Beware of the self-wiggling mouse – Water industry & Cyber
This week I look at the risk of a cyber-attack and the importance of reviewing your vulnerability to water, wastewater and electricity loss. Cyber attack on the water treatment plant in Oldsmar, Florida One of the big news stories from the last couple of weeks has been the hacking of the water treatment plant in Oldsmar, Florida
Business Continuity Capability – What is it and do I need it?
This week I look at why building capability is important for implementing your business continuity plan. Building an Incident Team Competence Framework This week I have been working on building an Incident Team Competence Framework for a client. It is two parts, the first part is a self-assessment of an incident team member’s knowledge of their
Failing to plan is… The importance of contingency planning – The quarantine
This week I discuss the importance of contingency planning. I try not to criticise the government In this bulletin I try not to criticise the government, firstly, as they are doing a difficult job under challenging circumstances and secondly, it is easy for commentators like myself to carp from the slide lines when I am
Cyber Incident Response: A preparation framework
The SUNBURST hack in 2020 of the SolarWinds Orion Software showed that any organisation could be vulnerable to a cyber breach. The hack compromised 18,000 of the organisation’s systems’ including many USA Government organisations. No matter how well prepared an organisation is, there is always a risk, so the key is to prepare your response as well. Large organisations like Equifax, Marriot and
The SEPA Cyber Attack a Case Study
Update 29th January 2021 The Yin and Yang of a SEPA’s Cyber Incident Response On Christmas Eve, the Scottish Environment Protection Agency was hacked and many of their systems were taken offline, including their emails, and they are yet to recover them. They have also said that they lost 1.2 GB of data “this is equivalent to
Is the response to COVID-19 a business continuity issue?
Is it time for Business Continuity Managers to step away from the COVID-19 response? I share by thoughts on how organisations should move forward in dealing with the virus. I have been thinking about the response to COVID-19 for a while, especially as we have been conducting a number of debriefs on the incident for different
The future of business continuity, post COVID-19
This is my last bulletin of the year so I thought I would share some ideas with you about a subject I have been thinking about a lot. In line with last week’s bulletin, ‘Is the response to COVID-19 a business continuity issue’ I have stopped thinking about our response to the existing pandemic and
Ransomware attack: Who ya gonna call, Mike?
This week I share some key learning points on ransomware negotiation. This week I am going to share with you what I learned from speaking to Mike Fowler, VP of Intelligence Services at GroupSense, a specialist cyber response company. One of the services they offer is ransomware negotiation and I thought in this bulletin I would share
The difference between a generic response and contingency plans
This week I look at the differences between a generic response and contingency plans. This week has been very busy for me, and amongst other tasks, I have been conducting a debrief for a multinational company on their response to date on COVID-19. I have also been helping another organisation rewrite their plans, so I
Hackney Council’s Hack: A communications playbook of good practice?
This article has been published on Linkedin! https://www.linkedin.com/pulse/hackney-councils-cyber-incident-communications-good-charlie
Cyber Ransoms – Should I Pay?
This week I discuss the possible benefits of paying a cyber ransom and whether this is illegal. Legality I thought this week I would do a bit of research on a subject that has intrigued me for a while, which is the legality of paying cyber ransoms. In news articles about firms who have been a victim
What is doxing, and should I be worried about it?
This week I look at doxing, the different ways it can affect your organisation and how you should prepare. Should I be worried about it? The short answer is yes. The long answer is also yes, but after seeing the word in a cyber article I was reading this week, I thought I would do a
Marks out of 100 for the NZ Stock Exchange Cyber Incident Response
This week I look at at the recent cyber incident involving New Zealand’s Stock Exchange and marks their response out of 100. I thought this week I would write about an incident which I have been following for the last month, the Distributed Denial of Service (DDoS) attack on the New Zealand stock exchange, which took
My Thoughts On Online Exercises
In today’s bulletin, I share some thoughts on conducting exercises online. This week I conducted an online exercise and it got me thinking about what the benefits and downsides are of running exercises online: It is very easy to conduct one as most incident management teams are virtual at the moment and responding to COVID-19,
Logging in a Digital Age
In today’s bulletin, I discuss how logging incidents has changed in the shift to remote working and online meetings. “If it wasn’t written down, it didn’t happen” – Michael Mansfield QC At BC Training and PlanB Consulting, we have done a lot of Loggist Training, both before and after COVID-19. A couple of days ago I
What types of incident is business continuity meant to deal with?
This week I discuss why having a clear scope of the incidents that business continuity is designed to deal with is important within your organisation. Scope of incidents Yesterday I had a good chat with a member of the Business Continuity Board, who is also an FBCI and has been involved in writing many of the ISO
Dealing with emotion in crisis communications – the UK results fiasco
Following the release of A-level and GCSE results in the UK, I discuss how to counter an incident which has invoked a lot of emotion. The algorithm seemed flawed This week my daughter Phoebe was one of the students anxiously awaiting her GCSE exam results. You couldn’t fail to see the government flailing around trying to
What types of incident is business continuity meant to deal with?
This week I discuss why having a clear scope of the incidents that business continuity is designed to deal with is important within your organisation. Scope of incidents Yesterday I had a good chat with a member of the Business Continuity Board, who is also an FBCI and has been involved in writing many of the ISO
The Effects of Stress on Incident Management Teams
This week I look at stress and the impact it can have on teams and individuals during incidents. I am busy reading a paper by Mica Endsley titled ‘Towards a Theory of Situational Awareness in Dynamic Systems’, which I have been looking forward to reading for a while! I find the whole process of incident
A Model for Situational Awareness
This week I shares a model of situational awareness from the Endsley paper and discusses how this can be applied to incident management. This week I carried out my first Live Online Advanced Incident Response and Crisis Management public training course, and I decided to add some information from the Endsley paper I was reading on situational
Achieving situational awareness during an incident
Following last week’s bulletin, I share some ideas on how to implement and carry out situational awareness when responding to an incident. Last week we talked about the process of situational awareness during an incident and how all the activities come together to achieve good awareness of the situation we are managing an incident within. Today I
The Effects of Stress on Incident Management Teams
This week I look at stress and the impact it can have on teams and individuals during incidents. I am busy reading a paper by Mica Endsley titled ‘Towards a Theory of Situational Awareness in Dynamic Systems’, which I have been looking forward to reading for a while! I find the whole process of incident
Building an Incident Team Competency Framework
Charlie outlines his ideas on building an incident team competency framework. This week I thought I would share some ideas I have been developing on incident management. They are not fully solidified yet, so I would welcome any thoughts or comments on what I have written. There are many lessons organisations will learn from COVID-19,
Why we are entering the most dangerous period of coronavirus.
Why, for many organisations, we are entering the most dangerous period of coronavirus. This week Charlie discusses why we are entering the most dangerous period of coronavirus for many businesses. In the first few months of the coronavirus outbreak, everyone was ‘in it together’ and people understood why organisations were not able to deliver their
The Business Continuity Manager’s role in the recovery phase of coronavirus
This week I discuss the role of the Business Continuity Manager in dealing with the recovery phrase of coronavirus. Many of the lockdown restrictions have been lifted and are moving on apace, even in Scotland we are able to do more today and even more on Monday, although I haven’t quite worked out what that is.