News

UK Government to help Lawyers and Accountants protect against Cyber Attack

Department of Business, Innovation and Skills helps Lawyers and Accountants develop Cyber Risk knowledge Digital Economy Minister Ed Vaizey has announced a new free online training course to help members of the legal and accountancy professions develop the skills they need to protect themselves and their clients from cyber-attacks.
 
Developed by government and industry, the on-line training will also enable lawyers and accountants to advise their clients on the cyber risks to their business. This will help UK businesses protect themselves from information breaches and other threats that could potentially cost them millions of pounds.
 

Heartbleed, BASH and now POODLE - new SSL vulnerability discovered

POODLE Vulnerability discovered in SSL 3.0 Researchers from Google have announced the discovery of another major flaw in Web Security. It has been called POODLE and follows hot on the heels of Bash and Heartbleed. 

 

The vulnerability is rooted in SSL v3.0 that is used as part of the security framework used for encryption across the Internet. The POODLE bug makes it possible for hackers to use a ‘man in the middle’ attack to gain access to data. 

 

BSI Organizational Resilience Standard BS 65000 DPC - comment now

BS 65000 Organization Resilience Standard
 
For the past few years one of the BSI committees has been working to develop a guidance standard that can be used by organisations to better direct, inform and support their Organizations and positively impact on its resilience.
 
The Standard known as “BS 65000:2014 Guidance on organizational resilience” has challenged the author group and been through extensive revisions before finally getting to the Public comments stage. 

Another retailer suffers data theft - Morrisons payroll data stolen


Morrisons suffers data theftWm. Morrison, one of the UK's largest supermarket chains, has had the details of more than 100,000 staff stolen. While far fewer people have been affected by this data theft than in others recently reported.
 
The theft covers the payroll records of staff employed by the company and the firm has stated no customer records have been compromised.
 

BIS Cyber Hygiene Profile - CALL FOR REVIEW

BIS CYBER HYGIENE PROFILE DRAFT REVIEW - COMMENTS NEEDEDFeedback is needed from industry on the first draft of the Cyber Hygiene Profile developed by BIS and intended to identify the basic cyber controls that should be present in business.
 
The current draft can be viewed and comments submitted through the BSI’s Draft Review System and the review will close on the 16th March, 2014.

RISK & RESILIENCE CONFERENCE | LONDON | 3rd April 2014

Risk & Resilience Conference

// 3rd April 2014 London - EVENT CLOSED

Continuity Forum and BSI Risk and Resilience Conference 2014


 
BSI and the Continuity Forum bring you the Risk and Resilience Conference 2014. Organisations across business and public sectors need to understand how in world of dynamic and fast moving risks they can improve the effectiveness of their risk and resilience management.  This conference aims to connect Risk Management and Resilience far more deeply into organisational thinking and build the business case for better and more effective action.   
 

Managing Cyber Risk from the top down

 

Connecting Cyber & Information Security with Business at the Top 

Each month seems to bring us a new report showing that business needs to be doing more on the threats to their IT.  Almost daily there are media reports of companies systems being breached by hackers, of data being lost and increasingly sophisticated criminal activity.  The Internet has become ever more part of our business processes around the world bringing new dimensions of communication, information sharing and performance. Our companies IT systems are critical, not just to business performance, but to organisational survival. 

BIS Cyber Risk developments aim to build UK Capacity in SME's

In March 2013, the UK Department for Business, Innovation and Skills issued a “Call for Views and Evidence”  that built on the commitments made in the 2011 Cyber Security Strategy published by government.

The Call for Evidence focused on the intention of government to encourage the adoption of industry led standards that can be used by organisations to  improve the management of cyber risk. The particular focus of this work stream, that is part of a series of connected developments across business and government, was centred on the needs of SME companies.

National Occupation Standards for Business Continuity - your feedback needed

National Occupation Standards for Business Continuity
 
Since 2011 the Continuity Forum has been working with Skills CFA to develop Business Continuity skills and qualifications for use in the workplace. 
 
We are now conducting a review of the Business Continuity Management (BCM) suite of National Occupational Standards (NOS).
 

CRIF looks for improvement in risk management for Cyber

Cyber Risk & Insurance Forum
The Cyber Risk & Insurance Forum (CRIF) has taken major steps towards raising awareness of the benefits of cyber insurance and the need for UK business to better understand their exposure to cyber risk.

CRIF has developed first drafts of their cyber risk matrix, and cyber risk and privacy framework which can be found on its new website, which also houses a cyber insurance risk survey. CRIF is urging businesses to participate in the survey, the results of which will be presented at a launch event in Q3 2013. 

Shaping Cyber Risk management for the UK | are you playing your part?

 
Can you help create a framework for Cyber Risk management for the UK?
 
The Department of Business, Innovation and Skills (BIS) is looking at how to help business improve its management of Cyber Risk through a process of industry engagement that is trying to identify how standards can be used in this process. 
 

The future for ISO 31000 | TC 262 Risk Management Survey | Standards

 
BSI Home pageISO Home page
The future of ISO 31000
Risk Management
HAVE YOUR SAY

 
We would really like your contribution to the future developemnt of ISO 31000 – Risk management - Principles and guidance and ISO Guide 73 - Risk management- Terminology.  These important ISO guidance documents are currently being considered for revision and the ISO technical committee, TC/262 – Risk Management –responsible for this work and the BSI has established a group to obtain feedback from risk professionals, users of the standards, and other relevant stakeholders.  
 
Your input into this review is very important and will be fed directly into ISO TC/262.
 
We are looking for your thoughts and use of Risk Management standards to help us develop a better understanding of how ISO 31000 can evolve and what aspects could be developed further. 
 
For more details please contact the Continuity Forum here or call Sara McKenna on +44 (0) 208 993 1599
 

Webcast "The role of Business Continuity & Risk Professionals in addressing Climate Risk

Webcast 

Climate Adaptation and Business Continuity - an essential connection

This webcast is the second in the the Continuity Forums Climate Adaptation Programme (CAP) webcast series and focuses on the critical role BCM and Risk Professionals have in addressing the threats posed by Climate Change.
 
In this edition Continuity Forum Programme Director, Sara McKenna, questions Russell Price and Kylie Russell (Business Lead for the Environment Agency Climate Ready programme) on the work underway and how the BCM and Risk professions need to evolve their efforts. 
 

Climate Adaptation Programme

Welcome to our Climate Adaptation Portal

Since 2006 the Continuity Forum has been working with a number of agencies and bodies to develop a deeper understanding and relevance of the Risk and Business Continuity professions applies to one of the biggest issues of our time... Climate Change. 
 
This portal is part of that effort. Through these pages we'll be providing you with support and resources, as well as asking for your insight and ideas, all geared to create a more connected and effective approach to the planning and priorities needed to address the effects of Climate Change. 
 
This has become an important policy matter to us and the chart below illustrates why.
 
Growth in Extreme Weather Disruptions and BCM
Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...