When disaster hits your company, will you or your boss be left napping like Heathrow’s boss?
Make sure there’s a way to rouse critical staff when a genuine emergency happens.
https://www.bbc.co.uk/news/articles/c62n0y3nepzo
#cybersecurity
When disaster hits your company, will you or your boss be left napping like Heathrow’s boss?
Make sure there’s a way to rouse critical staff when a genuine emergency happens.
https://www.bbc.co.uk/news/articles/c62n0y3nepzo
#cybersecurity
@jaark@infosec.exchange
In the report, it says that Woldbye expressed “his deep regret at not being contactable during the night of the incident.”
Well, he’s learnt the lesson now I guess.
Put the crisis plan together - and then make sure you’ve considered the possible ways it could go wrong. Prevent what’s possible to prevent, and think of ways to handle the “what ifs” which might arise in those early hours of a serious incident.
@gcluley@mastodon.green I would say that the chief being asleep should (and is in this case) be just a PR ‘problem’. It’s fodder for overexcited newspaper headlines. Operationally it didn’t affect the response plan.
DR plans must not assume that an individual can be contactable and there is no tech or process that can guarantee that a person is contactable. Many senior positions would have a deputy with the authority to act if the primary is unavailable.