We publish weekly updates from the business continuity world, covering recent news items or reflecting on our travels and experiences with clients.
Charlie addresses topics from a Business Continuity perspective and you might be surprised how much of today’s news relates to BC! Providing valuable insight, Charlie raises critical questions which will surely encourage you to reconsider your Business Continuity plans.
In this week’s bulletin, Charlie covers the important use of RTOs (Recovery Time Objectives) and RPOs (Recovery Point Objectives) in response to a cyber-attack. This week, I have been teaching a Cyber Incident Management course in Frankfurt. One of the discussions was whether the RTOs and RPOs we capture in the BIA (Business Impact Analysis) are suitable and
With the news today of Russian troops moving into the regions of Luhansk and Donetsk I thought I would share some thoughts with readers of the PlanB Consulting newsletter, on some risks to consider and to plan for. The risk to consider are:1. If you still have employees in the region, have you planned to evacuate them safely
A deep dive into the Amedia AS cyber hack which occurred over the holiday period. Charlie discusses in-depth all the important lessons to take away from how Amedia AS dealt with the hack. For the beginning of the year, I thought I may start off with a fluffy article about what your business continuity New Year’s resolutions should
Charlie lists the key points that you can learn, from the SEPA cyber-attack that occurred last year. He discusses what is important and how to ask yourself these questions to make sure you and your organisation are always prepared. Keen readers of the bulletin will remember when I wrote a number of bulletins commenting on the SEPA cyber-attack
We are pleased to announce that we have been shortlisted in the ‘Best Cyber Breakthrough’ category for the 2021 Scottish Cyber Awards. Organised by The Scottish Business Resilience Centre (SBRC) and now in its fifth year, the awards recognise and celebrate stand-out individuals and organisations making a positive impact in Scotland’s cyber security sector. Jude McCorry, CEO of
Charlie looks at the lessons you need to take away from a low-level cyber attack. I am going to leave the New York flooding, storm and the hurricane in Louisiana for another day and just write a short piece on this incident I came across on phishing emails. More details on the incident can be found here > The
As podcasts are becoming the new ‘thing’, Charlie shares his three favourites. Keep up-to-date with business continuity by listening to these incredibly interesting and thought-provoking podcasts. As many of you may have plans to go on holiday soon, I thought I would share three cyber podcasts I really enjoy listening to regarding business continuity. I highly advise you
The Kaseya cyber-attack has been in the news for the last few days and I thought this was an opportunity not to look at the detail of the attack itself but to look at the issue of supply chain cyber attacks. Supply chain cyber attacks are where criminals target software vendors or IT services companies in order to
This week, Charlie discusses the effects a cyber attack can have on an organisation’s process control and SCADA systems. For the last three weeks, I have been working for a power and water company in the Caribbean with my wife, Kim. We delivered a programme to improve their response to a wide range of incidents and started by
This week I discuss the issues associated with communications after a cyber-attack, and how to develop a plan that will make a huge difference in an organisation’s ability to survive and keep their reputation after a data breach. To be able to cover multiple time zones, yesterday I was up at seven o’clock for a cyber exercise with
Updated 29 May 2021 This week I talk about costs that are often overlooked when dealing with ransomware attacks. I am signed up to many newsletters and Google alerts on cyber incidents, and I never cease to be amazed by the sheer number of organisations that have ransomware attacks. I did my PhD in Emergency Planning and Disaster Management
This week, I talk about the issues associated with the fire in the OVH cloud data centre and how ‘putting your IT in the cloud’ is not a risk-free solution. Working from home: Is your business continuity problem solved? There seemed to be a moment sometime last year, when many issues associated with business continuity were solved, and
This week I discuss credential stuffing, a type of cyber attack which you should be looking out for! “The irony of credential stuffing is that organisations that have not suffered a direct data breach often become indirect victims when their users’ accounts are compromised due to someone else’s data breach” Debbie Walkowski, F5 Labs. Look after your passwords I
This week I look at the risk of a cyber-attack and the importance of reviewing your vulnerability to water, wastewater and electricity loss. Cyber attack on the water treatment plant in Oldsmar, Florida One of the big news stories from the last couple of weeks has been the hacking of the water treatment plant in Oldsmar, Florida on the 5th
The SUNBURST hack in 2020 of the SolarWinds Orion Software showed that any organisation could be vulnerable to a cyber breach. The hack compromised 18,000 of the organisation’s systems’ including many USA Government organisations. No matter how well prepared an organisation is, there is always a risk, so the key is to prepare your response as well. Large organisations like Equifax, Marriot and Travelex have demonstrated the
Update 29th January 2021 The Yin and Yang of a SEPA’s Cyber Incident Response On Christmas Eve, the Scottish Environment Protection Agency was hacked and many of their systems were taken offline, including their emails, and they are yet to recover them. They have also said that they lost 1.2 GB of data “this is equivalent to a small fraction
This week I share some key learning points on ransomware negotiation. This week I am going to share with you what I learned from speaking to Mike Fowler, VP of Intelligence Services at GroupSense, a specialist cyber response company. One of the services they offer is ransomware negotiation and I thought in this bulletin I would share what a ransomware
