We publish weekly updates from the business continuity world, covering recent news items or reflecting on our travels and experiences with clients.
Charlie addresses topics from a Business Continuity perspective and you might be surprised how much of today’s news relates to BC! Providing valuable insight, Charlie raises critical questions which will surely encourage you to reconsider your Business Continuity plans.
In today’s bulletin, Charlie provides some useful information on how organisations should approach their communication to customers after a cyber incident. The following is guidance on communicating after a cyber incident. The formats for the initial communications are likely to be a press statement and information on the organisation’s website. 1 – Decide how visible you want the
In this week’s bulletin, Charlie discusses the strengths and weaknesses of Glasgow City Council’s initial communications following a recent cyber attack, highlighting key lessons for crisis and business continuity professionals. As a business continuity professional, I rather enjoy reviewing the crisis communications from an organisation in the few days after a cyber attack. It provides valuable insights into
In this week’s bulletin, Charlie discusses Marks and Spencer’s and Co-op’s recent cyber incidents, and rates their communications to customers. I have been abroad for the last two weekends, first playing at the Majorca Beach Rugby Tournament, and then watching the Glasgow Warriors, with the NCSC conference in Manchester in between. As a result, there has not been
In this week’s bulletin, Charlie discusses the recent CYBERUK conference and highlights key takeaways from the conference. This week I’ve been at the CYBERUK Conference in Manchester, and I thought I’d use the opportunity to share my impressions of the cyber industry, based on what I saw and heard at the event. As PlanB Consulting had a stand
In this week’s bulletin, Charlie discusses deepfakes and how organisations can be better prepared for them. Images, throughout history, have been used to tell stories and to emphasise their importance and to flatter individuals or to mock and belittle them. Deepfakes are the modern manifest of this trend. Next week, I am going to be taking part in
In this week’s bulletin, Charlie looks at the 9 stages of recovery from a cyber incident and highlights the importance of having recovery in our business continuity plans. This is the third part of my journey to discover more about backups and the technical aspects of recovery after a cyber incident. I realise most readers of this bulletin
In this week’s bulletin, Charlie discusses global issues and gives an insight into what is meant by ‘Maximum Scale of Incident’. I was listening to the news in the middle of the night and I very much felt, in the words of Bob Dylan, “The times they are a-changin”. We have the likelihood of tariffs, which are going
In today’s bulletin, Charlie looks at the cyber attack that has affected Comhairle nan Eilean Siar and discusses the impacts of the attack. This week, I conducted an exercise with a client in the financial sector. At the end of the exercise, we discussed how long it would take the organisation to recover all its systems after the
In today’s bulletin, Charlie looks at some factors which are leading to a global increase in incidents and he gives advice on how we can prepare for these incidents. This week I thought I would share some thoughts I have had for a while on why I believe we are going to see an increase in incidents over
In this week’s bulletin, Charlie gives an insight into the points that should be addressed within a business continuity plan and the importance of including cyber within the plan. When I am teaching cyber incident management, I always talk about four areas which need to be addressed when responding to a ransomware incident. They are: communications and regulation
In this week’s bulletin Charlie highlights the key learnings from the RUSI Report. As a teacher of cyber incident management, I quite rarely get to hear first-hand about cyber incidents, and case studies are quite rare. The public sector has done a few, including SEPA, the London Library, and Gloucestershire City Council, but overall, information from the private
In this week’s bulletin, Charlie continues his bulletin from 2022 on whether cyber attacks have killed people, and looks at the impacts of a cyber attack in the healthcare sector. In August 2022, I wrote the following bulletin ‘Have Cyber Attacks Killed People’ which looked at possible incidents which might have caused deaths. It looked at direct attacks such as
In this week’s bulletin, Charlie looks at the role of MSPs in a cyber incident and gives an insight into how they can work with organisations to be prepared for a potential incident. In a couple of weeks, I am doing a presentation at a ScotlandIS event in Glasgow which will be attended by MSPs, so I thought
In this week’s bulletin, Charlie discusses what is covered in basic and advanced cyber exercises and looks at why organisations should consider running more sophisticated exercises. As cyber attacks continue apace – and having ran a sophisticated cyber exercise on Tuesday – I thought for this week’s bulletin, I would share some thoughts on ‘exercising beyond the basics’.
