Website Defacement – What You Need to Know
This week, Charlie discusses website defacement and how to respond to it, and looks into some of the reasons why this type of cyber attack occurs. In the Live Online BCT Certificate in Cyber Incident Management (NCSC Assured Training) course I teach, we discuss various types of cyber attacks, and one of the types of attacks I
The Positives and Negatives of AI in the Cyberspace
In this week’s bulletin, Charlie investigates the newest AI-driven scams and examines the advantages and disadvantages of AI in the online world with the help of Google Gemini. This week, I was the allocated tutor for the BCT Certificate in Cyber Incident Management Course. This is the first time in a year and a half, so
Artificial Intelligence, Business Continuity, and the Scottish Continuity Group
In this week’s bulletin, Charlie reflects on his recent Scottish Continuity Group conference and talks about the potentials of artificial intelligence (AI) in our organisations. This week, I attended the Scottish Continuity Group conference, which had a great turnout and featured numerous excellent speakers. Thanks to the organisers, it was a well-run and organised event.
Drones – A New Business Continuity threat
This week, Charlie discusses the use of drones and the disruption they can cause, and looks at why they are being used more frequently. A couple of ideas inspired me to write this bulletin this week. I have been closely following the Ukraine war, especially as I am ex-military and have been fascinated by the
Charlie’s Listening and Reading Recommendations – January 2024
This week, Charlie discusses his podcast and reading recommendations for this month, and gives an insight into what we can get out of them. I have thought for a while that I should talk about what I have been reading and listening to, so here are my recommendations from the past month: When It Hits
Some Observations On The Baroness Mone of Mayfair OBE’s Crisis Management
In this week’s bulletin, Charlie discusses the controversy surrounding Michelle Mone and her husband Douglas Barrowman, and provides some advice around how we can improve our crisis management. I was listening to the news on the radio this morning, and they were talking about the recent revelations about the tax schemes which Michelle Mone’s husband,
The Post Office Scandal – Why Now?
In this week’s bulletin, Charlie discusses the Post Office scandal and why, only now, has the scandal become headline news. You can’t avoid the post office scandal in the news this week, so I thought I should write about it. What I find interesting about this scandal is why it is now mainstream news, with
Ten Business Continuity Trends to Watch in 2024
The first bulletin of the year highlights some trends that Charlie thinks will show up this year, and he gives some advice to organisations on how to be prepared for these. Happy New Year to all readers! I hope you were able to have a good break. This is the time of year to look
The ‘Great A9 Disaster’ of 8th December 2023
This week, Charlie talks about his experiences with dealing with an incident on the road and discusses what he learnt from the situation. As I have mentioned a few times on this bulletin, I spend a lot of my time telling people how to respond to incidents rather than being part of the response myself.
Ransomware- Considerations for whether you should pay or not pay a ransom
In this week’s bulletin, Charlie discusses the pros and cons of paying a ransom and provides us with some advice about how we can be more resilient when faced with a ransomware threat. This week, I conducted a cyber exercise with a Housing Association, and I have another upcoming exercise with a senior management team.
Clarion Housing Association Cyber Incident, June 2022 – A Case Study
In this week’s bulletin, Charlie looks at the recent cyber incident from Clarion and explains how organisations can recover from a cyber incident. Next week, I am conducting a cyber exercise for a housing association, and in preparation, I decided to explore the specific impact of a cyber incident on housing associations. When discussing cyber-attacks,
Vishing – What Is It and Should You Be Worried?
This week, Charlie discusses vishing and how it can affect your organisation, and looks at the importance of sufficient cyber training in the workplace. This week, I was going to write about the MGM Resorts hack in September 2023 and, as part of my research on the hack and its effects on the casino, I
My 10 Favourite Learning Podcasts
This week, Charlie gives an insight into some of his podcast recommendations and discusses what topics are covered and where you can listen to them yourself. I thought for the bulletin this week, I would share a few of my favourite learning podcasts. Podcasts are always great for long car journeys or commutes. You make
Some Reflections on BCI World Hybrid 2023
We’ve been to BCI World Hybrid 2023! In this week’s bulletin, Charlie discusses his experience of the conference and highlights his favourite moments. This week, I attended BCI World Hybrid, and I’ve always considered this conference a barometer of the state of the business continuity profession and its current discussions. So, here are some thoughts:
What is MITRE ATT&CK and Why Might You Be Interested in It?
