Cybersecurity threats and how to avoid them

Issues of cybersecurity are issues for all of us, and exist at an individual, national and international level.

Our interconnected, digital world relies on technological and computer infrastructure. Almost every element of our lives – including how we bank, travel, communicate, work, shop and socialise – intersects with information technology and digital operating systems in some way. 

While such technological advances offer untold benefits and opportunities, they also carry with them the risk of presenting vulnerabilities to individuals and organisations who seek to benefit from disrupting these systems. 

We all know the importance of creating strong passwords, avoiding suspicious links and installing appropriate security software. However, good digital etiquette only gets us so far.

Cybercrime is increasing year on year. The following cyberthreat-related statistics demonstrate the scope and scale of the issue:

  • the global cost of online crime will reach $300 billion by 2024
  • a business falls victim to a ransomware attack every 14 seconds
  • phishing emails are used to launch 91% of cyber-attacks
  • small businesses are the target of 43% of all cyber-attacks
  • on average, it takes six months to detect a data breach.

What are cybersecurity threats?

A cybersecurity threat is any malicious, deliberate activity that targets computer systems, computer networks, information technology assets, intellectual property or sensitive data. The aim of such threats vary, but generally they seek to gain some benefit from the attack, such as disrupting digital life, gaining unauthorised access, or damaging or stealing data. While many cybersecurity attacks originate from unknown individuals or organisations in remote locations, they can also originate from insiders, within an organisation. All are labelled ‘threat actors’, with common types including:

  • Hostile nation-states, who engage in cyber warfare such as disruption of critical infrastructure, espionage, propaganda and website defacement.
  • Hackers, ranging from those who seek to steal data and confidential information, to those who gain access to systems as a challenge.
  • Hacktivists, who are pursuing a political agenda, generally through the sharing of propaganda.
  • Terrorist groups, who seek to damage national interests and national security.
  • Insiders and third-party vendors, who can deliberately expose sensitive data, or accidentally introduce malware that leads to a data breach.

It’s not just a pressing issue for large entities such as financial institutions, national governments and tech companies; small-to-medium-sized businesses, as well as individuals, are among the most vulnerable to cyberthreats and should take steps to defend themselves.

What are the most common threats to cyber security?

Common types of cyberthreats and cyber-attacks include:

  • Malware. Computer viruses, spyware, worms and ransomware are all forms of malicious software, known as malware. They target vulnerabilities in information systems and networks, typically via malicious links and email attachments that introduce dangerous software into the system. Malware can: render systems inoperable, install additional harmful software, obtain information covertly and block access to network components.
  • Phishing. Phishing attacks are an incredibly common cyberthreat. They use fraudulent communications (generally emails), that appear to come from a known or reputable sender to steal personal and sensitive data – such as credit card information, passwords and login information – or install malware onto a system. Spear phishing refers to a phishing attack that targets a specific individual or organisation.
  • Man-in-the-middle (MitM) attack. MitM attacks – also referred to as eavesdropping attacks – involve cybercriminals inserting themselves into a two-party transaction (and so becoming the ‘man in the middle’) to interrupt traffic,filter or steal data.
  • Denial-of-service attack. These attacks flood computer networks, servers and systems with traffic in a bid to cripple bandwidth and resources so legitimate requests cannot be fulfilled. There is also a Distributed-Denial-of-Service (DDoS) attack; a DDoS attack involves the use of multiple devices to stage a cyber-attack.
  • Structured Query Language (SQL) injection. Malicious code is ‘injected’ into a database in order to gain access to sensitive information or data. It’s an example of a ‘backdoor’ cyberthreat.
  • Zero-day exploit. These attacks exploit networks at times when they are vulnerable or compromised – crucially, before solutions or patches are introduced.
  • DNS tunnelling. These attacks re-route DNS requests to a cybercriminal’s server, providing them with a command, control channel and data extraction path in order to obtain data. They are notoriously tricky to detect.

This list is not exhaustive. Other types of cyber-attacks include Trojans, XSS attacks, drive-by attacks, brute force attacks, whale-phishing attacks, ransomware, data breaches and URL interpretation.

How can you protect networks from cyber security threats?

Every organisation should invest in protecting itself from cybercriminals and cyber protection should form part of any risk management plan. This can be achieved by implementing various security measures.

One is to ensure that all team members throughout the business are alert to the dangers of cyber security; they should be trained to prevent breaches and detect potential threats. 

As many issues of data security occur through accidental insider-user error, this is one of the most effective ways to combat digital vulnerability. Employees should be alert to malicious links, check sender information, maintain strong password etiquette – never share passwords and use two-factor authentication – and take care when handling sensitive information.

From a systems perspective, it’s critical that all hardware and software is up to date and fit for purpose. This includes:

  • supporting patch management systems
  • ensuring networks are behind firewalls
  • implementing endpoint protection
  • backing up data in a secure way
  • controlling and monitoring user access to all systems
  • securing wifi networks
  • establishing personal accounts for all employees.

Protect your systems from potential cyber-attacks

Cybersecurity risks aren’t going away, so individuals and security teams with the specialist skills and expertise to safeguard businesses from these attacks are in high demand. People with these skills can often choose from a wide range of rewarding careers.

Whether you have a computing background or not, you can develop the knowledge and skills to succeed in the industry with the University of York’s online MSc Computer Science programme. You’ll gain in-depth understanding in each of the main areas of computer science, learning how to apply your new skills to real-work environments. Through flexible modules, you’ll explore programming, software development, data analysis, computer networks and much more.


Leading and managing organisational change

Supporting an organisation or business through change is a critical part of any leader’s job. Change is constant, and work environments continually evolve as new technologies are adopted, and old ways of working are replaced with the development of new knowledge and skills. Despite the constant presence of change, it remains a significant challenge for organisations. According to a study conducted by McKinsey, just 26% of change projects are considered to be successful within their organisations.

This is why successful change management is such a priority for businesses – and why all managers should aim to be change leaders.

What is organisational change?

Organisational change occurs whenever an organisation or business makes a significant alteration to its identity, purpose, or procedures. This can include changes to an organisation’s:

  • brand
  • culture
  • operational systems
  • internal infrastructure
  • hierarchy or structure
  • policies or processes
  • equipment or technologies
  • values
  • stakeholders
  • leadership team
  • products
  • business models.

Drivers of organisational change

There are a number of reasons why a business or organisation will choose to undergo a period of transformation. Common aims include the following.

Cost savings

Organisations often adopt new technological devices or systems to automate processes, reduce workloads, and streamline workflows in order to save money.

Business growth

Whether introducing new products or services, or emerging into new markets, businesses will embrace change to create new opportunities for growth.

Overcoming obstacles and other challenges

In periods of economic downturn or difficult market conditions, or when facing heightened pressure from competitors, suppliers, or customers, organisations will often implement a change management strategy to help steer the organisation forward – and correct course where needed. This may also occur when an organisation is required to implement new government legislation or directives.  

Adopting high-level or large-scale change

When an organisation decides to make changes to its strategic objectives, its core purpose or values, or even its fundamental structure – such as through mergers, a culture change, or new leadership and senior managers – a dedicated change management process can be instrumental in helping ensure success. 

Types of organisational change 

Organisational change comes in many forms, such as:

  • adaptive change, which is made up of small, incremental adjustments within an organisation
  • transformational change, which includes the kind of sweeping, strategic change projects that can alter the fabric of an organisation
  • remedial change, which includes reactionary change efforts that are typically implemented in response to a problem or issue.

What are the phases of organisational change?

Organisational change management usually consists of three major phases.


The preparation phase is vital for successful change programmes. It requires change agents to define criteria for success and desired outcomes, as well as any and all potential impacts, and the planned approach for the project. This plan should outline activities, establish roles, and address any risks.


The implementation phase is when all of the work outlined in the preparation phase actually happens. During this phase, leaders should be tracking and monitoring the change programme, and adapting it where necessary.