This week, Charlie gives advice on how schools and trusts can prepare for cyber incidents and provides a useful checklist of considerations. In last week’s bulletin, I wrote about ‘Business Continuity Planning in Schools’. Once the bulletin had gone out, it occurred to me that I hadn’t mentioned anything about cyber, so I thought this week I would
In this week’s bulletin, Charlie gives an insight into Gloucester City Council’s cyber attack that took place late last year and discusses what we can learn from the incident. The above report was published in December 2023, and I have just got around to reading it. I thought that, after looking at the British Library’s cyber attack report
In this week’s bulletin, Charlie looks into the cyber attack on the British Library and discusses what organisations can take away from the attack. It’s difficult to extract lessons learned from cyber response when you are not the responder. Most organisations don’t like to share their lessons, or when they do, they mainly do so behind closed doors.
This week, Charlie discusses website defacement and how to respond to it, and looks into some of the reasons why this type of cyber attack occurs. In the Live Online BCT Certificate in Cyber Incident Management (NCSC Assured Training) course I teach, we discuss various types of cyber attacks, and one of the types of attacks I cover is website
In this week’s bulletin, Charlie discusses the pros and cons of paying a ransom and provides us with some advice about how we can be more resilient when faced with a ransomware threat. This week, I conducted a cyber exercise with a Housing Association, and I have another upcoming exercise with a senior management team. One of the
In this week’s bulletin, Charlie looks at the recent cyber incident from Clarion and explains how organisations can recover from a cyber incident. Next week, I am conducting a cyber exercise for a housing association, and in preparation, I decided to explore the specific impact of a cyber incident on housing associations. When discussing cyber-attacks, the most frequently
This week, Charlie discusses vishing and how it can affect your organisation, and looks at the importance of sufficient cyber training in the workplace. This week, I was going to write about the MGM Resorts hack in September 2023 and, as part of my research on the hack and its effects on the casino, I learned that the
Charlie talks about the recent cyber attacks on the University of the West of Scotland (UWS) and the Police Service of Northern Ireland (PSNI) and discusses the impacts of these attacks. In this bulletin, I emphasise that, while data breaches impact all those whose data has been compromised, until organisations face financial and reputational consequences, such breaches will
In this week’s bulletin, Charlie discusses the questions that organisations should be considering when carrying out a potential response to a cyber-attack, including how the attacker got into the system and what their potential motives could be. When organisations are the subject of a cyber-attack, many plans I have seen do not include some questions or a
Charlie looks at the difference between cyber incident management and cyber incident response and the different set of issues they have to deal with in the different teams. This week, I thought I would write a short technical bulletin. Many people use the terms cyber incident management and cyber incident response interchangeably, but they each have a very
In this week’s bulletin, Charlie discusses what to do in a negotiation situation with hackers, and looks at what we can learn from the situation with Royal Mail and their hackers. This week, with two of my PlanB Consulting colleagues, I assessed the response of the crisis team of a large financial organisation. As part of my preparation,
In today’s bulletin, Charlie discusses how you could salvage your reputation after an accusation, using Online Reputation Management (ORM) companies. Following an interview with Jonny and Louis from Status Labs – an ORM company – Charlie gives us an insight into how these companies work and the benefits of the service. Imagine…You have been a very successful Finance
In this week’s bulletin, Charlie discusses paying a ransom to retrieve your data and shares his research on how much data organisations have recovered in the past. This afternoon, myself and one of the PlanB Consulting consultants, Jamie, were talking to a client about their forthcoming cyber exercise. This was the second cyber exercise they had undergone
Charlie attended The Scottish Cyber Summit earlier this week and has summarised points made by different speakers and panellists. Yesterday, I attended the Scottish Cyber Summit in Edinburgh! So for this week’s bulletin, I will be sharing what I learnt from the event. The summit was a gathering of the ‘great and good’ of Scottish Cyber, with
This week’s bulletin covers the new Cyber Security laws in America, how these incidents should be reported, and the organisations which could face the worst impact of a cyber security incident. I have been looking through the BCT Certificate in Cyber Incident Management course materials, as I am going to have a discussion with Eamonn Keane who is delivering the next
This week, Charlie discusses the evidence behind cyber attacks indirectly causing the death and injury of people. Also, the importance of exercises to train employees on how to work efficiently during a cyber attack. This week there was a cyber attack on NHS 111, with the hackers targeting its software supplier, Advanced. As healthcare is one of the
This week, Charlie discusses why it is so important to look after your staff after a cyber incident. Yesterday, I taught the pilot of a new Cyber Incident Management course. This course is a day-long course which I developed for a client to use internally to ensure that the managers within the organisation have a greater understanding of