falklands as it seeks to dramatically improve its digital skills and grow its digital economy. The Cambridge MC – and new Falklands IT (FIT) team – are looking forward to working with the businesses, government, and the community to address their IT needs, plus helping with the wider digital transformation of the Falkland Islands for the benefit of all the people living and working on the Islands.” Zachary Franklin, Managing Director of FIDC: “FIDC was impressed with the proposal from Cambridge MC, its range of proposed IT services, mix of local and remote support, and the development of a much-needed industry in the Falkland Islands. FIDC is happy to support Cambridge MC and the FIT team as they establish themselves in the Falkland Islands and help grow the IT services industry locally.” About Cambridge Management Consulting Cambridge Management Consulting (Cambridge MC) is an international consulting firm that helps governments and companies of all sizes have a better impact on the world. Founded in Cambridge, UK, initially to help the technology start-up community, Cambridge MC has grown to over 200 consultants working on projects in 22 countries. Its capabilities focus on supporting the private and public sector with their people, process and digital technology challenges. What makes Cambridge Management Consulting unique is that it doesn’t employ consultants — only senior executives with real industry or government experience and the skills to advise their clients from a place of true credibility. The team strives to have a highly positive impact on all the organisations they serve. Cambridge Management Consulting has offices or legal entities in Cambridge, London, New York, Paris, Dubai, Tel Aviv, Singapore, Prague, Helsinki, and the Falkland Islands, with further expansion planned in the near future. For more information visit: www.cambridgemc.com About the Falkland Islands Development Corporation (FIDC) Falkland Islands Development Corporation (FIDC) acts as the national economic development agency for the Falkland Islands and is tasked to develop the commercial sector of the Falkland Islands. Now in its fortieth year of operation, FIDC is a quasi-autonomous government-funded body, which currently operates with an annual budget of approximately £1 MM per annum. For more information, visit: www.fidc.co.fk Media Contacts Cambridge MC: Karl Salter, ksalter@cambridgemc.com FIDC: Jane Clarke, Marketing and Communications Officer, communications@fidc.co.fk

The Naze is a unique headland that extends northwards from the seaside town of Walton-on-the-Naze. Derived from the old English word ‘naes’ meaning promontory or, quite literally, nose, the Naze is the most easterly peninsula in Essex. The Naze's extensive tidal creeks, islands, and salt marshes form part of the 2000 acre Hamford Water National Nature, a wetland of international importance for migratory birds. This evocative landscape was the inspiration for Arthur Ransome's 'Secret Water’, part of the Swallows and Amazons series. The Naze cliffs are a designated a Site of Special Scientific Interest. Just a short stroll along the beach offers glimpses into its rich natural history, with sharks’ teeth, shells, and fossils scattered along the shore. The cliffs offer a fascinating strata, including London Clay formed about 50 million years ago in a subtropical sea and sands called the Red Crag from about 3 million years ago. The Naze is also home to a diverse collection of wildlife. It is home to migratory and nesting birds such as the Dark Bellied Brent Goose, Sedge Warbler, and Whitethroat. There is also a large colony of seals. They can be seen sunbathing on mudflats in the backwaters or bobbing about in the waves. Beyond its environmental significance, the Naze is vital to the local community and visitors. It attracts 200,000 visitors each year. The Hamford Water area also provides local employment with a marine industry supporting 200 jobs for Walton, light industrial sites, and farmland contributing to the local economy. Coastal landscapes like the Naze are increasingly recognised for their intangible cultural value, providing communities with wellbeing and mental health benefits. The iconic Naze Tower, a Grade 2* listed navigation mark built in 1720, is a beloved landmark offering museum exhibits, an art gallery, a cafe, and educational visits about the history, geology, and erosion of the Naze. Coast Under Threat Unfortunately, this invaluable environment is under significant threat from coastal erosion. For many years, the rate of erosion was measured at 1.5 metres per year. Yet, in the last ten years, this has accelerated to between 3-5 metres in some areas. Extreme winter weather and tidal events, often compounded by surge events, drive much of this erosion. Heavy rain saturates the cliffs, causing increased slumping, while high tides with greater wave energy claw away soft cliff sediments. Beach sands are also constantly moving along the exposed shoreline. The soft sediment layers in the cliffs become waterlogged and wash out in the winter, leading to collapse that is then swept away by the sea. Even without sea effects, the cliffs are inherently unstable due to soil behaviour and stress changes. The policy on open coasts allows erosion, and government funding for sea defence typically focuses on protecting property, which the Naze, as an open coast area, does not normally qualify