The final phase of organisational change is about sustaining the outcomes of the change programme. This means reviewing the results of the project, and ensuring that the change outcomes are embedded as part of business-as-usual within the organisation.

What is the role of a leader in managing organisational change?

Leaders play a pivotal role in managing any organisational change process.

They’re responsible for:

  • communicating with the people they lead, answering questions, providing clarity, and taking on feedback
  • motivating people, addressing resistance where it occurs, and easing the transition from the old way of working to the new approach
  • providing accountability, making assessments and decisions, and delegating where appropriate.

What is the difference between leading and managing change?

People are what determine whether a change project is successful or not. And that’s why change leaders are so important.

While managers are needed to oversee the logistical aspects of implementing change, leaders who have competency in getting buy-in from people, engaging them in the process of change, and motivating them to see change through. This is particularly important in large-scale change projects where tensions may be high and instability is inevitable. In these scenarios, leaders help people understand the vision behind the project. 

Change leaders won’t necessarily fit into any one role. While some may sit within senior leadership teams, others might work in human resources or project management. Their defining feature will be their passion and dedication for implementing a successful change programme – and getting other people on board along the way.

What are the main approaches to leading organisational change?

Organisational change has generated a number of different models, methodologies, and approaches for helping leaders to plan and implement effective change management projects.

One is the three-stage model of change developed by Kurt Lewin, a German-American psychologist. Lewin’s model suggests that change has three stages.

  1. Unfreeze, where people prepare for the coming change.
  2. Change, the transitional time where change occurs.
  3. Refreeze, when the change because the norm and stability is restored.

Another methodology is the eight-step process for leading change developed by Dr John Kotter, a professor of leadership at Harvard Business School. Kotter’s eight steps are:

  1. creating a sense of urgency
  2. building a guiding coalition
  3. forming a strategic vision
  4. enlisting a volunteer army
  5. enabling action by removing barriers
  6. generating short-term wins
  7. sustaining acceleration
  8. instituting change.

Lead transformational change within your organisation

Help ensure the success of change initiatives within your current or future organisations with the flexible online Master of Business Administration (MBA) programme from the University of York. Leading and Managing Organisational Change is one of the key modules on this programme, so you will have the opportunity to examine change practices within organisations, theories of change, and how change can shape effective practice.

This postgraduate degree is taught 100% online, so you can study around your current professional and personal commitments as you develop knowledge and skills in topics such as management strategy, operations management, contemporary issues in leadership, marketing in a global society, and contemporary topics in global business.

National policy and its role in a greener, more sustainable future

Infrastructure shapes both the human and natural worlds. It’s the backbone and foundation on which communities and nations are built: the energy that powers our businesses, the clean water pumped into our homes, and the road and rail networks that allow us to travel with ease. Thoughtful, ethical and sustainable infrastructure has the ability to improve our quality of life, creating new places and ways in which to live and work.

Nonetheless, infrastructure on a national scale cannot, and should not, proliferate unchecked. Its development involves critical considerations, from the communities it serves, to its impacts and effects – both in the short and longer-terms, to the material and methods used, to maintenance, and much more besides. Policy, regulation, expertise and comprehensive planning and risk management all play an important role, particularly in negating, and even reversing, the impacts of climate change.

The United Nations’ Intergovernmental Panel on Climate Change (IPCC) recognises and outlines “the interdependence of climate, ecosystems and biodiversity and human societies” in its Summary for Policymakers report. It calls for the assessment of climate change impacts and risks, as well as adaptation, set against “concurrently unfolding non-climatic trends” such as rapid urbanisation, land and ecosystem degradation, biodiversity loss and unsustainable consumption of natural resources. So, how can a nation develop responsibly and sustainably? What factors must be taken into consideration when mapping industrial strategy? Who has the power to make decisions on this scale?

What is national policy?

National policies are statements that contain principles and broad courses of action taken by national governments regarding specific objectives.

Their main purpose is to define and guide decision-making efforts to achieve a desired outcome through government policy and plans – in a bid to ensure any decisions have an aggregate positive impact on a national level. For example, a government may wish to improve biodiversity by considering future land use, or lower emissions and improve air quality by developing its public transport networks, or tightly govern waste management in a bid to support a healthier ecosystem. National policy should:

  • establish a planning system and framework for development
  • protect and preserve natural resources
  • shed light on the environmental impact assessment of planned projects
  • ensure regulatory standards are adhered to
  • avoid any adverse impacts on an environmental or social level

In the UK, national policy must relate to climate change efforts – both in mitigation and adaptation. As well as explaining the reasoning behind their proposed outcomes, policies must explain how they:

  • factor into sustainable development
  • integrate with existing policies
  • account for safety and technology issues
  • address any adverse impacts
  • detail actual and projected capacity and demand. 

Where necessary, policies should also pinpoint specific locations affected in order to create a guideline and roadmap that can support future investment and planning decisions.

Planning Act 2008

The UK Infrastructure Planning Commission was borne out of the Planning Act 2008. As well as making provisions for the Commission’s functions, it contains guidelines and thresholds for the authorisation and development of infrastructure. The Act also governs town and country planning and is designed to “make provision about the imposition of a Community Infrastructure Levy.”

UK national policy statements (NPS)

In the UK, there are 12 NPS relating to different areas of nationally significant infrastructure projects and their future development. NPS must be formed from a democratic process – consisting of public consultation and parliamentary scrutiny – before it can become designated policy. In this way, any examining authorities can make recommendations to the Secretary of State.

The NPS, by category, are:

  • Energy: Overarching Energy; Fossil Fuels; Renewable Energy; Oil and Gas Supply and Storage (produced by the Department for Business, Energy and Industrial Strategy)
  • Transport: Ports; National Networks; Airports (produced by the Department for Transport)
  • Water, waste water and waste: Hazardous Waste; Waste Water; Water Resources (produced by the Department for Environment, Food and Rural Affairs).

Any significant development of infrastructure throughout England, Scotland, Wales and Northern Ireland must adhere to the NPS.

What is the difference between national policy and local policy?

The National Planning Policy Framework (NPPF) underpins the UK’s environmental, social and economic planning policies, and covers topics including:

  • business
  • environment
  • economic development
  • transport
  • housing.

The NPPF must inform any planning applications and decisions relating to local and neighbourhood plans; where plans and developments have taken its rules into account, developments can be approved without delay. A local planning authority (LPA) makes the ultimate decision in deciding to grant or refuse planning permission – such as building and development work – in a given area. Local authorities also create a development plan; this occurs every six years and details planning policies and use of areas by local authorities. For example, a plan might contain aspects such as upgrading of amenities, improvements to roads or regeneration and renewal of unused or obsolete areas. Planning applications in the local area are then cross-referenced with the plan, with permission generally granted only if the plans are in line with the development plan.

The UK government publishes planning practice guidance on the website to support individuals and organisations with their interpretation and adherence to the NPPF. There are various categories – many of which relate to ensuring a greener, sustainable future – including:

  • air quality
  • climate change
  • effective use of land
  • environmental impact assessment
  • flood risk and coastal change
  • green belt
  • land stability
  • natural environment
  • renewable and low-carbon energy
  • strategic environmental assessment
  • tree preservation orders and trees in conservation areas
  • waste.

Shape the future of public service provision and public administration

If in-depth understanding of national and local policy could benefit your workplace, choose the University of York’s online Master of Public Administration programme.

Develop the skills to analyse and navigate complex public management issues, and lead the way in making a positive impact on both public life and public service provision. Designed for leaders across public, non-profit and third-sector organisations, your studies will draw on service development and enhancement – with a focus on sustainability – across networks and partnerships. You’ll study the public process, the organisational and human context of public service delivery, and the wider social, political and economic environment through which public service demands and constraints are shaped. 

