Ransomware Victim Experience: RUSI Report
In this week’s bulletin Charlie highlights the key learnings from the RUSI Report. As a teacher of cyber incident management, I quite rarely get to hear first-hand about cyber incidents, and case studies are quite rare. The public sector has done a few, including SEPA, the London Library, and Gloucestershire City Council, but overall, information
What Can We Learn From the Synnovis NHS Lab Cyber Attack?
In this week’s bulletin, Charlie discusses the recent NHS cyber attack and what lesssons we can learn from what happened. Last week I was keen to write a bulletin on the above subject, but I ran out of time. This week I was determined to get it written and out to bulletin readers. The incident
Have Cyber Attacks Killed People? – Updated June 2024
In this week’s bulletin, Charlie continues his bulletin from 2022 on whether cyber attacks have killed people, and looks at the impacts of a cyber attack in the healthcare sector. In August 2022, I wrote the following bulletin ‘Have Cyber Attacks Killed People’ which looked at possible incidents which might have caused deaths. It looked at direct
Where Do You Get Your News?
In this week’s bulletin, Charlie looks at different news platforms and gives his experience of comments left on LinkedIn for recent D-Day tributes. To date, I have contentiously avoided getting TikTok on my phone. Not for any moral reason, but as my youngest daughter Phoebe said, “Daddy, you will enjoy it too much.”. I can
Who Should Lead Your Crisis or Incident Team?
In this week’s bulletin, Charlie discusses the role of a leader in a crisis team and looks at some of the key things to consider when choosing a leader. I went to an interesting and informative webinar this week titled ‘How to Lead Effectively in a Crisis‘, with Jonathan Hemus asking the questions and Sean
Cyber Incidents Involving MSPs: Six Lessons from the CTS Cyber Incident
In this week’s bulletin, Charlie looks at the role of MSPs in a cyber incident and gives an insight into how they can work with organisations to be prepared for a potential incident. In a couple of weeks, I am doing a presentation at a ScotlandIS event in Glasgow which will be attended by MSPs,
Cyber Incident Management Exercises – Exercising Beyond the Basics
In this week’s bulletin, Charlie discusses what is covered in basic and advanced cyber exercises and looks at why organisations should consider running more sophisticated exercises. As cyber attacks continue apace – and having ran a sophisticated cyber exercise on Tuesday – I thought for this week’s bulletin, I would share some thoughts on ‘exercising
A Schools Cyber Incident Response Checklist
This week, Charlie gives advice on how schools and trusts can prepare for cyber incidents and provides a useful checklist of considerations. In last week’s bulletin, I wrote about ‘Business Continuity Planning in Schools’. Once the bulletin had gone out, it occurred to me that I hadn’t mentioned anything about cyber, so I thought this
Business Continuity Planning for Schools
In today’s bulletin, Charlie looks at the importance of business continuity plans in schools and discusses some of the events that schools should be planning for. Over the last few weeks, I have been working with an Academy Trust that has a number of primary and secondary schools, and I thought this week I would
Lessons Identified from the Taiwan Earthquake
In today’s bulletin, Charlie discusses the devastating earthquake that has hit Taiwan and highlights the importance of ‘lessons learned’ after a disaster. We are accustomed to witnessing mass casualties from earthquakes. The Turkey earthquake, reported to have killed 56,000 people in February 2023 and the Morocco earthquake in September of the same year, which claimed
Black Swans and Swiss Cheese – A Boat Crash in Baltimore
Charlie looks into the recent incident at Francis Scott Key Bridge in Baltimore and discusses the potential impacts of the accident. Often when I write my bulletin, it is about the latest cyber incident and what we can learn from it. However, last week, the crash of the MV Dali into the Francis Scott Key
Notes from The Gloucester City Council Managing a Cyber Attack – Case Study
In this week’s bulletin, Charlie gives an insight into Gloucester City Council’s cyber attack that took place late last year and discusses what we can learn from the incident. The above report was published in December 2023, and I have just got around to reading it. I thought that, after looking at the British Library’s
The British Library Cyber Incident Report – Standard or New Lessons?
