John Ellis

Geopolitics now runs through the technology your business depends on.

John writes and speaks on cyber resilience, strategic dependency, sovereignty, and the changing relationship between technology, statecraft and corporate risk.

John Ellis

Thesis

Technology is now geopolitical terrain.

The systems boards depend on are increasingly shaped by statecraft, regulation, sovereignty, sanctions, infrastructure control and strategic competition.

Cyber risk is business dependency risk.

The question is not only whether controls are working. It is what the organisation cannot operate without, who controls it, and what happens when it fails.

Resilience is a board-level discipline.

Boards need a clearer view of consequence, dependency and exposure, not just control maturity and activity reporting.

Strategic Dependency Register

Asset registers show what the organisation owns. Dependency registers show what the organisation cannot operate without.

Which services are business-critical?
Which third parties, platforms and jurisdictions do they depend on?
Where could geopolitical, regulatory or cyber disruption create material business impact?
What options exist if access, trust or continuity is degraded?

Writing

Less prophecy. More operating reality. Fewer glowing maps.

GeopoliticalCyber

Writing on cyber strategy, statecraft, operations and geopolitics in a personal capacity.

Board series

Essays and briefing-style pieces for directors and executives trying to understand cyber risk as strategic business exposure.

Speaking

Conference and boardroom discussions on fragmentation, sovereignty, technology dependency and cyber resilience.

About

John’s career has moved across banking, technology, healthcare and insurance, with work spanning cyber security operations, architecture, risk, executive reporting and strategic advisory.

His postgraduate work at UNSW Canberra identified supply chain dependency as an emerging strategic attack surface, where trust, software, infrastructure and statecraft would collide. NotPetya and SolarWinds later made the point unavoidable.

He writes and speaks in a personal capacity, by introduction.

Advisory

Advisory work is undertaken selectively through Insignum, where the fit is right.