Guidance on Writing the First External Communication After a Cyber Incident
In today’s bulletin, Charlie provides some useful information on how organisations should approach their communication to customers after a cyber incident. The following is guidance on communicating after a cyber incident. The formats for the initial communications are likely to be a press statement and information on the organisation’s website. 1 – Decide how visible
Good, but Could Be Better: Cyber Comms Lessons from Glasgow City Council’s Cyber Attack – Initial Communications
In this week’s bulletin, Charlie discusses the strengths and weaknesses of Glasgow City Council’s initial communications following a recent cyber attack, highlighting key lessons for crisis and business continuity professionals. As a business continuity professional, I rather enjoy reviewing the crisis communications from an organisation in the few days after a cyber attack. It provides
The Kelly Report – Incident Management Lessons from the Heathrow Substation Fire
In this week’s bulletin, Charlie discusses the Kelly Report from Heathrow substation fire and how they responded to the incident. As business continuity practitioners we should never stop learning and taking lessons where and when we can find them, be that from internal enquiries or wash-ups to reports from major incidents either locally, nationally or
In Praise of Plan Walkthroughs
In this week’s bulletin, Charlie discusses the value of going back to basics with a series of business continuity plan walkthroughs, highlighting how a structured review of plan content helped participants truly understand their roles and responsibilities during an incident. This week, I have been doing a number of plan walkthroughs for a client. The
The Co-op Cyber Attack – A Timeline Case Study
In today’s bulletin, Charlie revisits the recent Co-op cyber attack and provides a useful timeline of events to highlight the progress of the incident. This week, I thought I would go back to cyber, as for the last two weeks I have been delivering my cyber course – firstly as a public course, and secondly as a
The Crisis Communications Iceberg
This week, Charlie looks at key considerations in your communications response to an incident, and highlights the importance of including all staff in the communication. I have been delivering some crisis training this week to a client in the South of England, and I thought I would share some thoughts from that training. Typically when we mention communications in the context
BCAW+R 2025 – Some Thoughts
In today’s bulletin, Charlie discusses the webinars that were showcased by the BCI during BCAW and gives an insight into this year’s theme, ‘Empowering Resilience with AI’. This week, I was asked to write my bulletin on BCAW+R 2025 (Business Continuity & Resilience Awareness Week). With two days dedicated to cyber training and the other two
Initial Customer Communications After a Cyber Incident – A Comparison of M&S and Co-op’s Email to Customers
In this week’s bulletin, Charlie discusses Marks and Spencer’s and Co-op’s recent cyber incidents, and rates their communications to customers. I have been abroad for the last two weekends, first playing at the Majorca Beach Rugby Tournament, and then watching the Glasgow Warriors, with the NCSC conference in Manchester in between. As a result, there
What Does the CYBERUK Conference Tell Us About the State of the Cyber Industry?
In this week’s bulletin, Charlie discusses the recent CYBERUK conference and highlights key takeaways from the conference. This week I’ve been at the CYBERUK Conference in Manchester, and I thought I’d use the opportunity to share my impressions of the cyber industry, based on what I saw and heard at the event. As PlanB Consulting
What Are Deepfakes, And Should I Be Worried About Them?
In this week’s bulletin, Charlie discusses deepfakes and how organisations can be better prepared for them. Images, throughout history, have been used to tell stories and to emphasise their importance and to flatter individuals or to mock and belittle them. Deepfakes are the modern manifest of this trend. Next week, I am going to be
Should We Be Using AI to Transcribe Incident or Crisis Team Meetings?
In today’s bulletin, Charlie talks about transcribing in meetings and looks into the pros and cons of recording meetings. I was having a long discussion with my colleague, Jamie Lees, this morning all about a talk we are giving for Business Continuity Awareness Week. We have a working title of “Man or Machine: Who Should
Tariffs and Market Volatility: What is the Role of the Business Continuity Manager?