for. At this accelerated rate, the north end of the Naze could be lost to the sea within ten years. This would mean the sea breaching into Hamford Water, permanently changing tidal flow and impacting the fragile salt marshes, wildlife, and all who enjoy and visit this environment. The accelerated erosion is already impacting areas near existing structures. Naze Protection Society In response to these threats, the Naze Protection Society (NPS) was established in April 1997 as a registered charity. The NPS is community-focused, representing local residents and visitors. Their task is to promote the issues, work to define solutions, attract community commitment, and guide the delivery of securing the future of the Naze. They believe proactive intervention is required. The society works through partnerships, bringing together experience, resources, and determination. From 1997 to 2010, they promoted the Crag Walk project, which was built between 2010 and 2011. This rock revetment was designed to secure the Naze Tower cliff frontage. The NPS raised £250,000 from the local community and visitors as the catalyst for the £1.2 million project, which also involved Tendring District Council (TDC), Frinton and Walton Town Council, and Essex Wildlife Trust. The NPS is now setting a new fundraising target of £25,000 a year to deliver soft-engineered structures and build resilience into the whole of the north beach area. They aim to reduce the erosion rate back to 1m/year average and provide resilience against climate change impacts between 2025-2050. Saving The Naze: The Cliffline Project To update the community on their efforts and plans, the NPS is holding the Saving The Naze: The Cliffline Project event. This community event, aligned with World Environment Day, will take place on Saturday, June 14, 2025 , from 10am to 3pm at The Columbine Centre in Walton-on-the-Naze. The event aims to set out the NPS approach to the Cliffline Project, focusing on an affordable plan to slow erosion. It involves valuing everything the Naze and Hamford Water contribute to the community, wildlife, economy, and peace, and developing a plan using science, local expertise, and passion to adapt to the challenges of climate change. To find out more, see the full agenda and reserve a space, visit the Eventbrite page: https://www.eventbrite.com/e/saving-the-naze-the-cliffline-project-tickets-1267463420209?aff=oddtdtcreator How You Can Help the Naze The Naze Protection Society relies on community support to carry out its work. You can help protect this unique environment for local people and visitors for future generations to enjoy. Join: Become a member today for only £10 per year: https://nazeprotectionsociety.org/become-a-member/ Volunteer: Contribute your time and skills to help preserve the Naze: https://nazeprotectionsociety.org/get-involved/ Donate: Make a one-off donation to support the work of the Naze Protection Society. Your donation helps raise funds to promote and develop solutions to save this environment of unique historical and environmental importance: https://nazeprotectionsociety.org/donate/ Follow: Join them on social media to keep up to date with their work. You can find them on Facebook, Instagram, and Twitter. To find out more about joining, volunteering, or donating, please visit the Naze Protection Society website: https://nazeprotectionsociety.org/ If you have any other questions, please use the form below.

Pioneering Technologies for the Future of Urban Transformation Smart cities might sound like a utopian vision from the 1950s; something that sounds already out-of-date and perhaps even naive in our current geopolitical climate. But as urban spaces gradually implement a a series of technological leaps, the smart city emerges as a potential reality, offering a new way to unite communications with infrastructure via real-time feedback. Smart cities could dramatically enhance our quality of life, efficiency, and environmental stewardship. Given that cities are significant contributors to global emissions — responsible for approximately 70% of greenhouse gases — they will play a critical role in reaching net zero. Reflecting insights from the last Smart City Expo in Barcelona (November 2024) and a range of ambitious projects across the UK, this article delves into the strategic alignment of technology, infrastructure, and sustainability shaping today's urban landscapes. What Defines a Smart City? A smart city is fundamentally ‘a municipality that uses information and communication technology to increase operational efficiency, share information with the public, and improve the quality of government services and citizen welfare.’ While definitions vary, the overarching mission is to optimise city functions, drive economic growth, and enhance the quality of life through technology and data analysis. Smart city initiatives typically require three critical components: Networks of sensors and citizen participation to collect data Connectivity linking these networks to government systems Open data sharing to make results, changes, and improvements accessible to the public Developing this underlying infrastructure is complex and expensive. Crucially, it depends on strong relationships between government, the private sector, and citizens, as most of the work to create and maintain these data-driven environments happens through collaboration and public-private partnerships.

