Does Your ISO 27001 Certificate Mean You’re Secure? After I published my recent piece on the GCHQ Director’s Bletchley Park lecture, a fellow practitioner left a comment that I’ve been turning over in my head ever since. It’s a question about ISO 27001 certification and what it really proves about security that deserves more than […]
Does Your ISO 27001 Certificate Mean You’re Secure? Read More »
From Boardrooms to Living Rooms”: What the GCHQ Director’s Bletchley Speech Really Said It’s rare for the Director of GCHQ to speak in public. Anne Keast-Butler said as much herself this morning, standing at Bletchley Park to deliver the first annual GCHQ lecture. The fact that she felt compelled to do so tells you something
From Boardrooms to Living Rooms”: What the GCHQ Director’s Bletchley Speech Really Said Read More »
M&S just told us exactly what a cyber incident cost a UK business. Are you ready for yours? Yesterday, Marks & Spencer published its full-year results. Profits down 23.8%. Fashion and home revenue down 7.7%. £131 million in direct costs attributed to a single cyber incident. And all of it traceable back to a third-party
M&S just told us exactly what a cyber incident costs. Are you ready for yours? Read More »
ISO 14001: The Standard That Doesn’t Know What a Modern Business Looks Like I recently completed training to deliver ISO 14001:2026 — the international standard for environmental management systems. I want to be upfront about why I did it, and equally upfront about why it’s not a space I intend to make a feature of
ISO 14001: The Standard That Doesn’t Know What a Modern Business Looks Like Read More »
48 staff. No dismissals. No ICO investigation. The Southport records breach tells us everything we need to know about insider threat. When the news broke this week that 48 NHS staff had inappropriately accessed the medical records of Southport attack victims — and that the highest sanction any of them received was a final written
A fire in the Netherlands, a ferry company in chaos, and a BIA that probably didn’t ask the right questions. The Brittany Ferries booking outage is a textbook case study in third-party dependency risk, inadequate RTOs, and what happens when your recovery plan assumes someone else has already thought about it. On the morning of
What does a business continuity consultant actually do? If you’ve just been handed responsibility for business continuity — perhaps by a client, an insurer, or an auditor who wants to see evidence of a plan — you might not be entirely sure what you’re supposed to do next. You might not even be sure what
What does a Business Continuity Consultant actually do? Read More »
When Your Website Becomes a Supply Chain Case Study There’s a particular kind of irony in being a business continuity and resilience consultant whose own website has spent the better part of the last year effectively out of action. But here we are. And since the new Cambridge Risk Solutions website went live this week,
When Your Website Becomes a Supply Chain Case Study Read More »
