The theme of Business Continuity Awareness Week is Cyber Security. No, really…

If businesses and public organizations needed a kick in the backside over their cyber crisis preparedness, then many got it over the weekend as the ransomware ‘Wanna Decryptor’ paralysed hundreds of thousands of users and systems in more than 100 countries, including hospitals and doctors’ practices in the UK National Health Service.

So the irony of this being ‘Business Continuity Awareness Week’ #BCAW2017 is only heightened by the fact that the theme of the week is ‘Cyber Security’. But the timing of this week – and the theme – couldn’t be better.Screen Shot 2017-05-15 at 10.08.25

As the hand-wringing, blame-gaming and shock-horror media coverage continues – it’s worth spending a few minutes leafing through the Business Continuity Institute’s guide on preventing cyber attack (this is safe to click, by the way). Sure, there is some VERY basic advice in the guide – like not using ‘password’ as your ‘password’, but don’t roll your eyes too quickly.  One in five passwords are things like ‘1234567’ or ‘qwerty’ – and other entirely predictable passwords. It’s clear people need reminding of the simplest security habits.

The BCI’s guide won’t solve complex IS security issues, but it’s often the weakest links that allow the hackers in to do their business.  That weakest link is commonly your company’s IS or information security policy (or lack of it) – and if you have a policy – how well employees have been trained to implement the policy AND how diligently they act on those policy requirements.

I’m in trouble – send money!

And finally, it’s not only the junior or non-techie employees who let the hackers in.  Scammers and phishers target all levels of an organization in an attempt to breach firewalls or just separate someone from their money.

I’m aware of one CEO who knew what a ‘419’ scam was (wonder how many of you opened that link…) and how to avoid it, but was nearly stung by another email scam.  We just managed to stop him from sending his credit card details (including the ‘magic code’ on the back) to an employee whose email to the CEO claimed he was in trouble abroad, having had his laptop, wallet and phone stolen and who needed credit card details for him to be able to book into a hotel for the night.  Except it wasn’t the employee’s internet email address and he wasn’t in trouble… and, and, and.

About adamroscoe

Brit in Switzerland - always welcome a professional challenge; it's the best way to grow and learn. Currently into fourth career: 1] Journalist, 2] Public Relations and Corporate Communications, 3] Sustainability, HSE, business ethics and crisis management [4] Consultant for 2 and 3 above. Trained as a journalist when it was normal to type reports on a typewriter before entering public relations and issues management consultancy and from there joined chemical company ICI plc as head of communications for one of its divisions. Migrated to Switzerland in 2001 for a job with the communications department of a Fortune 500 company, concluding in communications as head of corporate comms. Assigned to reinvigorate and grow the company's sustainability function, specifically focusing on improving health, safety, security, crisis management, environment and human rights around the world. This background has given me an ability to embed sustainable business practice and true, two-way engagement into the business strategy. I also try to assimilate as much complex information as fast as possible, before processing it and developing strategic recommendations, backed-up by practical proposals on implementation. Interests: photography (see flickr! link on this site), learning more about the 'post-fact era', cooking, wine and classic cars. Twitter: @tontkowalski
This entry was posted in business, Company culture, cyber, risk, Uncategorized and tagged , , , , , , , , , , , . Bookmark the permalink.

One Response to The theme of Business Continuity Awareness Week is Cyber Security. No, really…

  1. david roscoe says:

    Hi, The ‘Excuse factory’ has been on overtime in the NHS again nobody seems to be in charge of ‘cyber security’ just invent a phrase to describe the problem and it will go away!

    Dad

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s