What are the three categories of computer architecture?

Every computer, from the simple device to the most complex machine, operates according to its architecture. This architecture – the rules, methods, and procedures that tell the computer system what to do and how to work – can be broken into three main sub-categories.

Instruction set architecture

An instruction set architecture, or ISA, is a collection of instructions that a computer processor reads. It outlines how the central processing unit (CPU) is controlled by its software, and effectively acts as the interface between the machine’s hardware components and its software. In fact, the instruction set architecture provides the only means of interacting with the hardware, visible to assembly language programmers, compilers, and application managers.

There are two main types of instruction classifications:

  • Reduced Instruction Set Computer (RISC), which implements only the single instruction formats that are frequently used in computer programmes. These include what’s known as MIPS (microprocessor without interlocked pipelined stages), which was developed by John Hennessy at Stanford University in the 1980s.
  • Complex Instruction Set Computer (CISC), which can implement several specialised instructions.

The ISA also defines and supports a number of key elements within the CPU, such as:

Data types

Supported data types are defined by the instruction set architecture. This means that through the ISA, a computer will understand the type of data item, its values, the programming languages it uses, and what operations can be performed on or through it.


Registers store short-term data and manage the hardware’s main memory – the random access memory (RAM). They are located within processors, microprocessors, microcontrollers, and so on, and store instructions for decoding or executing commands. Registers include:

  • the programme counter (PC), which indicates where a computer is in its programme sequence. The PC may also be referred to as the instruction pointer (IP), instruction address register (IAR), the instruction counter, or the instruction sequencer. 
  • the memory address register (MAR), which holds the address of an instruction’s related data.
  • the memory data register (MDR), which stores the data that will be sent to – or fetched from – memory.
  • the current instruction register (CIR), which stores the instructions that are currently being decoded and executed by the central processing unit.
  • the accumulator (ACC), which stores the results of calculations.
  • the interrupt control register (ICR), which generates interrupt signals to tell the central processing unit to pause its current task and start executing another.

Key features

The instruction set architecture outlines how the hardware will support fundamental features, such as:

  • Memory consistency models, which essentially guarantee that if a programmer follows set rules for operations on memory, then memory will be consistent, and the results of reading, writing, or updating memory will be predictable.
  • Memory addressing modes, which are the methods used for locating data and instructions from the RAM or the cache. Mode examples include immediate memory access, direct memory access, indirect memory access, and indexed memory access.
  • Virtual memory, also known as virtual storage, which utilises both hardware and software to allow a computer to temporarily transfer data from RAM to disk.


Also called computer organisation, microarchitecture is an important sub-category of computer architecture. There is an inherent interconnection between the microarchitecture and the instruction set architecture, because the microarchitecture outlines how a processor implements its ISA.

Important aspects of microarchitecture include:

  • Instruction cycles. These are the steps required to run programmes: reading and decoding an instruction; finding data associated with the instruction; processing the instruction; and then writing out the results.
  • Multicycle architecture. Multicycle architectures are typically the smallest and simplest architectures because they recycle the minimum required number of logic design elements in order to operate. 
  • Instruction pipelining. Instruction pipelining is a tool for improving processor performance because it allows several instructions to occur at the same time.

System design

System design incorporates all of a computer’s physical hardware elements, such as its data processors, multiprocessors, and graphic processing units (GPUs). It also defines how the machine will meet user requirements. For example, which interfaces are used, how data is managed, and so on. In fact, because of its link with meeting specified user requirements, system design is often mentioned alongside product development and marketing.

Other types of computer architecture

Von Neumann Architecture

Also known as Princeton architecture, the Neumann model of computer architecture was developed by John von Neumann in the 1940s. It outlines a model of computer architecture with five elements:

  1. A processing unit that has both an arithmetic and logic unit (ALU) as well as processors with attached registers.
  2. A control unit that can hold instructions in the programme counter or the instruction register.
  3. Memory that stores data and instructions, and communicates through connections called a data bus, address bus, and control bus.
  4. External mass storage, or secondary storage.
  5. Mechanisms for input/output devices.

Harvard Architecture

Harvard architecture uses separate memory storage for instructions and for data. This differs from, for example, Von Neumann architecture, with programme instructions and data sharing the same memory and pathways.

Single instruction, multiple data (SIMD) architecture

Single instruction, multiple data processing computers can process multiple data points simultaneously. This paved the way for supercomputers and other high-performance machines, at least until developers at organisations like Intel and IBM started moving into multiple instruction, multiple data (MIMD) models.

Multicore architecture

Multicore architecture uses a single physical processor to incorporate the core logic of more than one processor, with the aim of creating systems that complete multiple tasks at the same time in the name of optimisation and better overall system performance.

Explore the concepts of modern computer architecture

Deepen your understanding of computer architecture with the 100% online MSc Computer Science from the University of York. This Masters degree includes a module in computer architecture and operating systems, so you’ll delve into how computer systems execute programmes, store information, and communicate. You will also learn the principles, design, and implementation of system software such as operating systems, in addition to developing skills and knowledge in wider computer science areas, such as algorithms, data processing, and artificial intelligence.

This flexible degree has been designed for working professionals and graduates who may not currently have a computer science background but want to launch a career in the cutting-edge field. You can learn part-time around your current work and home commitments, and because the degree is taught exclusively online, you can study whenever and wherever you want.

What are the features of modern governance?

Modern governance is good governance achieved with modern tools. By utilising new technologies and methods, governing bodies can gain deeper insights and develop new processes that deliver better governance and better overall results for their organisations.

Effective use of new technology

Whether it’s through automating processes or utilising new systems and platforms, governing bodies that undergo a digital transformation can often gain a competitive advantage or establish themselves as a leader in their fields or sectors.

Making the most of information and data

Modern governance relies heavily upon good data to spot issues, challenges, and new categories in terms of trends and market directions. Good data should also help inform decisions, strategies, policies, and responses in times of crisis or disruption.

Greater transparency

One of the most significant aims of modern governance is transparency. Information is easily accessible and understandable. Communication and conversations are two-way, and reporting is conducted regularly and objectively.

Robust risk and compliance management

Modern governing bodies are focused on safeguarding against a multitude of risks – no easy task in today’s complex world. Through policies, procedures, and other controls, modern governance works to mitigate cyber risk and cyber-attacks; protect strategic, financial, operational, and reputational functions; and, ensure all potential issues are identified, analysed, mitigated, monitored, and reported on. There is also a strong focus on compliance, with internal audits, quality assurance practices, and strict adherence to legislation – and other relevant codes – all firmly cemented within the organisation.

Inclusive environments

Diverse, inclusive, and collaborative environments are a growing necessity in modern governance. From the governing body itself, through all levels of an organisation, good modern governance calls for diversity in race, gender, and age, but also in terms of backgrounds and skills – and research continues to show that diverse organisations are more creative and more decisive.

What is good governance?

Good governance should be an important area of focus for any organisation, whether it’s a public body, an international not-for-profit organisation, or a private business or corporation. Through good governance, an organisation maintains and safeguards its integrity and ethics, its policies and procedures, and its reputation and performance.

Good governance informs decision-making, enables strong relationships with stakeholders, and sets the organisational or corporate culture. It also ensures that funds are used appropriately, employee standards – and human rights – are respected, and operations are free from corruption and fraud.

Good governance in the United Kingdom

In the UK, corporate good governance is ensured through the Financial Reporting Council’s UK Corporate Governance Code. The code steers relationships between companies, shareholders, and stakeholders, and “promotes the importance of establishing a corporate culture that is aligned with the company purpose, business strategy, promotes integrity and values diversity.”

The Chartered Institute of Personnel and Development also offers a number of resources and guides on the topic of good corporate governance.

Finally, the Chartered Governance Institute UK & Ireland works to ensure “effective and efficient governance and administration of commerce, industry and public affairs”.