Edge computing, 5G, IoT and AI are contributing to a paradigm shift in retail that will imagine new possibilities made commercially viable by real-time data processing. In this article, we look at the convergence of these technologies and how they will offer a radical new vision of our high street by offering customers exciting new experiences that can rejuvenate in-store shopping and retail spaces. First, in Part 1, we look briefly at each technology and discuss the technical advantages they offer and how this supports new types of customer experience. Then in Part 2 we look at industry predictions about how the retail space might evolve over the next decade. Part I Edge Computing Edge computing involves processing data near its source rather than in a centralised location. In retail, this means deploying IT infrastructure in or near store venues where consumers interact with products. This ecosystem enables real-time decision-making and personalised customer experiences by analysing data from sensors and IoT devices within the store. Edge computing is a concept that applies to an integrated network of processing units, data centres and sensors that handle data close to the user. Micro Data Centres The compute part of edge computing needs to be housed in proper data centre facilities, to ensure that the expensive server equipment, especially those used by AI systems, are kept in the optimum conditions — this helps keep maintenance and operational costs down. Even though edge compute systems can be relatively compact, retailers will mostly be unwilling to give up valuable floor space for the IT equipment and its associated infrastructure (like cooling and electrical systems), so the more likely scenario is that smaller data centres will be used that can be located close by but in back-of-house areas, such as loading bays, car parks, warehouse areas and so on. These will often be operated as cloud services so that multiple retailers can benefit from edge compute without having to bear the upfront capital cost, and, most importantly, the ongoing maintenance required to keep them operational. 5G 5G networks offer high-speed connectivity and low latency, which are crucial for supporting advanced retail technologies like augmented reality (AR) and Internet of Things (IoT) applications. The increased bandwidth allows for seamless integration of online and offline shopping experiences, enabling features like virtual try-ons and real-time product comparisons. This connectivity supports personalised marketing strategies that take place in real time and deliver targeted promotions in store. Internet of Things (IoT) The Internet of Things (IoT) refers to a network of interconnected devices, machines, and sensors that collect, store, and transfer data over the internet. These devices are embedded with sensors, software, and network connectivity, allowing them to communicate with each other and with other internet-enabled systems. IoT plays a crucial role in enhancing the retail experience by providing real-time data on customer behaviours, security risks, buying preferences, inventory supply levels and daily operations. IoT devices will principally include cameras but also a range of other sensors such as RFID tags and smart shelves.

How to Connect Rural Britain and the Hardest-to-Reach Customers The lack of rural connectivity in the UK has become a pressing issue , creating a digital divide that impacts individuals, businesses and farmers. Modern society relies on digital services, and the lack of access to reliable, high-speed internet is a pervasive social issue that results in digital exclusion for communities, depriving them of fundamental services like online banking, health care, and education. This lack of access has a further impact on social mobility, particularly when around 37% of workers in the UK spend at least one day a week working remotely. In 2021 the Public Accounts Committee published a report on improving broadband which states ‘1.6 million UK premises, mainly in rural areas, cannot yet access superfast [internet] speeds’. Since then, we are happy to report that there has been some progress. As of early 2025, approximately 98% of all UK households have access to high-speed broadband (defined as speeds of 30 Mbps or higher) . In rural areas, that figure is 89% — a decent improvement in the last few years. However, the gap is larger when we consider gigabit speeds: only 52% of rural households can connect to gigabit-capable broadband, compared to 87% in urban areas There is still a significant gap to plug, but things are moving in the right direction. This allows the focus to shift, in part, to the next phase: establishing a modern digital infrastructure which can support a digital-first strategy in public services, as well as encouraging local innovation, such as smart city programmes. The hope is that this infrastructure will drive inward investment which then create a virtuous circle, where as more infrastructure is built, more innovative businesses are attracted to the region, which in turn drives demand for more advanced infrastructure. In this article we look at the improvements in rural connectivity and the programmes and innovations which are most likely to have a social impact.

