“Concentrate on Preparing to Recover” – Sage Advice From Someone Who Has Managed a Cyber Incident
In today’s bulletin, Charlie discusses Comhairle nan Eilean Siar’s cyber attack back in 2023 and gives an insight into ways organisations can aid recovery after a cyber incident. This week, as some of you may have seen on LinkedIn, I have been in Stornoway on the Isle of Lewis, speaking to the Council about their
Survey – How Are Resilience Professionals And Others Using AI?
We need your help! In this week’s bulletin, Charlie has provided a short survey on how resilience professionals use AI in their organisations. I thought for this week’s bulletin, I would reach out for your help. As part of the Emergency Planning Society’s Communication Professional Working Group, I have developed a survey on how resilience
Key Takeaways From Check Point’s ‘The State of Cyber Security’ Report
In today’s bulletin, Charlie discusses the recent findings from Check Point’s State of Cyber Security Report and gives an idea of the takeaways from the report. This week, I have been teaching my two-day cyber course, and I felt inspired to write something on cyber. While browsing the internet, I came across Check Point’s report
The Pandora Hack – What Can We Learn From It?
In this week’s bulletin, Charlie discusses the recent Pandora cyber attack and gives an insight into the lessons we can learn from the incident. A couple of events have inspired the bulletin this week. Firstly, my wife, Kim, received an email from Pandora, the jewellery company, informing her of a data breach. This resonated with
“Come What May” – Lucy Easthope: A Must-Read For BC Professionals
In this week’s bulletin, Charlie gives an insight into Lucy Easthope’s book which provides some useful takeaways for dealing with an incident. I have been off for the last couple of weeks and have been trying to do some reading. I have been working through Lucy Easthope’s book, Come What May: Life-Changing Lessons for Coping
Accidental Data Breaches: Lessons From the PSNI and Afghanistan ‘Super Injunction’ Data Leak
In today’s bulletin, Charlie discusses accidental data breaches and gives an insight into the key takeaways from this, so similar breaches don’t occur in our own organisations. Three things came together to inspire me to write on the above subject this week. Firstly, the news of the Afghanistan super injunction and its impact has been
Have Cyber-Attacks Killed People? Updated July 2025
In this week’s bulletin, Charlie discusses whether cyber-attacks have ever directly caused a death, revisiting past and recent incidents. This is almost becoming an annual occurrence: writing a report that examines whether, as per the title, cyber-attacks have directly contributed to the death of a person or people. While there are numerous case studies showing
Guidance on Writing the First External Communication After a Cyber Incident
In today’s bulletin, Charlie provides some useful information on how organisations should approach their communication to customers after a cyber incident. The following is guidance on communicating after a cyber incident. The formats for the initial communications are likely to be a press statement and information on the organisation’s website. 1 – Decide how visible
Good, but Could Be Better: Cyber Comms Lessons from Glasgow City Council’s Cyber Attack – Initial Communications
In this week’s bulletin, Charlie discusses the strengths and weaknesses of Glasgow City Council’s initial communications following a recent cyber attack, highlighting key lessons for crisis and business continuity professionals. As a business continuity professional, I rather enjoy reviewing the crisis communications from an organisation in the few days after a cyber attack. It provides
The Kelly Report – Incident Management Lessons from the Heathrow Substation Fire
In this week’s bulletin, Charlie discusses the Kelly Report from Heathrow substation fire and how they responded to the incident. As business continuity practitioners we should never stop learning and taking lessons where and when we can find them, be that from internal enquiries or wash-ups to reports from major incidents either locally, nationally or
In Praise of Plan Walkthroughs
In this week’s bulletin, Charlie discusses the value of going back to basics with a series of business continuity plan walkthroughs, highlighting how a structured review of plan content helped participants truly understand their roles and responsibilities during an incident. This week, I have been doing a number of plan walkthroughs for a client. The
The Co-op Cyber Attack – A Timeline Case Study
In today’s bulletin, Charlie revisits the recent Co-op cyber attack and provides a useful timeline of events to highlight the progress of the incident. This week, I thought I would go back to cyber, as for the last two weeks I have been delivering my cyber course – firstly as a public course, and secondly as a
The Crisis Communications Iceberg
This week, Charlie looks at key considerations in your communications response to an incident, and highlights the importance of including all staff in the communication. I have been delivering some crisis training this week to a client in the South of England, and I thought I would share some thoughts from that training. Typically when we mention communications in the context
BCAW+R 2025 – Some Thoughts
In today’s bulletin, Charlie discusses the webinars that were showcased by the BCI during BCAW and gives an insight into this year’s theme, ‘Empowering Resilience with AI’. This week, I was asked to write my bulletin on BCAW+R 2025 (Business Continuity & Resilience Awareness Week). With two days dedicated to cyber training and the other two
Initial Customer Communications After a Cyber Incident – A Comparison of M&S and Co-op’s Email to Customers
In this week’s bulletin, Charlie discusses Marks and Spencer’s and Co-op’s recent cyber incidents, and rates their communications to customers. I have been abroad for the last two weekends, first playing at the Majorca Beach Rugby Tournament, and then watching the Glasgow Warriors, with the NCSC conference in Manchester in between. As a result, there
What Does the CYBERUK Conference Tell Us About the State of the Cyber Industry?