Examples of best practice in governance


Petition and social change non-profit website has been lauded for its transparency. The organisation shares its financial information, roadmaps, and strategy in its annual impact report, and also publishes details about its diversity and inclusion.


Inclusive Companies, an organisation that aims to drive inclusion through innovation and best practice, recently awarded Capegemi UK its top prize in the Inclusive Top 50 UK Employers List. Contributing to this win was Capgemini’s active inclusion programme, which engages all of its staff “in a conscious culture and mindset change for inclusion.”

Risk management 

CIR Magazine’s Risk Management Awards recently awarded AECOM, a multinational infrastructure consulting firm, and the West Midlands Combined Authority, with a Public Sector Risk Management Award, recognising the organisations’ collective and collaborative commitment to risk management.

What is a governance deficit?

Governance deficits occur when those governing – whether it’s a company, organisation, government, or another body – are not equipped to cope with the myriad challenges it faces, and cannot govern effectively. This deficit can look like a lack of:

  • information, which should inform everything from an organisation’s environmental, social, and corporate governance (ESG) to its marketing efforts
  • technology, which can facilitate transformational change in everything from everyday business processes to C-Suite (the name for leadership teams made of a CEO, CFO, COO, and so on) leadership
  • adaptability, whether it’s responsiveness to a crisis or an emerging trend in the market
  • security, from cyber safety to financial health
  • connectivity or collaboration, such as consultation on white papers, governance practices, or even participation in industry events, podcasts, and so on
  • visibility, whether it’s of board members or corporate directors within the organisation, or even an online presence – for example, on social media applications such as LinkedIn.

Deficits in areas such as these can have serious consequences, such as increased risks – and increased costs.

In fact, the Diligent Institute has reported that “governance deficits across over 12 public companies have cost shareholders more than $490bn (US Dollars) in value in the year following the financial crisis. At the same time, good governance has equipped companies to surpass their peers by 15%.”

Modern tools and resources to support good governance

Diligent is a digital modern governance tool. Effectively an app for boards and board members, it aims to promote good governance by managing risks, supporting audits, enabling compliance, and so on. It is the world’s largest governance, risk, and compliance (GRC) software-as-a-service (SAAS) provider, with one million users across 25,000 organisations and 130 countries. Diligent CEO Brian Stafford says that there is “a gap between people in the middle of the organisation who are data experts, and people at the top who want the right information at their level, to be able to help with pressure testing. We’re putting that all together for our clients.”

The Modern Governance Summit

The Diligent Corporation recently hosted a hybrid in-person and virtual event for governance, risk, compliance, audit, and ESG professionals.

Free data tools, such as Google Analytics

Data and information is key for organisational leaders, boardrooms, and anyone in an executive role. While some of this data may require market research or dedicated system providers, some of it is easily obtained for free. Website data, for example, is a crucial area of information for organisations and can be accessed for free in real time via Google Analytics.

Communication platforms, such as Slack or Microsoft Teams

Open communication supports transparency, inclusive environments, and information-sharing – all important elements of good governance. 

Help shape the future of good governance 

Help embed good governance within the public sector with the 100% online Master of Public Administration (MPA) programme from the University of York. Designed for professionals in public and non-profit organisations, this flexible MPA programme will equip you to make a positive impact on improving public service provision and public life.

As part of your studies, you’ll explore good governance. For example, one of your key modules is in regulatory governance – an inevitable part of modern governance that many businesses undermine, but is crucial in delivering on social protection, safety, and quality assurance standards.

Leadership vs. management: what’s the difference?

Managers are an important part of any organisation. They oversee the day-to-day activities of the business, make sure work is assigned and completed, and take care of administrative tasks, such as budgeting and scheduling, along the way.

But what separates managers from leaders? The words might be used synonymously, but they’re not actually the same thing. People work for a manager – but they follow a leader. And this distinction is important, because while some jobs may require nothing more than a bit of rote direction, many roles are becoming increasingly complex, and require an environment that:

  • enables innovation and creativity
  • fosters engaged, motivated, and empowered employees
  • supports change

This is where effective leadership is required. Leaders are visionaries: they think strategically, they inspire others, and they help develop the culture – and the future – of their organisations. According to Forbes, leaders are agents of change, while managers work to maintain the status quo. In fact, it’s often said that a leader shapes the vision of their organisation, while a manager follows it. So it’s important to note that while a leader can both lead and manage people, a manager can’t always lead the people they manage. Unless, of course, they work to develop their leadership skills and a leadership style.

Why is leadership important?

The 21st century has seen significant changes in the working world. Technology plays an increasingly important role in businesses and organisations, from automated tasks to communication methods. Meanwhile, the COVID-19 pandemic created a seismic shift in working habits, with more people working flexibly and remotely than ever before. 

Within this shifting landscape, leaders have been instrumental in shaping and directing the flow of change within their organisations. They have ensured that their employees have remained engaged and motivated, and that their businesses have adapted as necessary. These leaders have not been afraid to take risks, try new ideas, implement changes, and make the occasional mistake in service to improving overall performance.

Signs of a good leader

Great leaders vary greatly in terms of leadership styles, but they all commonly demonstrate a number of important qualities, traits, and skillsets. 


Leaders are honest, direct, and transparent in their communications with colleagues. They share their vision, they share their priorities – aligning them to organisational goals – and they share their ideas. Crucially, they also welcome input and feedback from their colleagues and stakeholders, actively listening to all comments and taking other points of view on board – regardless of whether the comments come from a junior staff member or someone in a senior management role.

Emotional intelligence 

Leaders understand feelings – their own, and those of the people around them. They harness this knowledge to understand their employees, demonstrate empathy, offer personalised praise for successful work and initiatives, and acknowledge challenges that have been tackled and overcome. 


Leaders are experts in their fields, and they share their knowledge and expertise. They encourage and enable professional development – and development programmes – within their teams, and dedicate time to mentoring and coaching people. They are also learners themselves, making time for their own personal development through learning resources such as:

  • in-person leadership development courses
  • training courses to hone their everyday management skills
  • online courses, particularly leadership programmes and management courses, through websites such as LinkedIn


Because of their communication skills, emotional intelligence, and knowledge, a leader will have a wide circle of influence. Whether it’s within their team, the wider organisation, or external stakeholders, leaders can effectively and respectfully persuade and negotiate with people to help steer conversations, direct interventions, and influence actions.


Leaders are confident in their decision-making and effective in their problem-solving. However, they’re not afraid to share responsibility with their colleagues – on the contrary, they actively empower people to explore different solutions to the challenges they face. But a leader is always accountable for the decisions made under their watch.

What are the different styles of leadership?

There are a number of different leadership styles to choose from, and the most suitable for any given leader, team, or organisation, can vary greatly. 

According to the Institute of Leadership & Development (ILM), a professional body focused on leadership, the most appropriate leadership style will depend on factors such as the leader’s personality and their current circumstances. With this in mind, the ILM argues that a leader’s style should reflect the situation they’re in – known as situational leadership – rather than their own personal references. 

Transformational leadership

Transformational leaders are focused on inspiring their employees for the benefit of organisational transformation and success. They seek improvements and innovation as part of their standard process, and trust their staff to help deliver results. While this style is ideal within organisations that value new ideas and ways of working, it isn’t always appropriate within organisations that value established processes and doing things the way they’ve always been done.

Democratic leadership

Democratic leaders regularly solicit their team members in their decision-making process. While these leaders will frequently guide conversations and will make final decisions, they also openly encourage debate and new ideas. Also known as participative leadership, this leadership style is effective in engaging employees and encouraging innovation, but can be difficult when a decision needs to be made quickly.

Servant leadership

Servant leaders are focused on people first and foremost. By helping and supporting people as their primary task, servant leaders elevate and empower those around them to achieve results. This style of leadership can create inclusive and dynamic company cultures, but can also create challenges around ownership and accountability.

