M&S just told us exactly what a cyber incident cost a UK business. Are you ready for yours? Yesterday, Marks & Spencer published its full-year results. Profits down 23.8%. Fashion and home revenue down 7.7%. £131 million in direct costs attributed to a single cyber incident. And all of it traceable back to a third-party […]
M&S just told us exactly what a cyber incident costs. Are you ready for yours? Read More »
ISO 14001: The Standard That Doesn’t Know What a Modern Business Looks Like I recently completed training to deliver ISO 14001:2026 — the international standard for environmental management systems. I want to be upfront about why I did it, and equally upfront about why it’s not a space I intend to make a feature of
ISO 14001: The Standard That Doesn’t Know What a Modern Business Looks Like Read More »
48 staff. No dismissals. No ICO investigation. The Southport records breach tells us everything we need to know about insider threat. When the news broke this week that 48 NHS staff had inappropriately accessed the medical records of Southport attack victims — and that the highest sanction any of them received was a final written
A fire in the Netherlands, a ferry company in chaos, and a BIA that probably didn’t ask the right questions. The Brittany Ferries booking outage is a textbook case study in third-party dependency risk, inadequate RTOs, and what happens when your recovery plan assumes someone else has already thought about it. On the morning of
What does a business continuity consultant actually do? If you’ve just been handed responsibility for business continuity — perhaps by a client, an insurer, or an auditor who wants to see evidence of a plan — you might not be entirely sure what you’re supposed to do next. You might not even be sure what
What does a Business Continuity Consultant actually do? Read More »
When Your Website Becomes a Supply Chain Case Study There’s a particular kind of irony in being a business continuity and resilience consultant whose own website has spent the better part of the last year effectively out of action. But here we are. And since the new Cambridge Risk Solutions website went live this week,
When Your Website Becomes a Supply Chain Case Study Read More »
NHS Subject Access Request Failings: A Real‑World Case Study Yesterday should have been simple. My 14‑year‑old son needed his broken wrist re‑x‑rayed. A routine appointment, in and out, nothing remarkable. Except it turned into an unexpected case study in how not to handle Subject Access Requests (SARs) — and how easily well‑meaning NHS processes can […]
NHS Subject Access Request Failings: A Real‑World Case Study Read More »
The latest CIR Magazine article, Black swan risks rise amid geopolitical strain, highlights a growing concern across the risk and resilience profession: the term “black swan” is being used so loosely that it is losing all meaning. According to the Allianz Risk Barometer, 69% of UK respondents identified a global internet outage as the country’s […]
Why We Need to Stop Calling Everything a Black Swan Read More »
Cambridge Risk Solutions is delighted to announce that we have been jointly shortlisted with the Leicester, Leicestershire and Rutland Local Resilience Forum (LLR LRF) for two categories at the CIR Business Continuity Awards 2026: Initiative of the Year Best Contribution to Continuity and Resilience These nominations recognise a major programme of work delivered through a […]
️ The Afghan Data Breach – A Wake-Up Call for Public Sector Data Governance In July 2025, the veil of secrecy was finally lifted on one of the most catastrophic data breaches in UK government history. A spreadsheet leaked by a Ministry of Defence (MoD) official exposed the personal details of nearly 19,000 Afghan nationals […]
The Afghan Data Breach – A Wake-Up Call for Public Sector Data Governance Read More »