In this week’s bulletin, Charlie discusses the recent CYBERUK conference and highlights key takeaways from the conference. This week I’ve been at the CYBERUK Conference in Manchester, and I thought I’d use the opportunity to share my impressions of the cyber industry, based on what I saw and heard at the event. As PlanB Consulting
What Are Deepfakes, And Should I Be Worried About Them?
In this week’s bulletin, Charlie discusses deepfakes and how organisations can be better prepared for them. Images, throughout history, have been used to tell stories and to emphasise their importance and to flatter individuals or to mock and belittle them. Deepfakes are the modern manifest of this trend. Next week, I am going to be
Should We Be Using AI to Transcribe Incident or Crisis Team Meetings?
In today’s bulletin, Charlie talks about transcribing in meetings and looks into the pros and cons of recording meetings. I was having a long discussion with my colleague, Jamie Lees, this morning all about a talk we are giving for Business Continuity Awareness Week. We have a working title of “Man or Machine: Who Should
Tariffs and Market Volatility: What is the Role of the Business Continuity Manager?
In this week’s bulletin, Charlie discusses tariffs and how businesses can be more resilient to external change and disruption. As an in-house business continuity manager, I’ve always believed there should be a clear distinction between managing crises and incidents—whatever your organisation calls them—and addressing day-to-day or longer-term challenges that could affect operations. If I was
Heathrow Power Outage: Unseen Lessons
In today’s bulletin, Charlie discusses Heathrow Airport’s recent power outage and gives advice on how we can learn from the event. I did a load of research for this week’s podcast, so I thought I would use that research to write the bulletin as well. I wrote a bulletin some time ago on the CrowdStrike incident and whether consultants
Learnings from the Dragos 2025 OT Cybersecurity Report: What We Can Learn from the Latest Attacks
In the latest bulletin, Charlie discusses the introduction of learning theories in exercising and looks into why these theories are useful when conducting an exercise.
How We Learn From Exercises And Do We Bother Thinking About This?
In the latest bulletin, Charlie discusses the introduction of learning theories in exercising and looks into why these theories are useful when conducting an exercise.
Backing Up OT, SCADA and PLCs
In this week’s bulletin, Charlie continues his discussion into backups, looking at devices that are responsible for keeping machinery running smoothly. Today’s bulletin sounds like a scintillating subject and is guaranteed to send you to sleep, but bear with us, as this is an extremely important topic. Operational Technology (OT) can be found in industrial
Supply Chain Resilience Training: What Has Changed Over The Last 10 Years?
In today’s bulletin, Charlie discusses supply chains and business continuity and gives an insight into some useful case studies around supply chain resilience. Around 2010, I wrote a supply chain course which was then adopted by the BCI and delivered by its training partners worldwide. I had a similar version of it, which I delivered
Stages of Recovery After a Cyber Incident
In this week’s bulletin, Charlie looks at the 9 stages of recovery from a cyber incident and highlights the importance of having recovery in our business continuity plans. This is the third part of my journey to discover more about backups and the technical aspects of recovery after a cyber incident. I realise most readers