Become a leader within your organisation

Develop your leadership skills with the Master of Business Administration (MBA) at the University of York. This programme is studied part-time and 100% online, so you can continue to work full-time as you focus on your professional development. Through research and taught modules, you’ll learn about management strategy, contemporary issues in leadership, leading and managing organisational change, and how to manage across cultures, among other important areas of leadership.

What is computational thinking?

Computational thinking (CT) is a problem-solving technique that imitates the process computer programmers go through when writing computer programmes and algorithms. This process requires programmers to break down complex problems and scenarios into bite size pieces that can be fully understood in order to then develop solutions that are clear to both computers and humans. So, like programmers, those who apply computational thinking techniques will break down problems into smaller, simpler fragments, and then outline solutions to address each problem in terms that any person can comprehend. 

Computational thinking requires:

  • exploring and analysing problems thoroughly in order to fully understand them
  • using precise and detailed language to outline both problems and solutions
  • applying clear reasoning at every stage of the process

In short, computational thinking encourages people to approach any problem in a systematic manner, and to develop and articulate solutions in terms that are simple enough to be executed by a computer – or another person. 

What are the four parts of computational thinking?

Computational thinking has four foundational characteristics or techniques. These include:


Decomposition is the process of breaking down a problem or challenge – even a complex one – into small, manageable parts.


Also known as generalisation, abstraction requires computational thinkers to focus only on the most important information and elements of the problem, and to ignore anything else, particularly irrelevant details or unnecessary details.

Pattern recognition

Also known as data and information visualisation, pattern recognition involves sifting through information to find similar problems. Identifying patterns makes it easier to organise data, which in turn can help with problem solving.  

Algorithm design

Algorithm design is the culmination of all the previous stages. Like a computer programmer writing rules or a set of instructions for a computer algorithm, algorithmic thinking comes up with step-by-step solutions that can be followed in order to solve a problem.

Testing and debugging can also occur at this stage to ensure that solutions remain fit for purpose.

Why is computational thinking important?

For computer scientists, computational thinking is important because it enables them to better work with data, understand systems, and create workable algorithms and computation models.

In terms of real-world applications outside of computer science, computational thinking is an effective tool that can help students and learners develop problem-solving strategies they can apply to both their studies as well as everyday life. In an increasingly complicated, digital world, computational thinking concepts can help people tackle a diverse array of challenges in an effective, manageable way. Because of this, it is increasingly being taught outside of a computer science education, from the United Kingdom’s national curriculum to the United States’ K-12 education system.

How can computational thinking be used?

Computational thinking competencies are a requirement for any computer programmer working on algorithms, whether they’re for automation projects, designing virtual reality simulations, or developing robotics programmes.

But this thinking process can also be taught as a template for any kind of problem, and used by any person, particularly within high schools, colleges, and other education settings.

Dr Shuchi Grover, for example, is a computer scientist and educator who has argued that the so-called “four Cs” of 21st century learning – communication, critical thinking, collaboration, and creativity – should be joined by a fifth: computational thinking. According to Grover, it can be beneficial within STEM subjects (science, technology, engineering and mathematics), but is also applicable to the social sciences and language and linguistics.

What are some examples of computational thinking?

The most obvious examples of computational thinking are the algorithms that computer programmers write when developing a new piece of software or programme. Outside of computer programming, though, computational thinking can also be found in everything from instructional manuals for building furniture to recipes for baking a chocolate cake – solutions are broken down into simple steps and communicated clearly and precisely.  

What is the difference between computational thinking and computer science?

Computer science is a large area of study and practice, and includes an array of different computer-related disciplines, such as computing, automation, and information technology. 

Computational thinking, meanwhile, is a problem-solving method created and used by computer scientists – but it also has applications outside the field of computer science.

How can we teach computational thinking?

Teaching computational thinking was popularised following the publication of an essay on the topic in the Communications of the ACM journal. Written by Jeannette Wing, a computer science researcher, the essay suggested that computational thinking is a fundamental skill for everyone and should be integrated into other subjects and lesson plans within schools. 

This idea has been adopted in a number of different ways around the world, with a growing number of resources available to educators online. For example:

Become a computational thinker

Develop computational thinking skills with the online MSc Computer Science at the University of York. Through your taught modules, you will be able to apply computational thinking in multiple programming languages, such as Python and Java, and be equipped to engage in solution generation across a broad range of fields. Some of the modules you’ll study include algorithms and data structures, advanced programming, artificial intelligence and machine learning, cyber security threats, and computer architecture and operating systems.

This master’s degree has been designed for working professionals and graduates who may not have a computer science background, but who want to launch a career in the lucrative field. And because it’s studied 100% online, you can learn remotely – at different times and locations – part-time around your full-time work and personal commitments.

What is foreign policy?

Foreign policy is the mechanism national governments use to guide their diplomatic interactions and relationships with other countries. A state’s foreign policy reflects its values and goals, and helps drive its political and economic aims in the global arena. Many foreign policies also have a strong focus on national and international security, and will help determine how a country interacts with international organisations, such as the United Nations, and citizens of other countries.

Foreign policies are developed and influenced by a number of factors. These include:

  • the country’s circumstances in a number of areas, including geographically, financially, politically, and so on
  • the behaviour and foreign policies of other countries
  • the state of international order and affairs more widely (for example, is there war or unrest? Are there trade alliances to take into consideration?) 
  • plans for advancement, such as economic advancement or technological advancement

Guided by foreign policy, diplomats and diplomatic bodies can work across borders to tackle shared challenges, promote stability, and protect shared interests.

A nation’s foreign policy typically works in tandem with its domestic policy, which is another form of public policy that focuses on matters at home. Together, the two policies complement one another and work to strengthen the country’s position both within and outside its borders.

Examples of foreign policy

The United Kingdom

Foreign policy in the United Kingdom is overseen by Foreign, Commonwealth and Development Office, which is led by the Foreign Secretary.

Recent priorities for the UK’s foreign office have included imposing sanctions on Russia due to its ongoing conflict with Ukraine, and introducing a new Northern Ireland Protocol Bill. The UK has also continued its ongoing action against the regime in Syria. 

Following the United Kingdom’s withdrawal from the European Union (EU) – made official in 2020 – UK policymakers have been focused on negotiating new trade agreements with international partners.

The United States

American foreign policy is overseen by the U.S. Department of State, which says its mission is to “protect and promote U.S. security, prosperity, and democratic values, and shape an international environment in which all Americans can thrive.”

Domestic bills and legislation connected to foreign policy are managed by the United States House Committee on Foreign Affairs, a standing committee of the U.S. House of Representatives that has jurisdiction over matters such as foreign assistance, HIV/AIDS in foreign countries, and the promotion of democracy. It also has six standing subcommittees that oversee issues connected to human rights practices, disaster assistance, international development, and so on in different regions of the world, such as Asia or the Middle East.

Recent events in American international affairs have included ending its war in Afghanistan, and affirming its support for a two-state solution to the ongoing conflict between Palestine and Israel. 


Chinese foreign policy consists of the following elements:

  1. Maintaining independence and state sovereignty.
  2. Maintaining world peace.
  3. Friendly relations.
  4. Enhanced unity and cooperation between developing countries.
  5. Increasing its opening and modernisation efforts.

China’s foreign policy also stipulates that China not engage in diplomatic relationships with any country that formally recognises Taiwan, which China does not recognise as a separate nation.


Nigeria’s foreign policy is lauded for strengthening its position and power regionally and internationally. Its objectives are enshrined in its constitution, and include:

  • the promotion and protection of the national interest
  • the promotion of African integration and support for African unity
  • the promotion of international co-operation for the consolidation of universal peace and mutual respect among all nations, and the elimination of discrimination in all manifestations
  • respect for international law and treaty obligations, as well as seeking settlement to international disputes by negotiation, mediation, conciliation, arbitration, and adjudication
  • the promotion of a just world economic order

What is the difference between foreign policy and international relations?

