Our Work with Aruba’s Water Suppliers
We have been proudly working with WEB Aruba to help them create crisis management plans and run exercises. Here is their press release on our latest exercise. WEB Aruba organises ‘water rationing plan’ exercise How prepared are we in the event that water production and distribution comes to a stop at WEB? This week, the
PlanB Consulting Finalists for Best Cyber Breakthrough
We are pleased to announce that we have been shortlisted in the ‘Best Cyber Breakthrough’ category for the 2021 Scottish Cyber Awards. Organised by The Scottish Business Resilience Centre (SBRC) and now in its fifth year, the awards recognise and celebrate stand-out individuals and organisations making a positive impact in Scotland’s cyber security sector. Jude
Fantasy Crisis Communications – Prince Andrew
In today’s bulletin, Charlie dives into the Prince Andrew court case and the communication issues surrounding it. Discussing the importance of branding, strategy and response, not only in this case, but in all crisis management cases. My daughter, Phoebe, is rather good at knowing who’s who in rugby and in last year’s 6 Nations she
Embedding BC for a More Resilient Future
As it is BCI Education Month, this week Charlie discusses the need for embedding business continuity to create a more resilient future, using examples of scenarios that are happening right now across the world. ‘Embedding Business Continuity for a more Resilient Future’ was a title given to us for BCI Education Month and I promised
Dealing with Anniversaries
Charlie discusses how companies should be commemorating and including the anniversaries of traumatic events within their business continuity plans, whilst keeping in mind how anniversaries such as these will also affect your employees. Last week it was 20 years since the 9/11 terrorist attacks in New York. The commemorations that followed got me thinking about
Preparation for Protest
In this week’s bulletin, Charlie discusses how to prepare your company against protesters. Taking into consideration the safety of your staff, protesters and your company’s reputation. With the Extinction Rebellion in London last week and the COP26 (Conference of the Parties) happening in Glasgow, in 6 weeks. I thought it might be a good time
Low-Level Cyber Attacks
Charlie looks at the lessons you need to take away from a low-level cyber attack. I am going to leave the New York flooding, storm and the hurricane in Louisiana for another day and just write a short piece on this incident I came across on phishing emails. More details on the incident can be
What Can We Learn from Afghanistan 2021
In today’s bulletin, Charlie discusses the devastating events unfolding in Afghanistan and what we need to learn from this as business continuity professionals. I have been watching the events unfold in Afghanistan over the last couple of weeks with the Taliban taking over the country, the air evacuation taking place, and yesterday the two suicide
A Guide to Writing Contingency Plans and Playbooks
This week, Charlie goes into depth about different contingency plans, how to know which plan suits which incident, and how to create a framework that works for you! I have spoken about the requirement for writing generic response plans in a previous bulletin. This is a framework that covers all responses to any type of
Cyber Podcasts You Need To Listen To!
As podcasts are becoming the new ‘thing’, Charlie shares his three favourites. Keep up-to-date with business continuity by listening to these incredibly interesting and thought-provoking podcasts. As many of you may have plans to go on holiday soon, I thought I would share three cyber podcasts I really enjoy listening to regarding business continuity. I
Location, Location, Location! With What3words
In this week’s bulletin, Charlie talks about why determining an accurate location during an emergency is important, and how you can incorporate this into your emergency plan. When responding to an incident it’s critically important to understand the location of the incident, so that internal support and the emergency services know exactly where to go.
A Checklist for the Loss of People
This week, Charlie discusses the NHS COVID-19 tracking app, getting ‘pinged’ and the consequences of self-isolation on businesses. I’ve been seeking inspiration for this week’s bulletin, and it came to me about 20 minutes ago while listening to the news this morning. The news piece in question discussed how many businesses were struggling due to
Kaseya Attack: What is a supply chain cyber attack?
The Kaseya cyber-attack has been in the news for the last few days and I thought this was an opportunity not to look at the detail of the attack itself but to look at the issue of supply chain cyber attacks. Supply chain cyber attacks are where criminals target software vendors or IT services companies
Is Crisis Management Only For “Unprecedented and Extraordinary Events”?
In this week’s bulletin, Charlie discusses the debate around the definition of crisis management and what he thinks crisis management should cover. I was chatting with one of my clients in Renfrewshire and we talked through his crisis management plan, which he had taken from the book ‘prTS 17091, Crisis Management – Guidance for Developing
Process Controls, SCADA and Cyber Security
This week, Charlie discusses the effects a cyber attack can have on an organisation’s process control and SCADA systems. For the last three weeks, I have been working for a power and water company in the Caribbean with my wife, Kim. We delivered a programme to improve their response to a wide range of incidents
BrewDog Crisis Communications: Case Study Review
This week I take a look at the BrewDog crisis communications, including how well they handled accusations against them and how your company can use the lessons learnt. I am partial to a Punk IPA and some of the company’s rather gooseberry tasting beers. So I thought now that the incident is out of the
Hypercomplexity: Which Incidents Should We Be Preparing For?
In this week’s bulletin, I discuss the idea of a hypercomplex world and preparing for different scenarios in it. A few weeks ago, I wrote a bulletin on scenario planning and how under the new requirement of Operational Resilience for FCA and PRA, regulated organisations now have a requirement to determine ‘extreme but plausible scenarios’
Isle of Coll Fire – A view from the frontline
This week I talk about the recent fire on the remote island of the Isle of Coll. I discuss how the professionals and community responded and how this incident compares to others he has read about. I tell people how to manage disasters not actually take part in one! As a consultant, I tell people how to
The Hidden Costs of Ransomware
Updated 29 May 2021 This week I talk about costs that are often overlooked when dealing with ransomware attacks. I am signed up to many newsletters and Google alerts on cyber incidents, and I never cease to be amazed by the sheer number of organisations that have ransomware attacks. I did my PhD in Emergency Planning
Communications with Stakeholders after a Ransomware Attack
This week I discuss the issues associated with communications after a cyber-attack, and how to develop a plan that will make a huge difference in an organisation’s ability to survive and keep their reputation after a data breach. To be able to cover multiple time zones, yesterday I was up at seven o’clock for a
Writing Incident Scenarios: An Operational Resilience Trend Returns
This week I talk about writing incident scenarios and how different business continuity plans have come back in style. The return of the mullet What was once fashionable always tends to come back into fashion at some point. Flared trousers seem to come and go quite regularly. Fashion from my youth has come round again, as
It’s OK, it’s in the Cloud: Lessons from the OVH Cloud Data Centre Fire
This week, I talk about the issues associated with the fire in the OVH cloud data centre and how ‘putting your IT in the cloud’ is not a risk-free solution. Working from home: Is your business continuity problem solved? There seemed to be a moment sometime last year, when many issues associated with business continuity
The changing face of journalism and how it should be reflected in our plans
This week I shares my thoughts on the evolution of journalism and how crisis communication plans should be adapted to keep up with the changes. I have been working on some strategic/crisis level plans and have been thinking about what should go into the crisis communication section of the plans. In quite a number of
Credential Stuffing – A different type of cyber attack
This week I discuss credential stuffing, a type of cyber attack which you should be looking out for! “The irony of credential stuffing is that organisations that have not suffered a direct data breach often become indirect victims when their users’ accounts are compromised due to someone else’s data breach” Debbie Walkowski, F5 Labs. Look after
Demonstrating business continuity’s return on investment
ROI on budget? Worried about your business continuity budget? This week I discuss how to demonstrate BC’s return on investment within your organisation. Every year you get a budget of £20,000 (some of you are already saying “I wish”) and you have this money to deliver your business continuity programme. Your organisation buys into business continuity