In this week’s bulletin, Charlie explains what MITRE ATT&CK is and the importance of familiarising yourself with its framework. First, this question may not apply to you if you’re a “techie” involved in preparing your organisation for a cyberattack. You should already be familiar with the framework and use it as a part of developing
An Old Threat Returns – Terrorist Attacks in Europe?
This week, Charlie discusses the importance of having updated response plans in case of an emergency and looks at why organisations should keep in contact with staff during an incident. This week’s bulletin was inspired by several recent events that have converged, reminding us of a threat that seemed to have waned for a while.
Why Flowcharts Aren’t Appropriate in Business Continuity Plans
In this week’s bulletin, Charlie discusses his reasons why flowcharts aren’t useful in most business continuity plans, and looks into how we could improve our plans. Over the last couple of days, I have been rewriting a client’s business continuity plan. One of the features of their plan has been to have a number of
Closing and Reopening Offices, Restaurants, and Retail Outlets, after an Incident
In this week’s bulletin, Charlie discusses his recent exercises around reassuring customers after an incident and talks about how we should approach reopening. This may not sound like the most scintillating subject, but it’s a critical consideration for a crisis team following a major incident that necessitates the closure of offices, restaurants, or retail outlets.
Pickups for Peace – A Visit to Ukraine
Charlie and Kim have just come back from a visit to Ukraine, where they teamed up with a Scottish charity, ‘Pickups for Peace’, to help deliver numerous pickup trucks to the Ukrainian military. The bulletin this week gives us an insight into what they experienced! Last week, we were in Ukraine delivering a pickup to
The RAAC Crisis – What Can We Learn?
This week, Charlie discusses the ongoing RAAC (Reinforced Autoclaved Aerated Concrete) crisis and advises us on what we can take away from the crisis. Once again, we have a business continuity incident dominating the headlines. When business continuity was first conceived in the 1990s, it focused on what we should do if the buildings our
An Old Threat Returns…Computer Outage
Charlie discusses the recent IT failure of NATS which caused numerous flight delays and gives an insight into why we should plan for a potential IT failure in our organisations. The failure of the NATS[1] (National Air Traffic Services) computer was one of the big stories of the week, with the import of one flight plan
When to Use Silence as a Crisis Media Strategy
In this week’s bulletin, Charlie discusses the positives and potential drawbacks of keeping silent after an incident, and looks at when we could consider silence as an effective response strategy. There are many instances when saying ‘no comment’ and not engaging with stakeholders can be seen as crassness. It can imply that you have something
Data Breaches: Does Anyone Care?
Charlie talks about the recent cyber attacks on the University of the West of Scotland (UWS) and the Police Service of Northern Ireland (PSNI) and discusses the impacts of these attacks. In this bulletin, I emphasise that, while data breaches impact all those whose data has been compromised, until organisations face financial and reputational consequences,
Arrogance: The Undoing of Many Senior Managers – NatWest Thoughts
In this week’s bulletin, Charlie shares his thoughts on the recent NatWest scandal and discusses how senior managers should handle a crisis. I have been closely following the Coutts, NatWest, and Dame Alison Rose crisis over the last few days, contemplating the lessons we can learn from it. Crisis professionals can teach senior managers how
Use of Cyber Threat Intelligence to Guide Crisis Response: A Checklist for Crisis Teams
In this week’s bulletin, Charlie discusses the questions that organisations should be considering when carrying out a potential response to a cyber-attack, including how the attacker got into the system and what their potential motives could be. When organisations are the subject of a cyber-attack, many plans I have seen do not include some