International relations is a discipline of political science and can be considered one of the social sciences – it’s an area of academic study that examines the interactions between countries. Foreign policy, on the other hand, is a working template that guides how one country interacts with others.

Foreign policy in practice: impacts and consequences

How does foreign policy influence international politics?

Because foreign policies are developed to protect a nation’s interests and influence its dealings with other nations on the world stage, they have a direct impact on world politics. But it’s also fair to say that international affairs help shape foreign policies, too. 

There are also a number of international organisations and non-governmental organisations (NGOs) that directly impact international relations and foreign policies, such as:

How does foreign policy affect the global economy?

Foreign policies can have a huge impact on the economy, both at home and abroad. While this is partially because policies often focus on the economic advancement of their nations, it’s also because almost all aspects of any foreign policy will have a knock-on effect on the wider global financial system.

For example, Foreign Policy magazine reported earlier this year that the war in Ukraine that was triggered by Russian President Vladimir Putin has already changed the world’s economy. Meanwhile, the United Kingdom’s withdrawal from the EU has had an ongoing financial impact and consequences for trade relationships throughout Europe (and even farther afield), while the COVID-19 pandemic lockdown measures taken in various countries has had a lasting effect on global supply chains and finances.

Help set public policy agendas

Explore public policy – including foreign policy and international studies – in greater depth with the 100% online Master of Public Administration (MPA) at the University of York.

One of the core modules on this flexible, part-time master’s degree is in policy analysis, so you will explore and analyse the complexity inherent in contemporary social and public policy development and reform. You will critically examine the role of ideas, interests, institutions, and actors in the policy process, and explore the wider social, economic, and political processes that shape contemporary policy-making. You will also gain conceptual and analytical tools to undertake advanced applied policy analysis in a range of local, national, and international policy settings.

Additionally, this postgraduate degree includes a module in policy research, enabling you to critically reflect on the strengths, limitations, and appropriateness of different research approaches and techniques, and helping you to acquire the skills needed to evaluate and commission research for public policy and administration contexts.

For further information about entry requirements, tuition fees, application deadlines, and independent research, please visit the programme page.

Financial resources: what are they and how are they managed?

Financial resources are the funds and assets that finance an organisation’s activities and investments. In simple terms, financial resources are the monies that keep a business operating, and there are several ways a business will raise and use its financial resources. 

Every organisation will have a framework or process in place for planning, organising, directing, controlling, and monitoring its financial resources and activities in order to deliver on the goals of the business. This is known as financial resource management (FRM) or financial management.

What are the two types of financial resources?

Internal financial resources

Internal sources of finance are funds that come from within a business. Examples include profits generated by the business, retained earnings, capital funding, and liquid assets. Liquid assets are business assets that can be easily converted into cash.

Because internal financial resources are generated from within the organisation, they are interest-free. This is typically considered to be more economical from a business point of view because it means the organisation doesn’t have to pay interest – which would apply to borrowed capital and debt – granting the business a stronger financial position.  

External financial resources

External sources of finance are funds that come from outside a business. Examples include loans and credit from external sources, such as banks.

External financial resources are particularly helpful for new businesses, organisations that are looking to grow and expand, and businesses that are looking for new investors to provide funding and even guidance and expertise within the organisation. It’s worth noting, however, that these sources of funding can mean partial loss of ownership within the business, as well as the added cost of interest payments.

Sources of finance: what are some examples of financial resources?

Financial institutions

Banks and other financial institutions are a common source of external finance for businesses. Lenders and financial services can offer business financing and loans in addition to advice and guidance. According to Association of Chartered Certified Accountants (ACCA), the global body for professional accountants, bank loans are among the most common forms of finance for small and medium-size businesses. Bank loans in this context are also known as commercial loans or business loans.

Capital markets

Capital markets include the stock market and the bond market. They effectively funnel savings and investment funding from people and institutions with capital to lend and invest into businesses that are seeking capital. In exchange, investors aim to receive a return on their investment through price appreciation – an increase in the value of their investment – and dividends.

An organisation’s capital stock is the number of shares it is authorised to issue within the market, as recorded on its balance sheet and determined by its corporate charter. By issuing capital stock, a business can raise funds without incurring debt or needing to pay interest, but it also means diluting its control over the organisation.

Venture capital

Venture capital is an increasingly popular form of business financing, particularly for small businesses and startups. It is a form of private equity that typically comes from private investors, or investment banks. Venture capital investing can be a high-risk/high-reward scenario for investors. Similarly for businesses, accepting capital investments can mean gaining access to funding that might be otherwise unavailable through the more traditional financial system – loans or capital financial markets – but also typically grants investors equity in the business, which means more fingers in the organisation’s decision-making pie.

Trade credit

While not technically a form of funding, trade credit is a valuable financial resource for businesses. It is a business-to-business (B2B) agreement that enables a company to purchase the goods or services needed to run the business, but pay the counterparties – suppliers or providers – at a later date, typically within 30, 60, or 90 days. These interest-free partnerships allow the business to increase its assets and then deliver on its payment at a time that should, preferably, be more suitable for the organisation.

Government grants and subsidies

Governments are often a valuable source of funding for businesses, providing grants, loans, and other forms of support to help organisations grow and succeed.

In the United Kingdom, for example, both the national government and local authorities offer a number of schemes and programmes to help businesses, including:

  • small business grants
  • tax relief
  • apprentice-training grants

How are financial resources used?

Financial resources are used in a number of ways, but they typically cover the cost of doing business and turning a profit – also known as corporate finance. This includes:

  • purchasing supplies
  • building inventory
  • paying human resources (staff)
  • site costs such as office rentals or the purchase of properties and buildings

The allocation and use of resources within a business will be determined by the people or team tasked with financial resource and funding management. 

Financial resource management

Financial resource management, or financial management, is typically overseen by an individual, such as a chief financial officer (CFO) or finance manager, a dedicated team or department, or a hired third-party such as a chartered accountant. This person or team influences or manages all financial activities within a business, from how funds are procured and used, to the processes in place for accounting, payments, and risk assessments. They are often accountable to their organisation’s shareholders and other stakeholders who expect adequate returns and prudent decision making.

What are the main areas of financial management?

  • Financial controls – this includes managing the organisation’s balance sheet, profit and loss statement, financial forecast, capital budgeting, cash flow statement, derivatives, valuations, and so on.
  • Resources – this includes determining how financial resources are raised, allocated, and used. 
  • Risk management – this includes identifying and analysing potential financial risks and liabilities connected to the business, and then determining a course of action based on the organisation’s objectives, its tolerance and appetite for risk, and its financial performance, health, and sustainability.
  • Strategy and planning – this includes financial planning, strategic planning, and business planning, and looking at everything from financial inputs to management processes.
  • Performance – this includes monitoring financial activities and metrics to ensure good financial health, and acting to solve issues as they arise.

Learn how to manage financial resources and risk

Advance your career with the University of York’s flexible Master of Business Administration (MBA). This distance learning degree is taught part-time and 100% online, which means you can learn around your current professional commitments and apply your studies to your existing career. It also includes a key module in managing financial resources and risk, with a focus on the interpretation of financial statements, investment and funding decisions, and a range of possible financial risks for businesses.

What are data structures?

Data is a core component of virtually every computer programme and software system – and data structures are what store, organise, and manage that data. Data structures ensure that different data types can be efficiently maintained and accessed, and effectively processed and used, in order to perform both basic operations and advanced tasks.

There are different data structure types – some basic and some more complex – that have been designed to meet different requirements, but all of them typically ensure that data can be understood by both machines and humans, and then used in specific ways for specific purposes.

But to understand the different types of data structures, it’s important to first understand the different types of data.

What are the different data types?