"Is it Snowing in Space?!" “Is it snowing in space?!” Asks a disgruntled Bill Murray in the film Groundhog Day when he is told that he cannot call out from the snowbound town of Punxsutawney, Pennsylvania. If there is a remake, Bill might not have to worry: signal dead zones may soon be a thing of the past due to recent advancements in satellite technology. Whereas the old picture of satellite communications was a scientist in the wilderness with a big clunky antenna, these days the technological payload is all in space. Recent advancements such as Low Earth Orbit (LEO) satellites, advanced beamforming, and the use of mobile spectrum bands means that any phone supporting 4G LTE can potentially receive satellite data directly. This integration of satellite and terrestrial networks is set to reshape the mobile industry, creating both opportunities and challenges for traditional mobile network operators (MNOs) and mobile virtual network operators (MVNOs). In this article we give an overview of the technological advancements, the major players in the market, and then consider the effects this will have on traditional wholesale mobile market structures; concluding with the emerging opportunities for new revenue and growth. The Evolution of Satellite Connectivity Historically, satellite communications operated independently from terrestrial networks, serving specialised markets with limited scalability and high entry barriers. However, recent advancements, particularly in Low Earth Orbit (LEO) satellite technology, have dramatically altered this scenario. The most well-known example is obviously SpaceX, which has played a pivotal role in democratising space: reducing barriers to entry and making satellite connectivity more scalable, performant, and accessible. SpaceX and other companies have found innovative ways to dramatically reduce costs. Since Sputnik 1 in 1957, launching payloads into space has been prohibitively expensive, with costs exceeding $100,000 per kilogram in the 1960s and averaging $16,000/kg for heavy payloads from 1970 to 2010. SpaceX’s innovations have brought these costs down through reusable rockets, vertical integration, economies of scale, and advancements in materials and manufacturing processes: leading to price points as low as $100 per kilogram in recent years. However, cost is just one of the barriers. The real gambit has been provided by Low Earth Orbit (LEO) satellites, which typically orbit at altitudes ranging from approximately 160 to 2,000 km and offer low-latency, high-speed connectivity — making them ideal for real-time applications and direct-to-device communications. The latest generation of technologies now enable LTE mobile phones to connect directly to satellites without specialised hardware, marking a significant milestone in mobile communications. The Major Satellite-to-Cell Players While SpaceX's Starlink has garnered the most attention, several other major companies are actively developing satellite-to-cell technologies and forming strategic partnerships with terrestrial mobile operators. As of April 2024, Starlink had established 15 partnerships with mobile carriers globally — including T-Mobile in the US. T-Mobile has structured its beta program to begin with text messaging capabilities, gradually expanding to include picture messages, data connectivity, and eventually voice calls. As of February 2025, it is reported that 7,086 Starlink satellites are in orbit, with 7,052 being operational. AST SpaceMobile has emerged as a significant innovator, achieving a historic milestone in April 2023 with the first-ever two-way voice call directly with an unmodified smartphone, via their BlueWalker 3 satellite. AST SpaceMobile launched its first five commercial satellites, the BlueBird 1-5 mission, on September 12, 2024, aboard a SpaceX Falcon 9 rocket. Lynk Global represents another significant player. In a recent expense report, it revealed that each satellite costs around $400,000 to build and up to $815,000 to launch into space. They hope to have up to 1000 satellites (for full continuous broadband coverage) in orbit by 2025 and 32 mobile network operator (MNO) partnerships by the end of 2025. The company has successfully demonstrated text messaging capabilities from satellites to standard cellular devices and continues to expand its constellation and service offerings. Huawei has partnered with China Telecom to demonstrate satellite-to-phone messaging capabilities, while Apple has worked with Globalstar to implement emergency satellite messaging features in recent iPhone models. Implications for Traditional Wholesale Mobile Market Structures Traditionally, the wholesale mobile market has been structured around MNOs, MVNOs, and wholesale aggregators. Revenue streams have typically included MVNO wholesale pricing, and IoT and machine-to-machine (M2M) solutions. However, the rise of satellite-to-cell technology poses potential threats to this established model. Disintermediation of MNOs and MVNOs Satellite-to-cell connectivity introduces the potential for disintermediation, where control traditionally held by MNOs could become fragmented across multiple parties in the value chain. As satellite providers increasingly offer direct-to-device services, traditional operators risk losing their central role in network management and customer relationships. Pricing Pressure on Wholesale Markets The increased availability and competition from satellite connectivity providers could exert downward pressure on wholesale pricing. As satellite services become more affordable and accessible, traditional wholesale providers may face challenges in maintaining their pricing structures and profitability. Competitive Pressure in IoT and Enterprise Applications Satellite connectivity is particularly well-suited for IoT and enterprise applications, especially in remote or challenging environments. As satellite-to-cell technology matures, traditional wholesale providers may face intensified