Podcasts about operational resilience

Who knows the meaning of the term “Business Continuity management” without looking it up? Our guest this week, Alex Fullick, is intimately familiar with the term and its ramifications. I first met Alex when we were connected as participants in a conference in London this past October sponsored by Business Continuity International. The people involved with “Business Continuity management” were described to me as the “what if people”. They are the people no one pays attention to, but who plan for emergency and unexpected situations and events that especially can cause interruptions with the flow or continuity of business. Of course, everyone wants the services of the business continuity experts once something unforeseen or horrific occurs. Alex was assigned to introduce me at the conference. Since the conference I have even had the pleasure to appear on his podcast and now, he agreed to reciprocate.   Our conversation covers many topics related to emergencies, business continuity and the mindsets people really have concerning business flow and even fear. Needless to say, this topic interests me since I directly participated in the greatest business interruption event we have faced in the world, the terrorist attacks on September 11, 2001.   Alex freely discusses fear, emergency planning and how we all can improve our chances of dealing with any kind of emergency, personal or business related, by developing the proper mindset. He points out how so often people may well plan for emergencies at work and sometimes they even take the step of developing their own business continuity mindset, but they rarely do the same for their personal lives.   Alex is the author of eight books on the subject and he now is working on book 9. You can learn more about them in our podcast show notes. I think you will gain a lot of insight from what Alex has to say and I hope his thoughts and comments will help you as you think more now about the whole idea of business continuity.       About the Guest:   Alex Fullick has been working in the Business Continuity Management, Disaster Recovery, and Operational Resilience industries as a consultant/contractor for just over 28 years. Alex is also the founder and Managing Director of StoneRoad, a consulting and training firm specializing in BCM and Resilience and is the author of eight books…and working on number nine.   He has numerous industry certifications and has presented at prestigious conferences around the globe including Manila, Seoul, Bucharest, Brisbane, Toronto, and London (to name a few). In July of 2017 he created the highly successful and top-rated podcast focusing on Business Continuity and Resilience ‘Preparing for the Unexpected'. The show aims to touch on any subject that directly or indirectly touches on the world of disasters, crises, well-being, continuity management, and resilience. The first of its kind in the BCM and Resilience world and is still going strong after thirty plus seasons, reaching an audience around the globe. Alex was born in England but now calls the city of Guelph, Ontario, Canada, his home. Ways to connect Alex:   www.linkedin.com/in/alex-fullick-826a694   About the Host:   Michael Hingson is a New York Times best-selling author, international lecturer, and Chief Vision Officer for accessiBe. Michael, blind since birth, survived the 9/11 attacks with the help of his guide dog Roselle. This story is the subject of his best-selling book, Thunder Dog.   Michael gives over 100 presentations around the world each year speaking to influential groups such as Exxon Mobile, AT&T, Federal Express, Scripps College, Rutgers University, Children's Hospital, and the American Red Cross just to name a few. He is Ambassador for the National Braille Literacy Campaign for the National Federation of the Blind and also serves as Ambassador for the American Humane Association's 2012 Hero Dog Awards.   https://michaelhingson.com https://www.facebook.com/michael.hingson.author.speaker/ https://twitter.com/mhingson https://www.youtube.com/user/mhingson https://www.linkedin.com/in/michaelhingson/   accessiBe Links https://accessibe.com/ https://www.youtube.com/c/accessiBe https://www.linkedin.com/company/accessibe/mycompany/ https://www.facebook.com/accessibe/       Thanks for listening!   Thanks so much for listening to our podcast! If you enjoyed this episode and think that others could benefit from listening, please share it using the social media buttons on this page. Do you have some feedback or questions about this episode? Leave a comment in the section below!   Subscribe to the podcast   If you would like to get automatic updates of new podcast episodes, you can subscribe to the podcast on Apple Podcasts or Stitcher. You can subscribe in your favorite podcast app. You can also support our podcast through our tip jar https://tips.pinecast.com/jar/unstoppable-mindset .   Leave us an Apple Podcasts review   Ratings and reviews from our listeners are extremely valuable to us and greatly appreciated. They help our podcast rank higher on Apple Podcasts, which exposes our show to more awesome listeners like you. If you have a minute, please leave an honest review on Apple Podcasts.       Transcription Notes:   Michael Hingson ** 00:00 Access Cast and accessiBe Initiative presents Unstoppable Mindset. The podcast where inclusion, diversity and the unexpected meet. Hi, I'm Michael Hingson, Chief Vision Officer for accessiBe and the author of the number one New York Times bestselling book, Thunder dog, the story of a blind man, his guide dog and the triumph of trust. Thanks for joining me on my podcast as we explore our own blinding fears of inclusion unacceptance and our resistance to change. We will discover the idea that no matter the situation, or the people we encounter, our own fears, and prejudices often are our strongest barriers to moving forward. The unstoppable mindset podcast is sponsored by accessiBe, that's a c c e s s i capital B e. Visit www.accessibe.com to learn how you can make your website accessible for persons with disabilities. And to help make the internet fully inclusive by the year 2025. Glad you dropped by we're happy to meet you and to have you here with us.   