THE LATEST OPINIONS
FROM OUR EXPERTS

PCI DSS compliance is too often treated as a technical obligation rather than what it truly is: a critical business risk and trust issue. Paul Brennecker, Head of Information Security at 3B Data Security, argues that with payment data remaining a prime target for attackers, organisations must move beyond reactive, audit-led approaches to compliance.Paul highlights that many compliance failures stem from inconsistent control enforcement and poor visibility, particularly across hybrid and cloud environments. He stresses that PCI DSS should be embedded as a continuous operational discipline, supported by clear ownership, effective governance and security controls that reflect how businesses actually operate.When approached correctly, Paul believes PCI DSS becomes more than a regulatory requirement. It serves as a framework for improving security maturity, resilience and customer confidence, protecting both revenue and reputation rather than simply avoiding penalties.

As SMBs continue to embrace cloud services, Paul Collins cautions that adoption alone does not guarantee value. Too many organisations move quickly to the cloud without the governance, cost controls and security foundations required to operate sustainably at scale.Paul argues that the role of the channel must shift from enabling access to cloud platforms to guiding customers through informed architectural decisions, ensuring environments are right-sized, secure by design and aligned to real business needs. For SMBs with limited internal IT capability, unmanaged cloud growth can quickly erode cost predictability and increase risk.According to Paul, the most successful outcomes come when partners take ownership of ongoing optimisation, visibility and accountability, helping SMBs treat cloud as a strategic capability rather than a short-term fix.

Steve Prescott-Jones argues that the evolution to MSP 3.0 isn’t marketing hype. It’s happening now, but unevenly across the sector. Rather than just automating traditional services, MSP 3.0 requires a fundamental shift toward strategic enablement, blending professional and managed services to meet rapidly changing buyer expectations.According to Steve, today’s clients want more than reactive support: they expect partners to behave like agile teams that deliver value in days, not weeks, using automation and iterative delivery to accelerate time-to-outcome. He also stresses that while AI is widely discussed, most real implementations remain in the experimental phase meaning MSPs must balance promise with pragmatism.For Steve, the winners in MSP 3.0 will be those who evolve beyond the old playbook, embracing new delivery models and reshaping engagement around business outcomes, integrated security, and ongoing innovation, rather than simply managing infrastructure.

This Computer Weekly feature explores why Small Language Models (SLMs) are gaining traction as a practical alternative to large, resource-intensive AI for businesses seeking real-world advantage at the edge. With rising infrastructure costs, security concerns and the limitations of cloud-centric large language models (LLMs), SLMs promise lower cost, enhanced privacy and the ability to run AI intelligence closer to where data is generated - on devices, in factories, or directly within operational systems.Silvia Lehnis, Consulting Director for Data and AI at UBDS Digital, underscores that the biggest strategic benefit of SLMs lies in their ability to operate locally without constant cloud dependency. Silvia highlights that this not only cuts energy and operational costs but also reduces the AI carbon footprint and keeps sensitive data within organisational boundaries - a key advantage for security and privacy-sensitive use cases. She points out that running models locally can shift how enterprises think about AI deployment: from centralised, one-size-fits-all approaches to more focused, cost-efficient and context-relevant intelligence.Read more about Silvia’s opinion and how SLMs could reshape AI strategy in the full article.

The Oxygen Fast-Growth 50 2025 report published by IT Channel Oxygen in partnership with Giacom identifies the UK’s fastest-growing MSPs and channel partners based on headcount expansion over recent years, shining a spotlight on smaller, high-momentum firms driving innovation and market impact in the IT channel. The ranking reflects growth performance across a field of 527 UK MSPs, MSSPs, IT consultancies and resellers.In this year’s Fast-Growth 50, UBDS Group was ranked second overall - a standout achievement that reflects exceptional growth, strategic execution and market responsiveness. Between fiscal 2020 and 2023, the company’s headcount surged dramatically, expanding from a lean team into a high-growth digital transformation specialist with strong partnerships across Microsoft, AWS, Zscaler and Cloudflare.This ranking not only signals UBDS Digital’s rapid expansion but also underscores its broader trajectory in digital transformation, cloud services and strategic acquisitions, including the integration of 3B Data Security and the launch of new AWS-focused ventures.Read the full Oxygen Fast-Growth 50 2025 report to explore the complete list of high-growth UK channel partners and understand the factors driving success in today’s dynamic market.

This Computer Weekly feature explores how UBDS Digital is redefining digital transformation through a lifecycle-centric approach, moving beyond one-off projects to long-term partnerships that help organisations modernise continuously in a world of rapid technological change. The interview discusses why traditional transformation efforts often fall short and how a lifecycle perspective helps clients innovate consistently rather than repeatedly rebuilding every few years.Diptesh Patel, CEO at UBDS Digital, argues that the industry must shift from traditional digital transformation to a digital lifecycle partnership where value is realised over time, not just at the point of implementation. He explains that many transformation projects become outdated within a few years because they lack a framework for continuous improvement. By embracing lifecycle thinking, organisations can modernise infrastructure, integrate emerging technologies like AI and even prepare for future innovations such as quantum computing, all while maintaining strategic momentum rather than entering endless catch-up cycles.Patel emphasises that this ongoing innovation loop supported by dedicated roles like continuous improvement managers helps clients avoid the disruption and cost of repetitive, standalone projects and instead build adaptable, future-ready environments.Read more about Diptesh’s view and how the digital lifecycle model is shaping transformation strategies in the full article.

As organisations increasingly depend on cloud services, the conversation around data protection must evolve beyond basic measures and checklists. Paul Collins, CTO at UBDS Digital, emphasises that resellers have a critical role in educating customers on true cloud resilience - not just recommending strong passwords and MFA, but championing immutable backups as a foundation for robust defence against ransomware and other malicious attacks.Paul stresses that an effective cloud backup strategy should be paired with a comprehensive disaster recovery plan designed to keep businesses running when disruption hits. He also points out that compliance requirements such as GDPR are non-negotiable, reinforcing that conversations about security and data protection must reflect legal and operational realities.Read more about Paul’s views and practical recommendations in the full article.

The Information Security Buzz piece outlines a practical roadmap for organisations moving from simply managing risk to achieving digital resilience in-line with the EU’s Digital Operational Resilience Act (DORA). Rather than viewing DORA as just a compliance checklist, the article presents eight actionable steps that help firms embed resilience into governance, risk management, incident reporting and third-party oversight, ensuring continuity, regulatory alignment and stronger cyber posture in an increasingly hostile threat environment.Tracey Hannan-Jones, Compliance and Security Consultant at UBDS Digital, emphasises that successful DORA compliance begins with rigorous self-assessment and gap analysis, understanding whether and how an organisation’s operations, suppliers and technology footprint are subject to the regulation. She urges firms to treat compliance as a strategic resilience initiative, not a bureaucratic burden, by strengthening ICT risk management, enhancing incident reporting processes and building more robust third-party provider governance.Tracey also highlights that DORA’s reach extends beyond the EU to UK firms serving European clients, meaning many organisations must prioritise operational continuity, real-world resilience testing and proactive risk treatment now rather than later. For her, DORA isn’t just about meeting deadlines. It’s about operationalising resilience as an ongoing business capability that protects customers, safeguards services and reinforces trust.Read more about Tracey’s perspective and the full set of DORA-aligned steps in the article.