We publish weekly updates from the business continuity world, covering recent news items or reflecting on our travels and experiences with clients.
Charlie addresses topics from a Business Continuity perspective and you might be surprised how much of today’s news relates to BC! Providing valuable insight, Charlie raises critical questions which will surely encourage you to reconsider your Business Continuity plans.
In this week’s bulletin, Charlie continues his discussion into backups, looking at devices that are responsible for keeping machinery running smoothly. Today’s bulletin sounds like a scintillating subject and is guaranteed to send you to sleep, but bear with us, as this is an extremely important topic. Operational Technology (OT) can be found in industrial environments where physical
In today’s bulletin, Charlie discusses supply chains and business continuity and gives an insight into some useful case studies around supply chain resilience. Around 2010, I wrote a supply chain course which was then adopted by the BCI and delivered by its training partners worldwide. I had a similar version of it, which I delivered to PlanB Consulting’s
In this week’s bulletin, Charlie looks at the 9 stages of recovery from a cyber incident and highlights the importance of having recovery in our business continuity plans. This is the third part of my journey to discover more about backups and the technical aspects of recovery after a cyber incident. I realise most readers of this bulletin
In this week’s bulletin, Charlie discusses global issues and gives an insight into what is meant by ‘Maximum Scale of Incident’. I was listening to the news in the middle of the night and I very much felt, in the words of Bob Dylan, “The times they are a-changin”. We have the likelihood of tariffs, which are going
In today’s bulletin, Charlie looks at the cyber attack that has affected Comhairle nan Eilean Siar and discusses the impacts of the attack. This week, I conducted an exercise with a client in the financial sector. At the end of the exercise, we discussed how long it would take the organisation to recover all its systems after the
In this week’s bulletin, Charlie gives an insight into how the event went and discusses the main business continuity themes throughout the conference. This week, I have been at the BCI World Hybrid Event in London, and I thought I would share what I thought of the event and also what it says about the state of business
In this week’s bulletin, Charlie discusses the future of AI within the business continuity industry, with a particular focus on Business Impact Analysis and how it has the potential to revolutionise business continuity processes. Over the last couple of weeks, whenever I’ve been in the car, I’ve been listening to the BBC Sounds podcast The Coming Storm. It
In this week’s bulletin, Charlie discusses the impact of the role of nation-states in cyber attacks and looks at some of the attacks we have seen in the UK recently. On the 8th of October 2024, MI5 Director General Ken McCallum gave a speech on the threats to the UK, covering the counter-terrorism threat and state threats from
In today’s bulletin, Charlie looks at the recent collapse of ISG and gives an insight into what we can learn about supply chain management. Nick Sims of Cornwood Consulting inspired this bulletin, by sharing recent insights into supply chain issues at Aston Martin. He mentioned, “In a strategic adjustment, Aston Martin announced it would reduce its 2024 production
In this week’s bulletin, Charlie looks at the pros and cons of SIMEX (Simulation Exercise) and gives an insight into his experience running a live SIMEX. About three weeks ago, I planned, ran, and reported on the biggest SIMEX I have ever conducted in my whole career. It was a ‘no notice’ exercise, meaning the organisation was not
In this week’s bulletin, Charlie discusses the BCI’s CBCI Certification course and how it has changed from when it was first developed, and discusses his recent experience teaching a classroom CBCI course in Glasgow. You aren’t meant to forget your first time, but I can’t remember the first time I taught the Business Continuity Institute’s (BCI) CBCI training
In today’s bulletin, Charlie follows up from last week’s bulletin on no-notice exercises and shares some of his experiences of his recent live exercise. On Wednesday, PlanB Consulting conducted the biggest exercise we have ever planned and delivered. It was a no-notice exercise involving five different teams responding to a cyber incident. As per last week’s bulletin, I
In this week’s bulletin, Charlie discusses the importance of no-notice exercises and the importance of planning in an exercise. Shortly, I will conduct the largest exercise I have ever carried out. It is a live exercise involving five different teams responding to a cyber incident. The exercise will involve a full role-playing cell, with role players from both
In today’s bulletin, Charlie looks at some factors which are leading to a global increase in incidents and he gives advice on how we can prepare for these incidents. This week I thought I would share some thoughts I have had for a while on why I believe we are going to see an increase in incidents over