Michael Hingson ** 01:21 Well, hello, everyone, wherever you happen to be, welcome to another episode of unstoppable mindset where inclusion, diversity and the unexpected meet and unexpected is anything that has nothing to do with inclusion or diversity. As I've said many times today, our guest is someone I got to meet last year, and we'll talk about that. His name is Alex Bullock, and Alex and I met because we both attended a conference in London in October about business continuity. And I'm going to let Alex define that and describe what that is all about. But Alex introduced me at the conference, and among other things, I convinced him that he had to come on unstoppable mindset. And so we get to do that today. He says he's nervous. So you know, all I gotta say is just keep staring at your screens and your speakers and and just keep him nervous. Keep him on edge. Alex, welcome to unstoppable mindset. We're really glad you're   Alex Fullick ** 02:19 here. Thanks, Michael. I really appreciate the invite, and I'm glad to be here today. And yeah, a little nervous, because usually it's me on the other side of the microphone interviewing people. So I don't fit in this chair too often   Michael Hingson ** 02:33 I've been there and done that as I recall, yes,   Alex Fullick ** 02:37 yes, you were a guest of mine. Oh, I guess when did we do that show? A month and a half, two months ago? Or something, at least,   Michael Hingson ** 02:45 I forget, yeah. And I said the only charge for me coming on your podcast was you had to come on this one. So there you go. Here I am. Yeah, several people ask me, Is there a charge for coming on your podcast? And I have just never done that. I've never felt that I should charge somebody to come on the podcast, other than we do have the one rule, which is, you gotta have fun. If you can't have fun, then there's no sense being on the podcast. So, you know, that works out. Well, tell us about the early Alex, growing up and, you know, all that sort of stuff, so that people get to know you a little bit.   Alex Fullick ** 03:16 Oh, the early Alex, sure. The early Alex, okay, well, a lot of people don't know I was actually born in England myself, uh, Farnam Surrey, southwest of London, so until I was about eight, and then we came to Canada. Grew up in Thunder Bay, Northwestern Ontario, and then moved to the Greater Toronto Area, and I've lived all around here, north of the city, right downtown in the city, and now I live an hour west of it, in a city called Guelph. So that's how I got here. Younger me was typical, I guess, nothing   Michael Hingson ** 03:56 special. Went to school, high school and all that sort of stuff. Yeah, yeah, no.   Alex Fullick ** 04:02 Brainiac. I was working my first job was in hospitality, and I thought that's where I was going to be for a long time, because I worked my way up to I did all the positions, kitchen manager, Assistant Manager, cooks, bartender, server, did everything in there was even a company trainer at one point for a restaurant chain, and then did some general managing. But I got to a point where computers were going to start coming in to the industry, and I thought, well, I guess I should learn how to use these things, shouldn't I? And I went to school, learned how to use them, basic using, I'm not talking about building computers and networks and things like that, just the user side of things. And that was, did that for six months, and then I thought I was going back into the industry. And no fate had. Something different for me. What happened? Well, my best friend, who is still my best friend, 30 years later, he was working for a large financial institution, and he said, Hey, we need some help on this big program to build some call trees. When you're finished, he goes, get your foot in the door, and you could find something else within the bank. So I went, Okay, fine. Well, they called the position business recovery planner, and I knew absolutely nothing about business recovery or business continuity. Not a single thing. I'd never even heard the term yeah and but for some reason, I just took to it. I don't know what it was at the time, but I just went, this is kind of neat. And I think it was the fact that I was learning something different, you know, I wasn't memorizing a recipe for Alfredo sauce or something like that, you know, it was completely different. And I was meeting and working with people at every level, sitting in meetings with senior vice presidents and CEOs and giving them updates, and, you know, a data analyst, data entry clerk, and just talking. And I went, This is so much fun, you know, and that's I've been doing that now for over 28 years.   Michael Hingson ** 06:14 Well, I I had not really heard much of the term business continuity, although I understand emergency preparedness and such things, because I did that, of course, going into the World Trade Center, and I did it for, well, partly to be prepared for an emergency, but also partly because I was a leader of an office, and I felt that I needed to know What to do if there were ever an emergency, and how to behave, because I couldn't necessarily rely on other people, and also, in reality, I might even be the only person in the office. So it was a survival issue to a degree, but I learned what to do. And of course, we know the history of September 11 and me and all that, but the reality is that what I realized many years later was that the knowledge that I learned and gained that helped me on September 11 really created a mindset that allowed me to be able to function and not be as I Put it to people blinded or paralyzed by fear, the fear was there. I would be dumb to say I wasn't concerned, but the fear helped me focus, as opposed to being something that overwhelmed and completely blocked me from being capable and being able to function. So I know what you're saying. Well, what exactly is business continuity?   Alex Fullick ** 07:44 You know, there are people who are going to watch this and listen and they're going to want me to give a really perfect definition, but depending on the organization, depending on leadership, depending on the guiding industry organization out there, business continuity, Institute, Disaster Recovery Institute, ISO NIST and so many other groups out there. I'm not going to quote any of them as a definition, because if I if I say one the others, are going to be mad at me, yell at you, yeah, yeah. Or if I quote it wrong, they'll get mad at me. So I'm going to explain it the way I usually do it to people when I'm talking in the dog park, yeah, when they ask what I'm doing, I'll say Business Continuity Management is, how do you keep your business going? What do you need? Who do you need the resources when you've been hit by an event and and with the least impact to your customers and your delivery of services, yeah, and it's simple, they all get it. They all understand it. So if anyone doesn't like that, please feel free send me an email. I can hit the delete key just as fast as you can write it. So you know, but that's what a lot of people understand, and that's really what business continuity management is, right from the very beginning when you identify something, all the way to why we made it through, we're done. The incident's over.   Michael Hingson ** 09:16 Both worked with at the Business Continuity international hybrid convention in October was Sergio Garcia, who kind of coordinated things. And I think it was he who I asked, what, what is it that you do? What's the purpose of all of the people getting together and having this conference? And he said, I think it was he who said it not you, that the the best way to think about it is that the people who go to this conference are the what if people, they're the ones who have to think about having an event, and what happens if there's an event, and how do you deal with it? But so the what if people, they're the people that nobody ever pays any attention to until such time as there is something that. Happens, and then they're in high demand.   