How do you get people to learn lessons about the past?

"Nobody is immune to an incident.  Things are going to go wrong."

Ahead of teissR3 | Resilience, Response and Recovery Online Summit 2020, Sarah Armstrong Smith, Chief Security Adviser, Microsoft, talks to Jeremy Swinfen Green about learning lessons from crises, how to manage risk at scale and the fragility of the supply-chain.

teissR3, taking place 15th - 24th September 2020, is the leading event focusing on how you improve your organisation’s cyber resiliency and adopt best-practice in incident response and crisis management in a post-COVID-19 world. Register your place by clicking here.

Video transcript:

So how do you get people to learn lessons about the past?

Well, I think one of the really important things is we need to look much broader. I think a lot of companies just look in their silos-- so they might look at their own individual sector. So they might, say, look at financial services, or look at energy, or look at government. It's really easy to turn round and say, oh, thank God that wasn't me. That happened over there. That was the other side of the world.

But actually I think this incident really just goes to show it can hit anywhere, any time, and affect anybody on a global scale. So actually nobody is immune to an incident. And actually, I think what we need to do is really have more sharing and collaboration. And almost be quite vulnerable to the fact that things are going to go wrong. And things are going to happen that you've not planned for.

But this is where we all have to lean in together. I think it's top down and bottom up in terms of help that the government can provide. And regulators, and really get and think around how we manage risk at scale. But also bottom up, we've got to kind of think about everybody's in the same boat, and the fragility of the supply chain. So it's not just about multinational companies and how they manage incidents. We've also got to think about the smaller SMEs, and how we can enable them. And teach them the right skills to think about their business continuity and how all of these things come together.

Copyright Lyonsdown Limited 2021

Top Articles

Usability and email security

When employees understand how their behaviour impacts email security, they become much more efficient at detecting scams, preventing data breaches, and protecting sensitive information.

The pen testing guide you never thought you needed, until now…

Security testing should be at the centre of any cyber strategy,

Institute of Cyber Digital Investigation Professionals launched

CIISec & College of Policing are announcing the independent launch of the Institute of Cyber Digital Investigation Professionals (ICDIP)

Related Articles