In this week’s bulletin, Charlie discusses tariffs and how businesses can be more resilient to external change and disruption. As an in-house business continuity manager, I’ve always believed there should be a clear distinction between managing crises and incidents—whatever your organisation calls them—and addressing day-to-day or longer-term challenges that could affect operations. If I was
Heathrow Power Outage: Unseen Lessons
In today’s bulletin, Charlie discusses Heathrow Airport’s recent power outage and gives advice on how we can learn from the event. I did a load of research for this week’s podcast, so I thought I would use that research to write the bulletin as well. I wrote a bulletin some time ago on the CrowdStrike incident and whether consultants
Learnings from the Dragos 2025 OT Cybersecurity Report: What We Can Learn from the Latest Attacks
In the latest bulletin, Charlie discusses the introduction of learning theories in exercising and looks into why these theories are useful when conducting an exercise.
How We Learn From Exercises And Do We Bother Thinking About This?
In the latest bulletin, Charlie discusses the introduction of learning theories in exercising and looks into why these theories are useful when conducting an exercise.
Backing Up OT, SCADA and PLCs
In this week’s bulletin, Charlie continues his discussion into backups, looking at devices that are responsible for keeping machinery running smoothly. Today’s bulletin sounds like a scintillating subject and is guaranteed to send you to sleep, but bear with us, as this is an extremely important topic. Operational Technology (OT) can be found in industrial
Supply Chain Resilience Training: What Has Changed Over The Last 10 Years?
In today’s bulletin, Charlie discusses supply chains and business continuity and gives an insight into some useful case studies around supply chain resilience. Around 2010, I wrote a supply chain course which was then adopted by the BCI and delivered by its training partners worldwide. I had a similar version of it, which I delivered
Stages of Recovery After a Cyber Incident
In this week’s bulletin, Charlie looks at the 9 stages of recovery from a cyber incident and highlights the importance of having recovery in our business continuity plans. This is the third part of my journey to discover more about backups and the technical aspects of recovery after a cyber incident. I realise most readers
Resilient Scotland 2025- Scottish Continuity
Resilient Scotland 2025- Scottish Continuity – 25/02/2025 – Dynamic Earth Edinburgh
Should We Be Visiting Our ‘Maximum Scale of Incident’?
In this week’s bulletin, Charlie discusses global issues and gives an insight into what is meant by ‘Maximum Scale of Incident’. I was listening to the news in the middle of the night and I very much felt, in the words of Bob Dylan, “The times they are a-changin”. We have the likelihood of tariffs,
The Long Tail of Cyber Incidents – A Comhairle nan Eilean Siar (Western Isles Council) Case Study
In today’s bulletin, Charlie looks at the cyber attack that has affected Comhairle nan Eilean Siar and discusses the impacts of the attack. This week, I conducted an exercise with a client in the financial sector. At the end of the exercise, we discussed how long it would take the organisation to recover all its
Is the UK National Risk Register 2025 Any Use to Business Continuity Practitioners?
In this week’s bulletin, Charlie discusses the usefulness of the UK’s National Risk Register and categorises the risks depending on the area they may affect. A couple of weeks ago, we had a two-day ‘away day’ at PlanB Consulting, looking at our plans for the next year but also reviewing our service delivery to ensure
Backups: What Do You Need to Think About?
Continuing/following on from his bulletin on backups in December, this week Charlie looks at them in more detail and provides some useful points to consider in our own organisations. I did my first bulletin about backups before Christmas and thought I would continue today by sharing what I have learned. I must say thanks to
What Is A Polycrisis and What Is The Impact On Business Continuity Practitioners?
In this week’s bulletin, Charlie discusses what a polycrisis is, what its characteristics are defined as, and its impact on business continuity practitioners and crisis managers. The media and press are increasingly focusing on the new Trump presidency and its potential impact on the world. There is much speculation on what he will do, what
Eight Lessons from the Los Angeles Fires
In this week’s bulletin, Charlie discusses the impact of the devastating fires in Los Angeles and gives an important insight into what we can learn from the event. This week, I was interviewed by Alex Fullick for his ‘Preparing for the Unexpected’ podcast. The title of my talk was ‘Future Risks: Why the World is