Alex Fullick ** 10:03 Yeah, that that's especially that being ignored part until something happened. Yeah, yeah. Well, well, the nice thing, one of the things I love about this position, and I've been doing it like I said, for 28 years, written books, podcasts, you've been on my show, YouTube channel, etc, etc, is that I do get to learn and from so many people and show the value of what we do, and I'm in a position to reach out and talk to so many different people, like I mentioned earlier. You know, CEOs. I can sit in front of the CEO and tell them you're not ready. If something happens, you're not ready because you haven't attended any training, or your team hasn't attended training, or nobody's contributing to crisis management or the business continuity or whatever you want to talk about. And I find that empowering, and it's amazing to sit there and not tell a CEO to their face, you know you're screwed. Not. You know, you don't say those kinds of things. No, but being able to sit there and just have a moment with them to to say that, however you term it, you might have a good relationship with them where you can't say that for all I know, but it being able to sit in front of a CEO or a vice president and say, hey, you know, this is where things are. This is where I need your help. You know, I don't think a lot of people get that luxury to be able to do it. And I'm lucky enough that I've worked with a lot of clients where I can't. This is where I need your help. You know. What's your expectation? Let's make it happen, you know, and having that behind you is it's kind of empowering,   Michael Hingson ** 11:47 yeah, well, one of the things that I have start talking a little bit about with people when talk about emergency preparedness is, if you're really going to talk about being prepared for an emergency. One of the things that you need to do is recognize that probably the biggest part of emergency preparedness, or business continuity, however you want to term, it, isn't physical it's the mental preparation that you need to make that people generally don't make. You know, I've been watching for the last now, five or six weeks, all the flyers and things down here in California, which have been so horrible, and people talk about being prepared physically. You should have a go bag so that you can grab it and go. You should do this. You should do that. But the problem is nobody ever talks about or or helps people really deal with the mental preparation for something unexpected. And I'm going to, I'm going to put it that way, as opposed to saying something negative, because it could be a positive thing. But the bottom line is, we don't really learn to prepare ourselves for unexpected things that happen in our lives and how to react to them, and so especially when it's a negative thing, the fear just completely overwhelms us.   Alex Fullick ** 13:09 Yeah, I agree with you. You know, fear can be what's that to fight, flight or freeze? Yeah, and a lot of people don't know how to respond when an event happens. And I think I'm going to take a step back, and I think that goes back to when we're young as well, because we have our parents, our grandparents, our teachers, our principals. You know, you can go achieve your goals, like everything is positive. You can go do that. Go do that. They don't teach you that, yeah, to achieve those goals, you're going to hit some roadblocks, and you need to understand how to deal with that when things occur. And use your example with the fires in California. If you don't know how to prepare for some of those small things, then when a big fire like that occurs, you're even less prepared. I have no idea how to deal with that, and it is. It's a really change in mindset and understanding that not everything is rosy. And unfortunately, a lot of people get told, or they get told, Oh, don't worry about it. It'll never happen. So great when it does happen. Well, then was that advice?   Michael Hingson ** 14:25 Yeah, I remember after September 11, a couple of months after, I called somebody who had expressed an interest in purchasing some tape backup products for from us at Quantum. And I hadn't heard from them, and so I reached out, and I said, So what's going on? How would you guys like to proceed? And this was an IT guy, and he said, Oh, well, the president of the company said September 11 happened, and so since they did, we're not going to have to worry about that anymore. So we're not going to go forward. Or worth doing anything to back up our data, and I'm sitting there going, you missed the whole point of what backup is all about. I didn't dare say that to him, but it isn't just about an emergency, but it's also about, what if you accidentally delete a file? Do you have a way to go back and get it? I mean, there's so many other parts to it, but this guy's boss just basically said, Well, it happened, so it's not going to happen now we don't have to worry about it. Yeah,   Alex Fullick ** 15:27 like you hear on the news. Well, it feels like daily, oh, once in 100 year storm, once in 100 year event, once in 100 year this. Well, take a look at the news. It's happening weekly, daily, yeah, yeah. One in 100   Michael Hingson ** 15:44 years thing, yeah. Nowadays, absolutely, there's so many things that are happening. California is going through a couple of major atmospheric rivers right now, as they're now calling it. And so Southern California is getting a lot of rain because of of one of the rivers, and of course, it has all the burn areas from the fires. So I don't know what we'll see in the way of mudslides, but the rain is picking up. Even here, where I live, we're going to get an inch or more of rain, and usually we don't get the rain that a lot of other places get. The clouds have to go over a lot of mountains to get to us, and they lose their moisture before they do that. Yeah,   Alex Fullick ** 16:23 yeah. We just had a whole pile of snow here. So we had a snowstorm yesterday. So we've got about 20 centimeters of snow out there that hasn't been plowed yet. So bit of   Michael Hingson ** 16:36 a mess. There you go. Well, you know, go out and play on the snow. Well,   Alex Fullick ** 16:41 the dog loves it, that's for sure. Like troubling it, but, yeah,   Michael Hingson ** 16:46 I don't think my cat would like it, but the animal would like it. He'd go out and play in it. If it were here, we don't get much snow here, but Yeah, he'd play it. But, but it is. It is so interesting to really talk about this whole issue of of business continuity, emergency preparedness, whatever you want to consider it, because it's it's more than anything. It's a mindset, and it is something that people should learn to do in their lives in general, because it would help people be a lot more prepared. If people really created a mindset in themselves about dealing with unexpected things, probably they'd be a little bit more prepared physically for an emergency, but they would certainly be in a lot better shape to deal with something as like the fires are approaching, but they don't, but we don't do that. We don't teach that.   