In this week’s bulletin, Charlie looks into the cyber attack on the British Library and discusses what organisations can take away from the attack. It’s difficult to extract lessons learned from cyber response when you are not the responder. Most organisations don’t like to share their lessons, or when they do, they mainly do so
Website Defacement – What You Need to Know
This week, Charlie discusses website defacement and how to respond to it, and looks into some of the reasons why this type of cyber attack occurs. In the Live Online BCT Certificate in Cyber Incident Management (NCSC Assured Training) course I teach, we discuss various types of cyber attacks, and one of the types of attacks I
The Positives and Negatives of AI in the Cyberspace
In this week’s bulletin, Charlie investigates the newest AI-driven scams and examines the advantages and disadvantages of AI in the online world with the help of Google Gemini. This week, I was the allocated tutor for the BCT Certificate in Cyber Incident Management Course. This is the first time in a year and a half, so
Artificial Intelligence, Business Continuity, and the Scottish Continuity Group
In this week’s bulletin, Charlie reflects on his recent Scottish Continuity Group conference and talks about the potentials of artificial intelligence (AI) in our organisations. This week, I attended the Scottish Continuity Group conference, which had a great turnout and featured numerous excellent speakers. Thanks to the organisers, it was a well-run and organised event.
Drones – A New Business Continuity threat
This week, Charlie discusses the use of drones and the disruption they can cause, and looks at why they are being used more frequently. A couple of ideas inspired me to write this bulletin this week. I have been closely following the Ukraine war, especially as I am ex-military and have been fascinated by the
Charlie’s Listening and Reading Recommendations – January 2024
This week, Charlie discusses his podcast and reading recommendations for this month, and gives an insight into what we can get out of them. I have thought for a while that I should talk about what I have been reading and listening to, so here are my recommendations from the past month: When It Hits
Some Observations On The Baroness Mone of Mayfair OBE’s Crisis Management
In this week’s bulletin, Charlie discusses the controversy surrounding Michelle Mone and her husband Douglas Barrowman, and provides some advice around how we can improve our crisis management. I was listening to the news on the radio this morning, and they were talking about the recent revelations about the tax schemes which Michelle Mone’s husband,
The Post Office Scandal – Why Now?
In this week’s bulletin, Charlie discusses the Post Office scandal and why, only now, has the scandal become headline news. You can’t avoid the post office scandal in the news this week, so I thought I should write about it. What I find interesting about this scandal is why it is now mainstream news, with
Ten Business Continuity Trends to Watch in 2024
The first bulletin of the year highlights some trends that Charlie thinks will show up this year, and he gives some advice to organisations on how to be prepared for these. Happy New Year to all readers! I hope you were able to have a good break. This is the time of year to look
The ‘Great A9 Disaster’ of 8th December 2023
This week, Charlie talks about his experiences with dealing with an incident on the road and discusses what he learnt from the situation. As I have mentioned a few times on this bulletin, I spend a lot of my time telling people how to respond to incidents rather than being part of the response myself.
Ransomware- Considerations for whether you should pay or not pay a ransom
In this week’s bulletin, Charlie discusses the pros and cons of paying a ransom and provides us with some advice about how we can be more resilient when faced with a ransomware threat. This week, I conducted a cyber exercise with a Housing Association, and I have another upcoming exercise with a senior management team.
Clarion Housing Association Cyber Incident, June 2022 – A Case Study
In this week’s bulletin, Charlie looks at the recent cyber incident from Clarion and explains how organisations can recover from a cyber incident. Next week, I am conducting a cyber exercise for a housing association, and in preparation, I decided to explore the specific impact of a cyber incident on housing associations. When discussing cyber-attacks,
Vishing – What Is It and Should You Be Worried?
This week, Charlie discusses vishing and how it can affect your organisation, and looks at the importance of sufficient cyber training in the workplace. This week, I was going to write about the MGM Resorts hack in September 2023 and, as part of my research on the hack and its effects on the casino, I