competition in these segments, necessitating strategic adjustments to remain competitive. Emerging Opportunities in Satellite-to-Cell Connectivity Despite these challenges, the integration of satellite connectivity into mobile networks also presents substantial opportunities for innovation and growth. Forward-thinking operators can leverage satellite-to-cell technology to develop new business models and revenue streams. Hybrid Terrestrial-Satellite Subscription Models Providing Ubiquitous Connectivity Operators can offer hybrid subscription plans that seamlessly integrate terrestrial and satellite connectivity. Such models provide customers with uninterrupted coverage, enhancing user experience and creating differentiated service offerings. Wholesale Satellite Resale for MVNOs Satellite-to-cell technology opens new avenues for MVNOs to expand their service portfolios. By reselling satellite connectivity, MVNOs can offer enhanced coverage and reliability, particularly in underserved or remote regions, thereby attracting new customer segments. IoT and Enterprise-Focused Applications Satellite connectivity is a natural fit for IoT and enterprise applications, such as remote monitoring, asset tracking, and industrial automation. Mobile operators can forge strategic partnerships with satellite providers to deliver specialised solutions for these markets, tapping into new revenue opportunities. Emergency-Only and Disaster Recovery Plans Satellite-to-cell technology can play a crucial role in emergency and disaster recovery scenarios, providing a reliable backup to terrestrial networks when they are unavailable or overwhelmed. Operators can develop emergency-only plans that leverage satellite connectivity to ensure critical communications during crises. Conclusion Satellite-to-cell technology represents a convergence of space and terrestrial communications systems that promises to fundamentally alter global connectivity markets and players. The dramatic reduction in launch costs by a factor of 20 has enabled the deployment of massive satellite constellations that were previously economically unfeasible. The competitive landscape continues to evolve rapidly, with SpaceX, AST SpaceMobile, and Lynk, and traditional telecommunications companies all pursuing various technological approaches and business models. Commercial text messaging services are already becoming available through beta programs, with video calling capabilities demonstrated and voice calls progressing toward wider availability. The integration of 5G standards with satellite networks continues to advance through collaborative industry initiatives, with projections of a $50 billion market by 2032. As this technology continues to mature throughout 2025 and beyond, it promises to eliminate mobile dead zones and create new application possibilities that were previously unimaginable. The future of mobile communications is undoubtably hybrid: blending terrestrial and non-terrestrial networks into seamless connectivity solutions that follow users wherever they go. This has wide reaching implications for connectivity in remote and isolated regions, and offers perhaps the fastest and most cost-efficient route to bridging the digital divide. It will also transform how we respond in disaster zones and hazardous areas — increasing the ability to protect and save lives with faster and safer humanitarian and emergency services.

What Problem do Too Many SaaS Providers Have in Common? Many SaaS security providers have a history of treating important safety and security features as something to upsell. This raises the important question of whether a software vendor has a moral responsibility for the secure operation of their solution. In this article, we explore the implications of treating important security and safety features as an upsell, using Boeing as a test case of where this can go wrong. The Case of Boeing and the Aviation Industry The case against Boeing is emblematic of a more systemic issue across the aviation industry, and many other industries. The public became aware of this issue under tragic circumstances when the Lion Air and Ethiopian Air Boeing 737 Max airliners crashed in 2018 and 2019 respectively. According to the widely quoted New York Times article , the crash could have been avoided if the pilots had access to two safety features that were sold by Boeing as optional extras. According to the incident reports, at the root of the incident were the angle-of-attack sensors. These mechanical sensors operate in a similar fashion to a weathervane to measure whether the aircraft’s nose is pointing above or below the direction of airflow. Being mechanical, they may be prone to malfunction, perhaps jamming after having been installed incorrectly — as was believed to be the case for the Lion Air aircraft . The system that led to the aircraft’s demise, which identifies the risk of the aircraft stalling, only listened to one of the sensors. A difference in the signal being sent by the two sensors was not recognised by the anti-stall system; and the instruments that would have alerted the pilots to the conflicting signals were upsell items. This wasn’t a fancy, nice-to-have bell or whistle that makes the flight more comfortable, efficient, or profitable. It is an underlying safety feature of the aircraft. If there was no safety requirement for the redundancy of two sensors, it is difficult to see why there would ever be more than one. Boeing has now addressed the issue, and the anti-stall system listens to both sensors, responding safely in the event of conflicting signals. It should also be noted that the investigation identified pilot error and deficiencies in the training that contributed to the disasters (and this will be relevant to our points regarding many SaaS product decisions as well). The SaaS Parallels Cloud-delivered Software as a Service (SaaS) has revolutionised the tech industry, and catalysed a phenomenal level of innovation and growth. It