Alex Fullick ** 17:43 No, we it's interesting too, that a lot of those people, they'll work on projects in their organization, you know, and they will look at things well, what can go wrong, you know, and try to mitigate it and fix, you know, whatever issues are in the way or remove roadblocks. They're actually doing that as part of their project. But when it comes to themselves, and they have to think about fires or something like that, is now that won't happen, you know. And wait a minute, how come you've got the right mindset when it comes to your projects at work, but you don't have that same mindset when it comes to your own well being, or your families, or whatever the case may be. How come it's different? You go from one side to the other and it I've noticed that a few times with people and like, I don't get it. Why? Why are you so you have the right mindset under one circumstance and the other circumstance, you completely ignore it and don't have the mindset,   Michael Hingson ** 18:45 yeah, which, which makes you wonder, how much of a mindset Do you really have when it comes to work in all aspects of it? And so one of the things that I remember after September 11, people constantly asked me is, who helped you down the stairs, or was there somebody who was responsible for coming to get you, to take you downstairs and and the reality is, as I said, I was the leader. I was helping other people go downstairs. But by the same token, I'm of the opinion that in buildings like the World Trade Center towers, there is people talk about the buddy system. So if somebody is is in the building, you should have a buddy. And it doesn't even need to be necessarily, in the same office, but there should be an arrangement so that there is somebody looking out for each each other person. So everybody should have a buddy. I'm of the opinion it isn't a buddy. There should be two buddies, and at least one of them has to be outside of the office, so that you have three people who have to communicate and develop those lines of communications and work through it. And by that way, you you have a. Better chance of making sure that more people get whatever communications are necessary.   Alex Fullick ** 20:06 Yeah, you create your like a support network, absolutely,   Michael Hingson ** 20:10 and I think at least a triumvirate makes a lot more sense than just a buddy. Yeah,   Alex Fullick ** 20:14 you you might be freaked out, you know, nervous shaking, but with a couple of people standing there, you know, talking to you, you're going to come right back hopefully. You know, with that, the calmer, you know, stop shaking when a couple of people are there. Yeah, you a lot of times when you have the same one person doing it, usually, oh, you're just saying that because you have to. But when you two people doing it, it's like, okay, thank thanks team. You know, like you're really helping. You know, this is much better.   Michael Hingson ** 20:48 Yeah, I think it makes a lot more sense, and especially if one of them isn't necessarily a person who's normally in your work pattern that brings somebody in from someone with the outside who approaches things differently because they don't necessarily know you or as well or in the same way as your buddy who's maybe next door to you in the office, right across the hall or next door, or whatever. Yeah, yeah. I agree. I think it makes sense well, the conference that we were at a lot to well, to a large degree, and at least for my presentation, was all about resilience. What is resilience to you? How's that for a general question that   Alex Fullick ** 21:31 has become such a buzzword, I know it   Michael Hingson ** 21:35 really is, and it's unfortunate, because when, when we start hearing, you know, resilience, or I hear all the time amazing and so many times we get all these buzzwords, and they they really lose a lot of their value when that happens. But still, that's a fair question. I   Alex Fullick ** 21:53 do think the word resilience is overused, and it's losing its meaning. You know, dictionary meaning, because it's just used for everything these days. Yeah, you know, my neighbor left her keys. Sorry. Her daughter took her house keys this morning by accident. She couldn't get into her house when she got him back, and she had a comment where she said, you know, oh, well, I'm resilient, but really, you just went and got some Keith, how was that so? So I'm, I'm starting to get to the point now, when people ask me, you know, what's resilience to you? What's it mean to you? I just, I start to say, Now, does it matter? Yeah, my definition is fine for me, if you have a definition of it for yourself that you understand you you know what it means, or your organization has a definition, we'll take it and run. Yeah, you know what it means. You're all behind that. Meaning. We don't need a vendor or some other guiding industry organization to say this is, this must be your definition of resilience. It's like, well, no, you're just wordsmithing and making it sound fancy. You know, do it means what it means to you? You know, how, how do you define it? If that's how you define it, that's what it means, and that's all that matters. My definition doesn't matter. Nobody else's definition matters, you know, because, and it's become that way because the term used, you know, for everything these days. Yeah, I   Michael Hingson ** 23:30 think that there's a lot of value in if a person is, if we use the dictionary definition, resilient, they they Well, again, from my definition, it gets back to the mindset you establish. You establish a mindset where you can be flexible, where you can adapt, and where you can sometimes think outside the box that you would normally think out of, but you don't panic to do that. You've learned how to address different things and be able to focus, to develop what you need to do to accomplish, whatever you need to accomplish at any unexpected time.   Alex Fullick ** 24:06 Yeah, and you're calm, level headed, you know, you've got that right mindset. You don't freak out over the small things, you know, you see the bigger picture. You understand it. You know, I'm here. That's where I need to go, and that's where you focus and, you know, sweat all those little things, you know. And I think, I think it's, it's kind of reminds me that the definitions that are being thrown out there now reminds me of some of those mission and vision statements that leadership comes up with in their organizations, with all this, oh, that, you know, you read the sentence and it makes no sense whatsoever, yeah, you know, like, what?   Michael Hingson ** 24:45 What's so, what's the wackiest definition of resilience that you can think of that you've heard?   Alex Fullick ** 24:51 Um, I don't know if there's a wacky one or an unusual one. Um, oh, geez. I. I know I've heard definitions of bounce forward, bounce back, you know, agility, adaptability. Well, your   Michael Hingson ** 25:07 car keys, lady this morning, your house key, your house key, lady this morning, the same thing, yeah, yeah. I don't resilient just because she got her keys back. Yeah, really, yeah. Well,   Alex Fullick ** 25:17 that's kind of a wacky example. Yeah, of one, but I don't think there's, I've heard any weird definitions yet. I'm sure that's probably some out there coming. Yeah, we'll get to the point where, how the heck did are you defining resilience with that? Yeah? And if you're looking at from that way, then yeah, my neighbor with the keys that would fit in right there. That's not resilient. You just went and picked up some keys.   