car-690275_640

Did you reveal too much this summer?

00Cyber Security September, 18

The glorious sunshine we have had this summer prompted me to get my sandals out and show a bit of ankle! I even went as far as putting my shorts on, sorry to shock those of a nervous disposition.

But we haven’t always had that luxury. Back in the 1920’s there were laws against that sort of thing.

So – what’s this got to do with computers? Well it’s a roundabout way of getting you to think about what you’re revealing to the world in terms of your personal data.

I know I.T. people nag incessantly about passwords but in these days of email communication, social media and online file storage, often the only thing standing between you and a voyeur is the strength of your password.
So – here’s a list of 10 deadly sins that I’ve come across – I’m sure none of you have ever done any of these but here they are as a reminder of what not to do.
More info

adventure-bay-beach-307008 (1)

Manage your Supply Chain – ‘No man is an island ?’

00Cyber Attack, GDPR, IASME, ISO27001, ISO9001, Risk Management, Supply Chain RiskTags: , , , , , , August, 18

I don’t believe that any one of us working in any type of organisation, regardless of whether you’re a small business, a charity, a school or even a sole trader today can operate without the products or services of a 3rd party provider. We may well have chosen to outsource our accountancy, HR, IT and compliance management requirements. Equally, our clients outsource to us e.g. audit requirements, Data Protection Officer and so on. Our Clients all have a dependency on us to deliver services. Here at Risk Evolves – we’re no different. We’re great examples of the fact that very few, if any, organisations can operate without the support of a 3rd party. A 3rd party could be providing IT, critical resource, logistics support, payroll services, catering, cleaning etc. And yet, how many of us step back and analyse exactly what we would do if one of those third parties wasn’t available one day. What happened if they were to suffer a flood to their premises so that they couldn’t operate, if they were to go out of business, cease to provide the service that we are reliant on, be acquired by another organisation – the list goes on. More info

so-why-bother-with-certific

So why bother with certifications?

00Business Resilience, GDPR, IASME, ISO27001, ISO9001, Risk ManagementTags: , , , , , June, 18

For anyone that’s met me, they’ll know that I’m passionate about the value of certifications and standards. Whether it’s Cyber Essentials, ISO9001, OHSAS18001, Safe Contractor, FORS – all have a value to a business. Some are international standard applicable across any industry, others are industry specific. Some may be a requirement in order to enter a supply chain and will be adopted grudgingly by an organisation. For organisations who just need the ‘certificate on the wall’, there is likelihood that they are not realising the full benefits that adoption of a standard may bring. More info

berliner-breakfast-bun-cake-41300

GDPR Makes You Fat……and other scare stories

00Business Resilience, Business Risk, GDPR, Supply Chain RiskTags: , , , , May, 18

As we head towards GDPR day – May 25 – the number of scare stories about the new regulations seems to be spinning out of control.

The latest one claims half of businesses expect to be fined under the new rules: https://bit.ly/2IcnFYX . It is based on a survey which suggests businesses have put money aside in anticipation of a fine. In addition, we’ve heard of some sole traders who are so concerned about the regulations, they fear that they will need to close the shutters on their business.

The problem here is one of perception. Businesses may well be so worried that their way of dealing with the new regulations is to put money aside. But will they really be fined and does putting money under the mattress really help?  The ICO has been clear on so many occasions – fines will be the last resort. More info

stress

Crisis Management – By failing to prepare ….

00Business Resilience, Cyber Attack, Cyber SecurityTags: , , , May, 18

It’s an old adage but it’s surprising how few organisations take Benjamin Franklin’s quote seriously enough to put his advice into practise. ‘By failing to prepare you are preparing to fail’ he said.  Of course it is tough for organisations like smaller businesses and charities who don’t feel they have the time or money to spend on training. Unfortunately though, when it comes to dealing with a crisis of any sort, it is the preparation for that possibility which will save both in the long run. More info