A Schools Cyber Incident Response Checklist
This week, Charlie gives advice on how schools and trusts can prepare for cyber incidents and provides a useful checklist of considerations. In last week’s bulletin, I wrote about ‘Business Continuity Planning in Schools’. Once the bulletin had gone out, it occurred to me that I hadn’t mentioned anything about cyber, so I thought this
Business Continuity Planning for Schools
In today’s bulletin, Charlie looks at the importance of business continuity plans in schools and discusses some of the events that schools should be planning for. Over the last few weeks, I have been working with an Academy Trust that has a number of primary and secondary schools, and I thought this week I would
Lessons Identified from the Taiwan Earthquake
In today’s bulletin, Charlie discusses the devastating earthquake that has hit Taiwan and highlights the importance of ‘lessons learned’ after a disaster. We are accustomed to witnessing mass casualties from earthquakes. The Turkey earthquake, reported to have killed 56,000 people in February 2023 and the Morocco earthquake in September of the same year, which claimed
Black Swans and Swiss Cheese – A Boat Crash in Baltimore
Charlie looks into the recent incident at Francis Scott Key Bridge in Baltimore and discusses the potential impacts of the accident. Often when I write my bulletin, it is about the latest cyber incident and what we can learn from it. However, last week, the crash of the MV Dali into the Francis Scott Key
Notes from The Gloucester City Council Managing a Cyber Attack – Case Study
In this week’s bulletin, Charlie gives an insight into Gloucester City Council’s cyber attack that took place late last year and discusses what we can learn from the incident. The above report was published in December 2023, and I have just got around to reading it. I thought that, after looking at the British Library’s
The British Library Cyber Incident Report – Standard or New Lessons?
In this week’s bulletin, Charlie looks into the cyber attack on the British Library and discusses what organisations can take away from the attack. It’s difficult to extract lessons learned from cyber response when you are not the responder. Most organisations don’t like to share their lessons, or when they do, they mainly do so
Website Defacement – What You Need to Know
This week, Charlie discusses website defacement and how to respond to it, and looks into some of the reasons why this type of cyber attack occurs. In the Live Online BCT Certificate in Cyber Incident Management (NCSC Assured Training) course I teach, we discuss various types of cyber attacks, and one of the types of attacks I
The Positives and Negatives of AI in the Cyberspace
In this week’s bulletin, Charlie investigates the newest AI-driven scams and examines the advantages and disadvantages of AI in the online world with the help of Google Gemini. This week, I was the allocated tutor for the BCT Certificate in Cyber Incident Management Course. This is the first time in a year and a half, so
Artificial Intelligence, Business Continuity, and the Scottish Continuity Group
In this week’s bulletin, Charlie reflects on his recent Scottish Continuity Group conference and talks about the potentials of artificial intelligence (AI) in our organisations. This week, I attended the Scottish Continuity Group conference, which had a great turnout and featured numerous excellent speakers. Thanks to the organisers, it was a well-run and organised event.
Drones – A New Business Continuity threat
This week, Charlie discusses the use of drones and the disruption they can cause, and looks at why they are being used more frequently. A couple of ideas inspired me to write this bulletin this week. I have been closely following the Ukraine war, especially as I am ex-military and have been fascinated by the
Charlie’s Listening and Reading Recommendations – January 2024
This week, Charlie discusses his podcast and reading recommendations for this month, and gives an insight into what we can get out of them. I have thought for a while that I should talk about what I have been reading and listening to, so here are my recommendations from the past month: When It Hits
Some Observations On The Baroness Mone of Mayfair OBE’s Crisis Management
In this week’s bulletin, Charlie discusses the controversy surrounding Michelle Mone and her husband Douglas Barrowman, and provides some advice around how we can improve our crisis management. I was listening to the news on the radio this morning, and they were talking about the recent revelations about the tax schemes which Michelle Mone’s husband,
The Post Office Scandal – Why Now?