Michael Hingson ** 25:45 Yeah. Where's the resilience? How did you adapt? You the resilience might be if you didn't, the resilience might be if you didn't panic, although I'm sure that didn't happen. But that would, that would lean toward the concept of resilience. If you didn't panic and just went, Well, I I'll go get them. Everything will be fine, but that's not what people do,   Alex Fullick ** 26:08 yeah? Well, that that is what she did, actually. She just as I was shoveling snow this morning, she goes, Oh, well, I'll just go get her, get them, okay, yeah. Does that really mean resilience, or Does that just mean you went to pick up the keys that your daughter accidentally took   Michael Hingson ** 26:24 and and you stayed reasonably level headed about it,   Alex Fullick ** 26:28 you know, you know. So, you know, I don't know, yeah, if, if I would count that as a definition of resilience, but, or even I agree resilience, it's more of okay, yeah, yeah. If, if it's something like that, then that must mean I'm resilient when I forget to pull the laundry out after the buzzer. Oh yeah, I gotta pull the laundry out. Did that make me resilient? Yeah,   Michael Hingson ** 26:52 absolutely, once you pulled it out, you weren't resilient, not until then,   Alex Fullick ** 26:57 you know. So, so I guess it's you know, how people but then it comes down to how people want to define it too. Yeah, if they're happy with that definition, well, if it makes you happy, I'm not going to tell you to change   Michael Hingson ** 27:11 it. Yeah, has but, but I think ultimately there are some some basic standards that get back to what we talked about earlier, which is establishing a mindset and being able to deal with things that come out of the ordinary well, and you're in an industry that, by and large, is probably viewed as pretty negative, you're always anticipating the emergencies and and all the unexpected horrible things that can happen, the what if people again, but that's that's got to be, from a mindset standpoint, a little bit tough to deal with it. You're always dealing with this negative industry. How do you do that? You're resilient, I know. But anyway, yeah,   Alex Fullick ** 27:56 really, I just look at it from a risk perspective. Oh, could that happen to us? You know, no, it wouldn't, you know, we're we're in the middle of a Canadian Shield, or at least where I am. We're in the middle of Canadian Shield. There's not going to be two plates rubbing against each other and having an earthquake. So I just look at it from risk where we are, snowstorms, yep, that could hit us and has. What do we do? Okay, well, we close our facility, we have everyone work from home, you know, etc, etc. So I don't look at it from the perspective of doom and gloom. I look at it more of opportunity to make us better at what we do and how we prepare and how we respond and how we overcome, you know, situations that happen out there, and I don't look at it from the oh, here comes, you know, the disaster guy you know, always pointing out everything that's wrong. You know, I'd rather point out opportunities that we have to become as a team, organization or a person stronger. Yeah,   Michael Hingson ** 29:01 I guess it's not necessarily a disaster. And as I said earlier, it could very well be that some unexpected thing will happen that could be a very positive thing. But again, if we don't have the mindset to deal with that, then we don't and the reality is, the more that we work to develop a mindset to deal with unexpected things, the more quickly we can make a correct analysis of whatever is going on and move forward from it, as opposed to letting fear again overwhelm us, we can if we practice creating This mindset that says we really understand how to deal with unexpected situations, then we are in a position to be able to the more we practice it, deal with it, and move forward in a positive way. So it doesn't need to be a disaster. September 11 was a disaster by any standard, but as I tell people. People. While I am still convinced that no matter what anyone might think, we couldn't figure out that September 11 was going to happen, I'm not convinced that even if all the agencies communicated, they would have gotten it because and I talk about trust and teamwork a lot, as I point out, a team of 19 people kept their mouth shut, or a few more who were helping in the planning of it, and they pulled off something that basically brought the world to its knees. So I'm not convinced that we could have stopped September 11 from happening. At least I haven't heard something that convinces me of that yet. But what each of us has the ability to do is to determine how we deal with September 11. So we couldn't prevent it, but we can certainly all deal with or address the issue of, how do we deal with it going forward? Yeah,   Alex Fullick ** 30:52 I agree. I I was actually in a conversation with my niece a couple of months ago. We were up at the cottage, and she was talking about school, and, you know, some of the people that she goes to school with, and I said, Well, you're never going to be able to change other people. You know, what they think or what they do. I said, what you can control is your response. You know, if, if they're always picking on you, the reason they're picking on you is because they know they can get a rise out of you. They know they it. Whatever they're saying or doing is getting to you, so they're going to keep doing it because it's empowering for them. But you can take away that empowerment if you make the right choices on how you respond, if you just shrug and walk away. I'm simplifying it, of course, yeah, if you just shrug and walk away. Well, after a while, they're going to realize nothing I'm saying is getting through, and they'll move away from you. They'll they won't bug you anymore, because they can't get a rise out. They can't get a rise out of you. So the only thing you can control is how you respond, you know. And as you keep saying, it's the mindset. Change your mindset from response to, you know, I'm prepared for what this person's going to say, and I'm not going to let it bother me. Yeah?   Michael Hingson ** 32:08 Well, bullying is really all about that. Yeah, people can't bully if you don't let yourself be bullied. Yep, and whether it's social media and so many other things, you can't be bullied if you don't allow it and if you ignore it or move on or get help to deal with the issue if it gets serious enough, but you don't need to approach it from a shame or fear standpoint, or you or you shouldn't anyway, but that's unfortunately, again, all too often. What happens when we see a lot of teenage suicides and so on, because people are letting the bullies get a rise out of them, and the bullies win.   