This week I discuss the possible benefits of paying a cyber ransom and whether this is illegal. Legality I thought this week I would do a bit of research on a subject that has intrigued me for a while, which is the legality of paying cyber ransoms. In news articles about firms who have been a victim of ransomware, there
This week I look at doxing, the different ways it can affect your organisation and how you should prepare. Should I be worried about it? The short answer is yes. The long answer is also yes, but after seeing the word in a cyber article I was reading this week, I thought I would do a little more research
This week I look at at the recent cyber incident involving New Zealand’s Stock Exchange and marks their response out of 100. I thought this week I would write about an incident which I have been following for the last month, the Distributed Denial of Service (DDoS) attack on the New Zealand stock exchange, which took place at the
Charlie discusses developing a new kind of playbook which could help you plan for different types of cyber-attack. This week I have had a bit of an epic journey. I started off in Shetland and ended the week in Abu Dhabi, having spent a couple of days in Riyadh, Saudi Arabia. I only visited one company in Saudi,
This week, Charlie discusses the Marriott hotel hack and how you can prepare your organisation for a potential data breach. You couldn’t have missed the Marriott hotel’s cyber breach and the possible loss of up to 500 million customer records in the news last week. There are a number of lessons we can learn from their response and
This week Charlie revisits cyber playbooks and invites your thoughts on whether his example fits your idea of what they should contain… A while ago, I wrote what I thought were the contents of a cyber playbook, and through my reading I thought I had a consensus of what one should contain. After having delivered a number of cyber public and
This week Charlie looks at the ways in which cyber and “normal” incidents are different and why these differences may affect how the incident is managed. Over the last ten days, I have run both a one and a two day Managing and Preparing for Cyber Incidents training course and, as a result, I am in the cyber incident management “zone”. So, this week
This week Charlie reflects on the newly released WannaCry report and outlines key lessons organisations can take from the cyber attack. The National Audit Office investigation into the “WannaCry cyber attack and the NHS” was published this week, so I thought I would share 10 lessons from the report which are relevant to all organisations. 1. In the report, it stated that
Thank you to Sadia Anwar for delivering this month’s webinar, giving us an insight into cyber security and helping raise awareness, as part of European Cyber Security Month. We hope you all enjoyed the webinar as much as we did. If you missed the webinar, you can view the recording by clicking on the YouTube video below. Details about our next webinar will be released in due
This week Charlie looks at the lessons learned during our first Managing and Preparing for Cyber Incidents course. Yesterday, I ran Managing and Preparing for Cyber Incidents for the first time and I thought I would share ten lessons that were learned during the training. 1. When you have decisions to make that involve 2-3 different potential outcomes, it might be a good
What is a playbook and do you need one? In this blog post, I am going to describe what is a playbook and then give examples of two different types. What is a playbook? A playbook for me is typically associated with responding to a cyber incident and gives the actions, procedures and communications associated with responding to a
The WannaCry ransomware attack occurred last weekend and caused major disruption to the NHS, and subsequently, many other organisations. Charlie provides his thoughts and introduces our new Managing and Preparing for Cyber Incidents training course. The waters are still again and all appears to be quiet. A few are still busy recovering from the attack, but just because all seems still, as watchers of the
This week, I want to look at cyber incident management and share my thoughts on how the response to cyber incidnets can differ from managing other incidents. If you look at the internet there is not a lot of guidance and information on managing cyber incidents from an organisational point of view. There is a huge amount on the
This week Charlie talks about the links between business continuity and cyber security. Yesterday I went to an excellent seminar, organised by the Scottish Business Resilience Centre, called ‘Trading Security for Business’. It was all about the threats to mobile devices and how to secure them. By the end of the day I felt I could do nothing else then
DDoS attacks can be fatal for your business – learn to protect yourself This week Milena takes a look at the recent cyber attacks businesses increasingly suffer from. DDoS attacks have recently been causing upheaval for many businesses. As some try to recover from the attacks and businesses become more aware of this threat, it is time to
This week Charlie conducted a cyber attack as the scenario in a response exercise. Here are some lessons learnt from conducting the exercise. 1. I don’t think you need to be an IT security expert to conduct a cyber attack exercise. The technical element of the exercise is done by IT, and if you are looking at the
I noticed this headline on the BBC website this week and it really stood out as a huge breach of security. The data was supposedly stolen by an IT contractor working for a company called the Korea Credit Bureau that produces credit scores. It appears that he stole the names, social security numbers and credit card details of 20
You stroll into work one morning without a care in the world, you fire up your computer, get yourself a coffee and then settle down to work. You decide the first task of the day is to finish the report you started yesterday and go to open the file you saved last night. You find that the file