has enabled new software capabilities to be brought to market faster than ever before, and facilitated the ability to reach a scale with costs defrayed across multiple customers that would have been unimaginable 30 years ago. However, the benefits of being able to access a service from anywhere, at any time, by anyone also presents significant risks. The ‘anyone’ can be a malicious party operating outside of the reach of law enforcement or extradition. As a result, there are clear commercial responsibilities placed on SaaS providers to secure their infrastructure from attack, and those that do not are unlikely to last long in the marketplace. But just like the aviation industry, there are different flavours of security, and different perceptions of what is considered essential. Taking due care and applying due diligence to ensure that the platform itself is adequately secured from a direct attack is clearly the vendor’s responsibility – but what about those elements of security that relate to risk owned by their customers? One key element of customer risk relates to the security of a user’s password. It is their responsibility to make sure they choose a long and random string drawn from upper case, lower case, numerical, and special characters (if allowed). It is also their responsibility to ensure that they do not ever use the same password for multiple applications or services. But, we know that compromised credentials is a common failure mode. Just because it is the user’s responsibility to mitigate this risk, this doesn’t mean that system developers do not also have some mutual responsibility to make it easier for the user to exercise that responsibility; controls have been developed specifically for that purpose. The most obvious ones are Multi Factor Authentication (MFA, or 2FA), and Single Sign On (SSO). With MFA, we improve the security of the credentials by also verifying that the user is in possession of their trusted device before we trust them at sign in. With SSO, we minimise the number of credentials and accounts to manage by federating with a single corporate account; we can then concentrate our effort to secure that corporate account rather than spreading our resources thinly. Both are relatively easily implemented these days, particularly in the case of SSO where the OAuth protocols are widely offered by Identity Providers. Once implemented, both are essentially free to operate, particularly if MFA uses an Authenticator app rather than SMS text messages. SaaS providers recognise that this security is important, and they will frequently implement MFA and SSO controls into their applications to meet that customer demand. But, too frequently, we see them only offered as part of the more expensive subscription options. This element of security is not enhancing the vendor’s core proposition; it is not making their offering more functional, better looking, or more efficient for their users. It is just making it more secure, and therefore to treat it as an item to upsell comes across as price-gouging rather than the responsible application of good security practice. It is almost as though these vendors have run out of innovative bells and whistles that their clients would value in their core product, so they have had to resort to undermining the security of their cheaper options in order to encourage their customers to pay for their more expensive ones. It is equivalent to a bank only using the CSC code on a card to secure transactions for customers who pay for their premium banking services, because, after all, it is the customer’s responsibility to protect their card details. Conclusion What we have described here is not universal, and probably is not even representative of the majority of SaaS providers. But, when you are reviewing a new service, we urge you to take a closer look at what security your provider is charging extra for. If low cost, high value security controls are being upsold, then you may want to consider what other security good practices are not being considered essential. For more information about our cyber security consulting services and Secure by Design principles in action, please contact Tom Burton, Partner for Cyber Security, using the form below.

As the UK's ageing copper landline network becomes increasingly unstable, Cambridge Management Consulting reports that BT is urging Critical National Infrastructure (CNI) providers to expedite their transition from analogue to digital voice. With the Public Switched Telephone Network (PSTN) nearing the end of its life, organisations face significant risks if they delay planning and execution for this essential upgrade. Recent data indicates that 60% of CNI providers in the UK still lack a strategic plan to migrate from the legacy analogue network. This statistic underscores an urgent need for action to safeguard essential public services, such as healthcare, water, energy, emergency services, and government operations. The transition is not merely a technological upgrade; it is a once-in-a-generation programme to future-proof communications and improve service reliability. The PSTN, our communications backbone for over a century, is becoming increasingly prone to faults and difficult to maintain, with recent reports showing a 45% increase in significant resilience incidents. The impact of this transition is wide-reaching, affecting critical systems such as telemetry monitoring sensors, emergency phone lines, telecare alarms in hospitals and care homes, CCTV, intruder and fire alarms and older EPOS machines.  As the below graphic shows, a broad spectrum of devices and services will be affected by the analogue switch off, including ISDN, ASDL and Fibre to the Cabinet (FTTC) broadband services. The majority of organisations are almost certainly in the dark when it comes to common knowledge of all of the devices affected, lacking the internal expertise and records to identify and audit complex, interrelated legacy systems.