Alex Fullick ** 32:51 Yep, yep. And as I told her, I said, you just mentioned it too. If it gets out of hand or becomes physical, I said, then you have to take action. I don't mean turning around and swinging back. I said, No, step up. Go get someone who is has authority and can do something about it. Yeah, don't, don't run away. Just deal with it differently, you know. And don't, don't start the fight, because then you're just confirming that I'm the bully. I can do this again. Yeah, you're, you're giving them license to do what they want. Yeah, but stand up to them, or tell, depending on the situation, tell someone higher up in authority that can do something and make make a change, but you have to be calm when you do it.   Michael Hingson ** 33:39 I remember when I was at UC Irvine, when I was going to college, my had my first guide dog, Squire. He was a golden retriever, 64 pounds, the most gentle, wonderful dog you could ever imagine. And unfortunately, other students on campus would bring their dogs. It was a very big campus, pretty, in a sense, rural, and there were only about 2700 students. And a bunch of students would bring their dogs to school, and they would just turn the dogs loose, and they go off to class, and then they find their dogs at the end of the day. Unfortunately, some of the dogs developed into a pack, and one day, they decided they were going to come after my guide dog. I think I've told this story a couple times on on this podcast, but what happened was we were walking down a sidewalk, and the dogs were coming up from behind, and they were growling and so on. And squire, my guide dog, jerked away from me. I still held his leash, but he jerked out of his harness, out of my hand, and literally jumped up in the air, turned around and came down on all fours, hunkered down and growled at these dogs all in this the well, about a two second time frame, totally shocked the dogs. They just slunked away. Somebody was describing it to me later, and you know, the dog was very deliberate about what he did. Of course, after they left, he comes over and He's wagging his tail. Did I do good or what? But, but he was very deliberate, and it's a lesson to to deal with things. And he never attacked any of the dogs, but he wasn't going to let anything happen to him or me, and that's what loyalty is really all about. But if something had happened and that hadn't worked out the way expected, then I would have had to have gone off and and I, in fact, I did talk to school officials about the fact that these dogs were doing that. And I don't even remember whether anybody did anything, but I know I was also a day or so later going into one of the the buildings. Before he got inside, there was a guy I knew who was in a wheelchair, and another dog did come up and started to try to attack squire, this guy with in the wheelchair, pulled one of the arms off his chair and just lambasted the dog right across the head, made him back up. Yeah, you know. But it was that people shouldn't be doing what they allowed their dog. You know, shouldn't be doing that, but. But the bottom line is, it's still a lesson that you don't let yourself be bullied. Yeah, yep, and there's no need to do that, but it is a it's a pretty fascinating thing to to see and to deal with, but it's all about preparation. And again, if we teach ourselves to think strategically and develop that skill, it becomes just second nature to do it, which is, unfortunately, what we don't learn.   Alex Fullick ** 36:48 Yeah, I didn't know that as a kid, because when I was a little kid and first came to Canada, especially, I was bullied because, well, I had a funny voice.   Michael Hingson ** 36:57 You did? You don't have that anymore, by the way, no,   Alex Fullick ** 37:01 if I, if I'm with my mom or relatives, especially when I'm back in England, words will start coming back. Yeah, there are words that I do say differently, garage or garage, yeah. You know, I hate garage, but garage, yeah, I still say some words like that,   Michael Hingson ** 37:18 or process, as opposed to process.   Alex Fullick ** 37:21 Yeah, so, you know, there's something like that, but as a kid, I was bullied and I there was, was no talk of mindset or how to deal with it. It's either put up with it or, you know, you really couldn't turn to anybody back then, because nobody really knew themselves how to deal with it. Yeah, bullies had always been around. They were always in the playground. So the the mechanisms to deal with it weren't there either. It wasn't till much later that I'm able to to deal with that if someone said some of the things now, right away, I can turn around because I've trained myself to have a different mindset and say that, no, that's unacceptable. You can't talk to that person, or you can't talk to me that way. Yeah, you know, if you say it again, I will, you know, call the police or whatever. Never anything where I'm going to punch you in the chin, you know, or something like that. Never. That doesn't solve anything. No, stand up saying, you know, no, I'm not going to accept that. You know, which is easier now, and maybe that just comes with age or something, I don't know, but back then, no, it was, you know, that that kind of mechanism to deal with it, or finding that inner strength and mindset to do that wasn't there,   Michael Hingson ** 38:43 right? But when you started to work on developing that mindset, the more you worked on it, the easier it became to make it happen. Yep, agreed. And so now it's a way of life, and it's something that I think we all really could learn and should learn. And my book live like a guide dog is really all about that developing that mindset to control fear. And I just think it's so important that we really deal with it. And you know, in this country right now, we've got a government administration that's all about chaos and fear, and unfortunately, not nearly enough people have learned how to deal with that, which is too bad, yep, although,   Alex Fullick ** 39:30 go ahead, I was going to say it's a shame that, you know, some a lot of people haven't learned how to deal with that. Part of it, again, is we don't teach that as well. So sometimes the only thing some people know is fear and bullying, because that's all they've experienced, yeah, either as the bully or being bullied. So they they don't see anything different. So when it happens on a scale, what we see right now it. It's, well, that's normal, yeah, it's not normal, actually. You know, it's not something we should be doing. You know, you should be able to stand up to your bully, or stand up when you see something wrong, you know, and help because it's human nature to want to help other people. You know, there's been so many accidents people falling, or you'll need their snow removed, where I am, and people jump in and help, yeah? You know, without sometimes, a lot of times, they don't even ask. It's like, oh, let me give you a hand,   Michael Hingson ** 40:33 yeah. And we had that when we lived in New Jersey, like snow removal. We had a Boy Scout who started a business, and every year he'd come around and clear everybody's snow. He cleared our snow. He said, I am absolutely happy to do it. We we wanted to pay him for it, but he was, he was great, and we always had a nice, clean driveway. But you know, the