The Hidden Costs of Ransomware
Updated 29 May 2021 This week I talk about costs that are often overlooked when dealing with ransomware attacks. I am signed up to many newsletters and Google alerts on cyber incidents, and I never cease to be amazed by the sheer number of organisations that have ransomware attacks. I did my PhD in Emergency Planning
Communications with Stakeholders after a Ransomware Attack
This week I discuss the issues associated with communications after a cyber-attack, and how to develop a plan that will make a huge difference in an organisation’s ability to survive and keep their reputation after a data breach. To be able to cover multiple time zones, yesterday I was up at seven o’clock for a
Writing Incident Scenarios: An Operational Resilience Trend Returns
This week I talk about writing incident scenarios and how different business continuity plans have come back in style. The return of the mullet What was once fashionable always tends to come back into fashion at some point. Flared trousers seem to come and go quite regularly. Fashion from my youth has come round again, as
It’s OK, it’s in the Cloud: Lessons from the OVH Cloud Data Centre Fire
This week, I talk about the issues associated with the fire in the OVH cloud data centre and how ‘putting your IT in the cloud’ is not a risk-free solution. Working from home: Is your business continuity problem solved? There seemed to be a moment sometime last year, when many issues associated with business continuity
The changing face of journalism and how it should be reflected in our plans
This week I shares my thoughts on the evolution of journalism and how crisis communication plans should be adapted to keep up with the changes. I have been working on some strategic/crisis level plans and have been thinking about what should go into the crisis communication section of the plans. In quite a number of
Credential Stuffing – A different type of cyber attack
This week I discuss credential stuffing, a type of cyber attack which you should be looking out for! “The irony of credential stuffing is that organisations that have not suffered a direct data breach often become indirect victims when their users’ accounts are compromised due to someone else’s data breach” Debbie Walkowski, F5 Labs. Look after
Demonstrating business continuity’s return on investment
ROI on budget? Worried about your business continuity budget? This week I discuss how to demonstrate BC’s return on investment within your organisation. Every year you get a budget of £20,000 (some of you are already saying “I wish”) and you have this money to deliver your business continuity programme. Your organisation buys into business continuity
Operational Resilience: Is it just business continuity done properly?
What Operational Resilience really means, and how it compares with business continuity. This week a couple of things have come together to inspire this bulletin. I have been working on an operational resilience exercise for a client, which is based around taking a ‘severe but plausible scenario’ and then checking whether the scenario breaches the
Beware of the self-wiggling mouse – Water industry & Cyber
This week I look at the risk of a cyber-attack and the importance of reviewing your vulnerability to water, wastewater and electricity loss. Cyber attack on the water treatment plant in Oldsmar, Florida One of the big news stories from the last couple of weeks has been the hacking of the water treatment plant in Oldsmar, Florida
Business Continuity Capability – What is it and do I need it?
This week I look at why building capability is important for implementing your business continuity plan. Building an Incident Team Competence Framework This week I have been working on building an Incident Team Competence Framework for a client. It is two parts, the first part is a self-assessment of an incident team member’s knowledge of their
Failing to plan is… The importance of contingency planning – The quarantine
This week I discuss the importance of contingency planning. I try not to criticise the government In this bulletin I try not to criticise the government, firstly, as they are doing a difficult job under challenging circumstances and secondly, it is easy for commentators like myself to carp from the slide lines when I am
Cyber Incident Response: A preparation framework
The SUNBURST hack in 2020 of the SolarWinds Orion Software showed that any organisation could be vulnerable to a cyber breach. The hack compromised 18,000 of the organisation’s systems’ including many USA Government organisations. No matter how well prepared an organisation is, there is always a risk, so the key is to prepare your response as well. Large organisations like Equifax, Marriot and
The SEPA Cyber Attack a Case Study
Update 29th January 2021 The Yin and Yang of a SEPA’s Cyber Incident Response On Christmas Eve, the Scottish Environment Protection Agency was hacked and many of their systems were taken offline, including their emails, and they are yet to recover them. They have also said that they lost 1.2 GB of data “this is equivalent to
Is the response to COVID-19 a business continuity issue?
Is it time for Business Continuity Managers to step away from the COVID-19 response? I share by thoughts on how organisations should move forward in dealing with the virus. I have been thinking about the response to COVID-19 for a while, especially as we have been conducting a number of debriefs on the incident for different
The future of business continuity, post COVID-19
This is my last bulletin of the year so I thought I would share some ideas with you about a subject I have been thinking about a lot. In line with last week’s bulletin, ‘Is the response to COVID-19 a business continuity issue’ I have stopped thinking about our response to the existing pandemic and
Ransomware attack: Who ya gonna call, Mike?
This week I share some key learning points on ransomware negotiation. This week I am going to share with you what I learned from speaking to Mike Fowler, VP of Intelligence Services at GroupSense, a specialist cyber response company. One of the services they offer is ransomware negotiation and I thought in this bulletin I would share
The difference between a generic response and contingency plans
This week I look at the differences between a generic response and contingency plans. This week has been very busy for me, and amongst other tasks, I have been conducting a debrief for a multinational company on their response to date on COVID-19. I have also been helping another organisation rewrite their plans, so I
Hackney Council’s Hack: A communications playbook of good practice?
This article has been published on Linkedin! https://www.linkedin.com/pulse/hackney-councils-cyber-incident-communications-good-charlie
Cyber Ransoms – Should I Pay?
This week I discuss the possible benefits of paying a cyber ransom and whether this is illegal. Legality I thought this week I would do a bit of research on a subject that has intrigued me for a while, which is the legality of paying cyber ransoms. In news articles about firms who have been a victim
What is doxing, and should I be worried about it?
This week I look at doxing, the different ways it can affect your organisation and how you should prepare. Should I be worried about it? The short answer is yes. The long answer is also yes, but after seeing the word in a cyber article I was reading this week, I thought I would do a
Marks out of 100 for the NZ Stock Exchange Cyber Incident Response
This week I look at at the recent cyber incident involving New Zealand’s Stock Exchange and marks their response out of 100. I thought this week I would write about an incident which I have been following for the last month, the Distributed Denial of Service (DDoS) attack on the New Zealand stock exchange, which took
My Thoughts On Online Exercises
In today’s bulletin, I share some thoughts on conducting exercises online. This week I conducted an online exercise and it got me thinking about what the benefits and downsides are of running exercises online: It is very easy to conduct one as most incident management teams are virtual at the moment and responding to COVID-19,
Logging in a Digital Age
In today’s bulletin, I discuss how logging incidents has changed in the shift to remote working and online meetings. “If it wasn’t written down, it didn’t happen” – Michael Mansfield QC At BC Training and PlanB Consulting, we have done a lot of Loggist Training, both before and after COVID-19. A couple of days ago I
What types of incident is business continuity meant to deal with?
This week I discuss why having a clear scope of the incidents that business continuity is designed to deal with is important within your organisation. Scope of incidents Yesterday I had a good chat with a member of the Business Continuity Board, who is also an FBCI and has been involved in writing many of the ISO
Dealing with emotion in crisis communications – the UK results fiasco
Following the release of A-level and GCSE results in the UK, I discuss how to counter an incident which has invoked a lot of emotion. The algorithm seemed flawed This week my daughter Phoebe was one of the students anxiously awaiting her GCSE exam results. You couldn’t fail to see the government flailing around trying to