Category: Operational Resilience Blog

Cyber Security - Resilience - Data Protection

processor contract

Processor Contract – How Processors can inadvertently become Controllers…and why it matters!

For those of you who deal with the wonderful document that is a processor contract. Whether you’re on the Controller side or the Processor side, you will know there are quite a few hoops to jump through. This is because GDPR strengthened the requirements of a Controller-Processor relationship, outlined in Article 28. That said, a…
Read more

supply chain resilience

Supply Chain Resilience – Who are your Backup Suppliers?

Is your supply chain resilience programme reminiscent of the article image? Aged, poorly maintained, complex, hard-to-untangle. Do you carry out due diligence at the beginning of your engagements? More importantly, do you carry out ongoing governance and oversight? Even more importantly, does supply chain resilience form part of your wider operational resilience strategy or business…
Read more

security incident

Security Incident Avoidance – Hackers know we’re away for Christmas…

It’s that time of year where many of us will be ensuring our organisations can still deal with a security incident whilst most of the workforce are at home watching Christmas movies like Die Hard – yes, it’s definitely a Christmas Movie. Hackers know businesses are running on skeleton staff during the holiday period so…
Read more

CISO role: All C and no IA, the 33% CISOs failing their organisations!

In the last (maybe…) of my three-part CISO rant series (See Part One and Part Two if you want to catch up) I am going to wrap up with a rant about the 33% CISOs not giving their organisations of a full CISO role. These are the CISOs who think their role is solely about…
Read more