other side of this whole issue with the mindset is if we take it in a more positive direction, look at people like Sully Sullenberger, the pilot and the airplane on the Hudson, how he stayed focused. He had developed the mindset and stayed focused so that he could deal with that airplane. That doesn't mean that he wasn't afraid and had concerns, but he was able to do something that was was definitely pretty fantastic, because he kept his cool, yeah,   Alex Fullick ** 41:23 I think he knew, and others in other situations know that if you're freaking out yourself, you're not going to fix the issue, you're going to make it worse. We see that in Hollywood tends to do that a lot. In their movies, there's always a character who's flipping out, you know, panicking, going crazy and making everything worse. Well, that does happen, you know, if you act that way, you're not going to resolve your situation, whatever you find yourself in, you know. And I tell people that in business continuity when we're having meetings, well, we'll figure it out when it happens. No, you don't know how you'll behave. You don't know how you'll respond when, oh, I don't know an active shooter or something. You have no idea when you hear that someone you know just got shot down in the lobby. Are you going to tell me you're going to be calm? You sorry? You know you're going to be calm and just okay, yeah, we can deal with it. No, you're going to get a wave of panic, yeah, or other emotions coming over you, you know. And you have to have that mindset. You can still be panicked and upset and freaked out, or however you want to describe that, but you know, I have to stay in control. I can't let that fear take over, or I'm going to get myself in that situation as well. Yeah, I have to be able to manage it. Okay, what do I have to do? I gotta go hide. You know, I'm not saying you're not sweating, you know, with nervousness like that, but you understand, gotta think beyond this if I want to get out of this situation. You know, I'm going to take these people that are sitting with me, we're going to go lock ourselves in the storage closet, or, you know, whatever, right? But have that wherewithal to be able to understand that and, you know, be be safe, you know, but freaking out, you're only contributing to the situation, and then you end up freaking out other people and getting them panicked. Course, you do. They're not, you know, they don't have the right mindset to deal with issues. And then you've got everyone going in every direction, nobody's helping each other. And then you're creating, you know, bigger issues, and   Michael Hingson ** 43:37 you lose more lives, and you create more catastrophes all the way around. I remember when I was going down the stairs at the World Trade Center, I kept telling Roselle what a good job she was doing, good girl. And I did that for a couple of reasons. The main reason was I wanted her to know that I was okay and I'm not going to be influenced by fear. But I wanted her to feel comfortable what what happened, though, as a result of that, and was a lesson for me. I got contacted several years later one time, specifically when I went to Kansas City to do a speech, and a woman said she wanted to come and hear me because she had come into the stairwell just after, or as we were passing her floor, which was, I think, the 54th floor. Then she said, I heard you just praising your dog and being very calm. And she said, I and other people just decided we're going to follow you down the stairs. And it was, it was a great lesson to understand that staying focused, no matter what the fear level was, really otherwise, staying focused and encouraging was a much more positive thing to do, and today, people still don't imagine how, in a sense, comet was going down the stairs, which doesn't mean that people weren't afraid. But several of us worked to really keep panic out of the stairwell as we were going down. My friend David did he panicked, but then he. He walked a floor below me and started shouting up to me whatever he saw on the stairwell, and that was really for his benefit. He said to have something to do other than thinking about what was going on, because he was getting pretty scared about it. But what David did by shouting up to me was he acted as a focal point for anyone on the stairs who could hear him, and they would hear him say things like, Hey, Mike, I'm at the 43rd floor. All's good here. Everyone who could hear him had someone on the stairs who was focused, sounded calm, and that they could listen to to know that everybody was okay, which was so cool, and   Alex Fullick ** 45:38 that that probably helped them realize, okay, we're in the right direction. We're going the right way. Someone is, you know, sending a positive comments. So if, if we've got, you know, three, if he's three floors below us, we know at least on the next three floors, everything is okay.   Michael Hingson ** 45:56 Well, even if they didn't know where he wasn't right, but even if he they didn't know where he was in relation to them, the fact is, they heard somebody on the stairs saying, I'm okay, yeah, whether he felt it, he did sound it all the way down the stairs. Yeah, and I know that he was panicking, because he did it originally, but he got over that. I snapped at him. I just said, Stop it, David, if Rosell and I can go down these stairs, so can you. And then he did. He focused, and I'm sure that he had to have helped 1000s of people going down the stairs, and helped with his words, keeping them calm.   Alex Fullick ** 46:32 Yeah, yeah. It makes a difference, you know. Like I said earlier, you doesn't mean you're still not afraid. Doesn't mean that, you know, you're not aware of the negative situation around you. It's and you can't change it, but you can change, like I said earlier, you can change how you respond to it. You can be in control that way, right? And that's eventually what, what he did, and you you were, you know, you were controlled going downstairs, you know, with with your guide dog, and with all these people following you, and because of the way you were, like, then they were following you, yeah, and they remained calm. It's like there's someone calling up from below who's safe. I can hear that. I'm listening to Michael. He'll tell his dog how well behaved they are. And he's going down calmly. Okay, you know, I can do this. And they start calming down,   Michael Hingson ** 47:28 yeah, what's the riskiest thing you've ever done? Oh, word. Must have taken a risk somewhere in the world, other than public speaking. Oh, yeah, public speaking.   