In this week’s bulletin, Charlie discusses the recent riots that have taken place across the UK and looks at the effects that spreading disinformation can cause. According to the BBC, the police are on standby for possible further unrest over this weekend, so I thought I would discuss what we can learn about the importance of disinformation, as
In this week’s bulletin, Charlie discusses the recent CrowdStrike outage and discusses the thoughts that other consultants have had on the incident. When I heard about the CrowdStrike incident, I was in the middle of the kingdom of Fife with my daughter picking up her new puppy. Desperate for the latest, I had her going through BBC Sounds
In this week’s bulletin, Charlie gives an insight into the points that should be addressed within a business continuity plan and the importance of including cyber within the plan. When I am teaching cyber incident management, I always talk about four areas which need to be addressed when responding to a ransomware incident. They are: communications and regulation
In this week’s bulletin Charlie highlights the key learnings from the RUSI Report. As a teacher of cyber incident management, I quite rarely get to hear first-hand about cyber incidents, and case studies are quite rare. The public sector has done a few, including SEPA, the London Library, and Gloucestershire City Council, but overall, information from the private
In this week’s bulletin, Charlie discusses the recent NHS cyber attack and what lesssons we can learn from what happened. Last week I was keen to write a bulletin on the above subject, but I ran out of time. This week I was determined to get it written and out to bulletin readers. The incident is one of
In this week’s bulletin, Charlie continues his bulletin from 2022 on whether cyber attacks have killed people, and looks at the impacts of a cyber attack in the healthcare sector. In August 2022, I wrote the following bulletin ‘Have Cyber Attacks Killed People’ which looked at possible incidents which might have caused deaths. It looked at direct attacks such as
In this week’s bulletin, Charlie looks at different news platforms and gives his experience of comments left on LinkedIn for recent D-Day tributes. To date, I have contentiously avoided getting TikTok on my phone. Not for any moral reason, but as my youngest daughter Phoebe said, “Daddy, you will enjoy it too much.”. I can lose the odd
In this week’s bulletin, Charlie discusses the role of a leader in a crisis team and looks at some of the key things to consider when choosing a leader. I went to an interesting and informative webinar this week titled ‘How to Lead Effectively in a Crisis‘, with Jonathan Hemus asking the questions and Sean Cunningham, Group Crisis
In this week’s bulletin, Charlie looks at the role of MSPs in a cyber incident and gives an insight into how they can work with organisations to be prepared for a potential incident. In a couple of weeks, I am doing a presentation at a ScotlandIS event in Glasgow which will be attended by MSPs, so I thought
In this week’s bulletin, Charlie discusses what is covered in basic and advanced cyber exercises and looks at why organisations should consider running more sophisticated exercises. As cyber attacks continue apace – and having ran a sophisticated cyber exercise on Tuesday – I thought for this week’s bulletin, I would share some thoughts on ‘exercising beyond the basics’.
This week, Charlie gives advice on how schools and trusts can prepare for cyber incidents and provides a useful checklist of considerations. In last week’s bulletin, I wrote about ‘Business Continuity Planning in Schools’. Once the bulletin had gone out, it occurred to me that I hadn’t mentioned anything about cyber, so I thought this week I would
In this week’s bulletin, Charlie gives an insight into Gloucester City Council’s cyber attack that took place late last year and discusses what we can learn from the incident. The above report was published in December 2023, and I have just got around to reading it. I thought that, after looking at the British Library’s cyber attack report
In this week’s bulletin, Charlie looks into the cyber attack on the British Library and discusses what organisations can take away from the attack. It’s difficult to extract lessons learned from cyber response when you are not the responder. Most organisations don’t like to share their lessons, or when they do, they mainly do so behind closed doors.
In this week’s bulletin, Charlie discusses the pros and cons of paying a ransom and provides us with some advice about how we can be more resilient when faced with a ransomware threat. This week, I conducted a cyber exercise with a Housing Association, and I have another upcoming exercise with a senior management team. One of the
In this week’s bulletin, Charlie looks at the recent cyber incident from Clarion and explains how organisations can recover from a cyber incident. Next week, I am conducting a cyber exercise for a housing association, and in preparation, I decided to explore the specific impact of a cyber incident on housing associations. When discussing cyber-attacks, the most frequently
This week, Charlie discusses vishing and how it can affect your organisation, and looks at the importance of sufficient cyber training in the workplace. This week, I was going to write about the MGM Resorts hack in September 2023 and, as part of my research on the hack and its effects on the casino, I learned that the