Data types are the foundation of data structures. They are what tell the computer compiler or interpreter – which translates programming languages such as Java, JavaScript and Python into machine code – how the programmer intends to use the data. They typically fall into one of three categories.

Primitive data types

Primitive data types are the most basic building blocks of data, and include:

  • Boolean, which has two possible values – true or false
  • characters, such as letters and numerals
  • integers and integer values, which are whole numbers that do not contain a fraction
  • references (also called a pointer or handle), which allow a computer programme to refer to data stored elsewhere, such as in the computer’s memory
  • floating-point numbers, which are numbers that include a decimal
  • fixed-point numbers, which are numbers that include a decimal up to a fixed number of digits

Composite data types

Also known as compound data types, composite data types combine different primitive data types. They include:

  • arrays, which represent a collection of elements, such as values or variables
  • records, which group several different pieces of data together as one unit, such as names and email addresses housed within a table
  • strings, which order data in structured sequences

What is an associative array?

An associative array – also called maps, symbol tables, or dictionaries – is an array that holds data in pairs. These pairs contain a key and a value associated with that key.

Abstract data types

Abstract data types are defined by their behaviour, and include:

  • queues, which order and update data using a first-in-first-out (FIFO) mechanism
  • stacks, which order and update data using a last-in-first-out (LIFO) mechanism
  • sets, which can store unique values without a particular order or sequence

What are the different types of data structures?

There are several different structures that store data items and process them, but they typically fall into one of two categories: linear data structures or non-linear data structures.

The data structure required for any given project will depend upon the operation of the programme or software, or the kinds of sorting algorithms that will be used. 

Examples of linear data structures

Array data structures

Like array data types, array data structures are made up of a collection of elements, and are among the most important and commonly used data structures. Data with an array structure is stored in adjoining memory locations, and each element is accessed with an index key.

Linked list data structures

Linked list data structures are similar to arrays in that they are a collection of data elements, however, the order of these elements is not determined by their place within the machine’s memory allocation. Instead, each element – or node – contains a data item and a pointer to the next item. 

Doubly linked list data structures

Doubly linked lists are more complex than singly linked lists – a node within the list contains a pointer to both the previous node and the next node. 

Stack data structures

Stacks structure data in a linear format, and elements can be inserted or removed from just one side of the list – the top – following the LIFO principle.

Queue data structures

Queues are similar to stacks, but elements can only be inserted or removed from the rear of the list, following the FIFO principle. There are also priority queues, where values are removed on the basis of priority.

Examples of non-linear data structures

Tree data structures

Trees store elements hierarchically and in a more abstract fashion than linear structures. Each node within the structure has a key value, and a parent node will link to child nodes – like branches on a family tree. There are a number of different types of tree structures, including red-black tree, AVL tree, and b-trees.

What is a binary tree?

Binary trees are tree data structures where each node has a maximum of two child nodes – a left child and a right child.

They are not to be confused with binary search trees, which are trees that are structured to be increasingly complex – a node is always more complex than the node that came before it, and the structure’s time complexity to operate will be directly proportional to the height of the tree.

Graph data structures

Graph structures are made up of a set of nodes – known as vertices – that can be visualised like points on a graph, and are connected by lines known as edges. Graph data structures follow the mathematical principles of graph theory

Hash data structures

Hash data structures include hash lists, hash tables, hash trees, and so on. The most commonly known is the hash table, also referred to as a hash map or dictionary, which can store large amounts of data, and maps keys to values through a hash function. They also employ a technique called chaining to avoid collisions, which can occur when two keys are hashed to the same index within the hash table.

Dig deeper into data structures

Explore data structures in depth and prepare for a career in computer science with the online MSc Computer Science at the University of York. One of your key modules covers data structures, so you’ll learn techniques for using algorithms and associated data structures while also studying computer programming, computer architecture and operating systems, and software engineering.

This master’s degree is studied 100% online and has been designed for working professionals and graduates who may not have a computer science background but want to launch a career in the lucrative field.

What is a business strategy?

A business strategy outlines the specific ways in which an organisation plans to position itself, achieve its short-term and long-term goals, and grow over a period of time. It draws on other important business resources, such as the organisation’s mission, its vision, and its values, to help chart its direction forward and deliver on its objectives.

A business strategy helps underpin an organisation’s other important strategies – for example, functional operational strategies – and helps staff, customers, investors, and other stakeholders better understand how it plans to achieve its goals.

A successful business strategy also ensures that an organisation – regardless of whether it’s a startup, a small business, or a global corporation– maintains a competitive advantage in its market. It’s there to help guide decision-making, particularly on matters such as business priorities, and resource allocation.

Where business strategies sit within organisations

A business strategy typically comes second to an organisation’s corporate strategy. The corporate strategy looks at the bigger picture – the market a business is operating in, new markets that may be profitable to enter, and how best to ensure company growth. 

The business strategy helps feed into the corporate strategy, and acts as a roadmap to help deliver on the corporate strategy. Sometimes, it may also feed into a competitive strategy, which outlines methods for strengthening an organisation’s market position, attracting clients away from competitors, and defining the unique selling points within the brand as well as its products and services.

At the same time, the functional and operating strategies feed into the business strategy. These two frameworks are responsible for effectively and efficiently delivering on the organisation’s objectives as outlined in the corporate, competitive, and business strategies.

It’s also worth noting that there are a number of other strategies that typically sit under an organisation’s business strategy. These can include the:

  • marketing strategy
  • pricing strategy
  • brand strategy
  • sales strategy
  • communications strategy
  • advertising strategy
  • PR and media strategy
  • social media strategy
  • promotion strategy

What is the difference between a business strategy and a business plan?

While a business strategy acts as an overarching strategic framework within an organisation, a business plan is more granular, outlining day-to-day activities and work. Effectively, a business plan is one of the tools that helps deliver the business strategy.

Business strategies are also separate to business models, which are the methods used to generate sales and growth within a business. Examples of business models include direct sales, subscriptions, and franchises.

Five questions a business strategy should answer

Global employment network Indeed suggests that there are five main questions a business strategy needs to answer in order to be useful to its business.

  1. Why is the organisation in business?
  2. What are its key selling points or core strengths?
  3. Who are its ideal customers?
  4. Which offers provide the best results for its customers and its company bottom-line?
  5. Will this strategic framework help the business achieve its goals and objectives?

Adequately answering these questions can help a business create or improve its market value, establish or enhance its reputation, and acquire customers in greater numbers.

What makes a good business strategy?

A lot of work goes on behind the scenes during business strategy formulation. 

Strategic management, including CEOs and business leaders, need to be on board and help drive the new strategy forward. 

This requires extensive analysis – in everything from the supply chain to market research –, as well as a thorough understanding of the organisation’s competitive position and competencies. This can be better understood through simple tools, such as a SWOT (Strengths, Weaknesses, Opportunities, and Threats) analysis or template.

Stakeholders – such as staff groups – should also be brought into the development process to help ensure its success.

The Chartered Management Institute (CMI) recommends that a good strategy is developed to be:

  • flexible
  • responsive
  • creative
  • challenging
  • realistic
  • focused
  • engaging

And in order to be effective, strategic planning also needs to be implemented appropriately. The CMI recommends implementation techniques such as: 

  • ensuring that plans are aligned with the organisation’s mission, vision and values
  • building an effective leadership team
  • creating a dedicated implementation plan
  • allocating sufficient budgetary resources
  • assigning objectives and responsibilities to the appropriate people
  • aligning structures, processes, and people throughout the organisation
  • communicating the strategy
  • reviewing and reporting on progress
  • making strategic adjustments as necessary
  • developing an organisational culture that supports the strategy

Types of business strategies

There are a number of different business strategies used within the business world.