In this week’s bulletin, Charlie discusses the Post Office scandal and why, only now, has the scandal become headline news. You can’t avoid the post office scandal in the news this week, so I thought I should write about it. What I find interesting about this scandal is why it is now mainstream news, with
Ten Business Continuity Trends to Watch in 2024
The first bulletin of the year highlights some trends that Charlie thinks will show up this year, and he gives some advice to organisations on how to be prepared for these. Happy New Year to all readers! I hope you were able to have a good break. This is the time of year to look
The ‘Great A9 Disaster’ of 8th December 2023
This week, Charlie talks about his experiences with dealing with an incident on the road and discusses what he learnt from the situation. As I have mentioned a few times on this bulletin, I spend a lot of my time telling people how to respond to incidents rather than being part of the response myself.
Ransomware- Considerations for whether you should pay or not pay a ransom
In this week’s bulletin, Charlie discusses the pros and cons of paying a ransom and provides us with some advice about how we can be more resilient when faced with a ransomware threat. This week, I conducted a cyber exercise with a Housing Association, and I have another upcoming exercise with a senior management team.
Clarion Housing Association Cyber Incident, June 2022 – A Case Study
In this week’s bulletin, Charlie looks at the recent cyber incident from Clarion and explains how organisations can recover from a cyber incident. Next week, I am conducting a cyber exercise for a housing association, and in preparation, I decided to explore the specific impact of a cyber incident on housing associations. When discussing cyber-attacks,
Vishing – What Is It and Should You Be Worried?
This week, Charlie discusses vishing and how it can affect your organisation, and looks at the importance of sufficient cyber training in the workplace. This week, I was going to write about the MGM Resorts hack in September 2023 and, as part of my research on the hack and its effects on the casino, I
My 10 Favourite Learning Podcasts
This week, Charlie gives an insight into some of his podcast recommendations and discusses what topics are covered and where you can listen to them yourself. I thought for the bulletin this week, I would share a few of my favourite learning podcasts. Podcasts are always great for long car journeys or commutes. You make
Some Reflections on BCI World Hybrid 2023
We’ve been to BCI World Hybrid 2023! In this week’s bulletin, Charlie discusses his experience of the conference and highlights his favourite moments. This week, I attended BCI World Hybrid, and I’ve always considered this conference a barometer of the state of the business continuity profession and its current discussions. So, here are some thoughts:
What is MITRE ATT&CK and Why Might You Be Interested in It?
In this week’s bulletin, Charlie explains what MITRE ATT&CK is and the importance of familiarising yourself with its framework. First, this question may not apply to you if you’re a “techie” involved in preparing your organisation for a cyberattack. You should already be familiar with the framework and use it as a part of developing
An Old Threat Returns – Terrorist Attacks in Europe?
This week, Charlie discusses the importance of having updated response plans in case of an emergency and looks at why organisations should keep in contact with staff during an incident. This week’s bulletin was inspired by several recent events that have converged, reminding us of a threat that seemed to have waned for a while.
Why Flowcharts Aren’t Appropriate in Business Continuity Plans
In this week’s bulletin, Charlie discusses his reasons why flowcharts aren’t useful in most business continuity plans, and looks into how we could improve our plans. Over the last couple of days, I have been rewriting a client’s business continuity plan. One of the features of their plan has been to have a number of
Closing and Reopening Offices, Restaurants, and Retail Outlets, after an Incident
In this week’s bulletin, Charlie discusses his recent exercises around reassuring customers after an incident and talks about how we should approach reopening. This may not sound like the most scintillating subject, but it’s a critical consideration for a crisis team following a major incident that necessitates the closure of offices, restaurants, or retail outlets.
Pickups for Peace – A Visit to Ukraine
Charlie and Kim have just come back from a visit to Ukraine, where they teamed up with a Scottish charity, ‘Pickups for Peace’, to help deliver numerous pickup trucks to the Ukrainian military. The bulletin this week gives us an insight into what they experienced! Last week, we were in Ukraine delivering a pickup to