Common business strategy examples include:

  • Cost leadership. Cost leadership business strategies focus on beating competitors’ prices. For example, businesses such as Amazon look for ways to increase efficiencies or reduce production costs so that their prices are lower than their competitors’ prices. They often rely on economies of scale.
  • Differentiation. Differentiation business strategies highlight the unique features of products and services to stand out from competitors.
  • Focused differentiation. Focused differentiation is typically used by businesses that target niche markets. For example, an eco-friendly child toy company might market itself specifically to environmentally conscious parents. 
  • Focused low-cost. Focused low-cost business strategies are similar to focused differentiation strategies, but their point of differentiation is specifically lower-cost products and services. 
  • Integrated low-cost/differentiation. An integrated low-cost/differentiation strategy is the middle ground between focused differentiation and focused low-cost business strategies. It’s effectively a hybrid model where differentiated products are sold at a lower-than-average price point.
  • Structuralist. A structuralist business strategy is one that is built around current market and industry norms. Everything from products to processes is structured around current market conditions and industry standards, and the business strategy is developed around this structure.
  • Growth. Growth strategies are suitable for businesses that want to actively expand into new markets and introduce new products or services. Their focus is on continual growth, increased revenue, and new business.
  • Price-skimming. Price-skimming strategies aim to quickly recoup initial expenses for things like production, manufacturing, and marketing. Businesses charge a higher-than-average price for their product or service to swiftly recover costs, and is commonly employed for organisations launching unique and innovative products to market for the first time.
  • Acquisition. An acquisition strategy relies on business purchases and mergers to grow an organisation. Benefits can include gaining valuable skills and staff – in addition to new funding pools and assets – as well as increasing market share, reducing competition, and diversification of products and services.

What is the main difference between a defensive and offensive strategy?

An offensive business strategy targets an organisation’s competitors. Whether it’s through lower, more competitive prices, new enhancements to products or services, or even marketing plans that directly attack the competition, an offensive strategy aims to take on a bigger share of the market.

A defensive business strategy, meanwhile, protects an organisation from its competitors. It aims to inspire customer loyalty and safeguard its market share, and will use tactics such as incentives, exclusive products – or exclusive arrangements with suppliers or partners – as well as above-average customer service, to entice and retain customers and maintain its competitive position.

Create business strategies that work

Expand your expertise in business and management strategy with the University of York’s flexible Master of Business Administration (MBA). This postgraduate degree will help you develop skills in everything from operations management and financial risk to marketing, organisational change, and cross-cultural management. And because it’s taught 100% online, you can study part-time around your current work commitments.

What is advanced programming?

Advanced programming is shorthand for the advanced-level programming techniques and concepts found in computer science.

Computer programmers typically move through three stages of competency – beginner, intermediate, and advanced – with advanced programmers working on more complex projects and typically earning higher salaries than their more junior colleagues.

Advanced programming concepts

Object-oriented programming

Object-oriented programming, or OOP, is a programming model that all advanced programmers should understand. It’s more advanced than basic procedural programming, which is taught to beginner programmers.

There are four principles of object-oriented programming:

  1. Encapsulation. Encapsulation is effectively the first step of object-oriented programming. It groups related data variables (called properties) and functions (called methods) into single units (called objects) to reduce source code complexity and increase its reusability.
  2. Abstraction. Abstraction essentially contains and conceals the inner-workings of object-oriented programming code to create simpler interfaces. 
  3. Inheritance. Inheritance is object-oriented programming’s mechanism for eliminating redundant code. It means that relevant properties and methods can be grouped into a single object that can then be reused repeatedly – without repeating the code again and again. 
  4. Polymorphism. Polymorphism, meaning many forms, is the technique used in object-oriented programming to render variables, methods, and objects in multiple forms.  

Event-driven programming

Event-driven programming is the programming model that allows for events – like a mouse-click from a user – to determine a programme’s actions. 

Commonly used in graphical user interface (GUI) application or software development, event-driven programming typically relies on user-generated events, such as pressing a key – or series of keys – on a keyboard, clicking a mouse, or touching the screen of a touchscreen device. However, events can also include messages that are passed from one programme to another.

Multithreaded programming

Multithreaded programming is an important component within computer architecture. It’s what allows central processing units (CPUs) to execute multiple sets of instructions – called threads – concurrently as part of a single process.

Operating systems that feature multithreading can perform more quickly and efficiently, switching between the threads within their queues and only loading the new or relevant components. 

Programming for data analysis

Businesses and governments at virtually every level are dependent on data analysis to operate and make informed decisions – and the tools they use for this work require advanced programming techniques and skills.

Through advanced programming, data analysts can:

  • search through large datasets and data types
  • find patterns and spot trends within data
  • build statistical models
  • create dashboards
  • produce useful visualisations to help illustrate data results and learning outcomes
  • efficiently extract data
  • carry out problem-solving tasks

Programming languages

A thorough understanding of programming language fundamentals, as well as expertise in some of the more challenging languages, are prerequisites to moving into advanced programming. It also helps to have knowledge about more complex concepts, such as arrays and recursion, imperative versus functional programming, application programming interfaces (APIs), and programming language specifications.

What are the different levels of programming languages?

Programming languages are typically split into two groups:

  1. High-level languages. These are the languages that people are most familiar with, and are written to be user-centric. High-level languages are typically written in English so that they are accessible to many people for writing and debugging, and include languages such as Python, Java, C, C++, SQL, and so on.
  2. Low-level languages. These languages are machine-oriented – represented in 0 or 1 forms – and include machine-level language and assembly language.

What is the best programming language for beginners?

According to CodeAcademy, the best programming language to learn first will depend on what an individual wants to achieve. The most popular programming languages, however, include:

  • C++, an all-purpose language used to build applications. 
  • C#, Microsoft’s programming language that has been adopted by Windows, Linux (derived from Unix), iOS, and Android, as well as huge numbers of game and mobile app developers.
  • JavaScript, a dynamic programming language that’s typically used for designing interactive websites.
  • Ruby, a general-purpose, dynamic programming language that’s one of the easiest scripting languages to learn.
  • Python, a general-purpose programming language commonly used in data science, machine learning, and web development. It can also support command-line interfaces.
  • SQL, a data-driven programming language commonly used for data analysis.

What are the top 10 programming languages?

TechnoJobs, a job site for IT and technical professionals, states that the top 10 programming languages for 2022 – based on requests from employers and average salaries – are:

  1. Python.
  2. JavaScript.
  3. C.
  4. PHP.
  5. Ruby.
  6. C++.
  7. C#.
  8. Java.
  9. TypeScript.
  10. Perl.

However, it’s worth noting that there are hundreds of programming languages, and the best one will vary depending on the advanced programming assignment, project, or purpose in question.

What’s the most advanced programming language?

Opinions vary on which programming language is the most advanced, challenging, or difficult, but Springboard, a mentoring platform for the tech industry, states the five hardest programming languages are:

  1. C++, because it has complex syntax, permissive language, and ideally requires existing knowledge in C programming before learning the C++ programming language.
  2. Prolog, because of its unconventional language, uncommon data structures, and because it requires a significantly competent compiler.
  3. LISP, because it is a fragmented language with domain-specific solutions, and uses extensive parentheses.
  4. Haskell, because of its jargon.
  5. Malbolge, because it is a self-modifying language that can result in erratic behaviour.

Alternatively, Springboard states that the easiest programming languages to learn are HTML, JavaScript, C, Python, and Java.

Start your career in computer science

Explore advanced programming concepts in greater detail with the MSc Computer Science at the University of York. This flexible master’s programme is designed for working professionals and graduates who may not currently have a computer science background but want to launch their career in the field, and because it’s taught 100% online, you can study around full-time work and personal commitments at different times and locations.

Your coursework will include modules in advanced programming as well as algorithms, artificial intelligence and machine learning, software engineering, and cyber security. As part of this advanced programming course, you will also have the opportunity to explore the social context of computing, such as the social impact of the internet, software piracy, and codes of ethics and conduct.