Alex Fullick ** 47:40 I still get nervous the first minute. I'm still nervous when I go up, but you get used to it after a while. But that first minute, yeah, I'm nervous. Oh, that there's, I have a fear of heights and the so the the two, two things that still surprised me that I did is I climbed the Sydney bridge, Harbor Bridge, and, oh, there's another bridge. Where is it? Is it a Brisbane? They're both in Australia. Anyway. Climb them both and have a fear of heights. But I thought, no, I gotta, I gotta do this. You know, I can't be afraid of this my entire life. And I kept seeing all these people go up there in groups, you know, on tours. And so I said, Okay, I'm going to do this. And I was shaking nervous like crazy, and went, What if I fall off, you know, and there's so many different measures in place for to keep you safe. But that that was risky, you know, for me, it felt risky. I was exhilarated when I did it. Though, would you do it again? Oh, yeah, in a heartbeat. Now, there you go. I'm still afraid of heights, but I would do that again because I just felt fantastic. The other I guess going out and being self employed years ago was another risky thing. I had no idea, you know about incorporating myself, and, you know, submitting taxes, you know, business taxes, and, you know, government documents and all this and that, and invoicing and things like that. I had no idea about that. So that was kind of risky, because I had no idea how long I'd be doing it. Well, I started in what 2007, 2007, I think so, 18 years, yeah, so now it's like, I can't imagine myself not doing it, you know, so I'm but I'm always willing to try something new these days. You know, even starting the podcast seven and a half years ago was risky, right? I had no idea. Nobody was talking about my industry or resilience or business continuity or anything back then, I was the first one doing it, and I'm the longest one doing it. Um, I've outlived a lot of people who thought they could do it. I'm still going. So that started out risky, but now I. Imagine not doing it, yeah, you know. And you know, it's, you know, I guess it's, it's just fun to keep trying new things. You know, I keep growing and, you know, I've got other plans in the works. I can't give anything away, but, you know, I've got other plans to try. And they'll, they'll be risky as well. But it's like,   Michael Hingson ** 50:21 no, let's go for it. Have you ever done skydiving or anything like that? No, I haven't done that. I haven't either. I know some blind people who have, but I just, I've never done that. I wouldn't   Alex Fullick ** 50:32 mind it. It's that might be one of those lines where should I? I'm not sure about this one, you know, but it is something that I I think I wouldn't do it on my own. I think I would have to be one of those people who's connected with someone else, with someone   Michael Hingson ** 50:51 else, and that's usually the way blind people do it, needless to say, but, and that's fine, I just have never done it. I haven't ever had a need to do it, but I know I can sit here and say, I'm not afraid to do it. That is, I could do it if it came along, if there was a need to do it, but I don't. I don't have a great need to make that happen. But you know, I've had enough challenges in my life. As I tell people, I think I learned how to deal with surprises pretty early, because I've been to a lot of cities and like, like Boston used to have a rep of being a very accident prone city. Just the way people drive, I could start to cross the street and suddenly I hear a car coming around the corner, and I have to move one way or the other and draw a conclusion very quickly. Do I back up or do I go forward? Because the car is not doing what it's supposed to do, which is to stop, and I have to deal with that. So I think those kinds of experiences have helped me learn to deal with surprise a little bit too.   Alex Fullick ** 51:52 Yeah, well, with the skydiving, I don't think I'd go out of my way to do it, but exactly came along, I think I would, you know, just for the thrill of saying, I did it,   Michael Hingson ** 52:03 I did it, yeah, I went ice skating once, and I sprained my ankle as we were coming off the ice after being on the ice for three hours. And I haven't gone ice skating again since. I'm not really afraid to, but I don't need to do it. I've done it. I understand what it feels like. Yeah, yeah. So it's okay. Have you had any really significant aha moments in your life, things that just suddenly, something happened and went, Ah, that's that's what that is, or whatever.   Alex Fullick ** 52:30 Well, it does happen at work a lot, dealing with clients and people provide different perspectives, and you just, Oh, that's interesting, though, that happens all the time. Aha moments. Sometimes they're not always good. Aha moments, yeah, like the one I always remember that the most is when I wrote my first book, heads in the sand. I was so proud of it, and, you know, excited and sent off all these letters and marketing material to all the chambers of commerce across Canada, you know, thinking that, you know, everyone's going to want me to speak or present or buy my book. Well, ah, it doesn't happen that way. You know, I got no responses. But that didn't stop me from writing seven more books and working on nine. Now, there you go, but it was that was kind of a negative aha moment so, but I just learned, okay, that's not the way I should be doing that.   Michael Hingson ** 53:34 Put you in your place, but that's fair. I kind   Alex Fullick ** 53:37 of, I laugh at it now, a joke, but you know, aha, things you know, I You never know when they're going to happen.   Michael Hingson ** 53:47 No, that's why they're Aha, yeah.   Alex Fullick ** 53:51 And one of one, I guess another one would have been when I worked out first went out on my own. I had a manager who kept pushing me like, go, go work for yourself. You know this better than a lot of other people. Go, go do this. And I was too nervous. And then I got a phone call from a recruiting agency who was offering me a role to do where I wanted to take this company, but that I was working for full time for that weren't ready to go. They weren't ready yet. And it was kind of an aha moment of, do I stay where I am and maybe not be happy? Or have I just been given an opportunity to go forward? So when I looked at it that way, it did become an aha moment, like, Ah, here's my path forward. Yeah, so, you know. And that was way back in 2007 or or so somewhere around there, you know. So the aha moments can be good. They can be bad, and, you know, but as long as you learn from them, that's exactly   Michael Hingson ** 54:57 right. The that's the neat thing about. Aha moments. You don't expect them, but they're some of the best learning opportunities that you'll ever get.   Alex Fullick ** 55:06 Yeah, yeah, I agree completely, because you never know that. That's the nice thing, and I think that's also part of what I do when I'm working with so many different people of different levels is they all have different experiences. They all have different backgrounds. You they can all be CEOs, but they all come from a different direction and different backgrounds. So they're all going to be offering something new that's going to make you sit there and go, Oh, yeah. And thought of that before,   Michael Hingson ** 55:38 yeah. So that's, that's so cool, yeah,   Alex Fullick ** 55:42 but you have to, you know, be able to listen and pick up on those kind of things.   Michael Hingson ** 55:46 But you've been very successful. What are some of the secrets of success that that that you've discovered, or that you put to use?   Alex Fullick ** 55:55 For me, I'll put it bluntly, shut up and listen.   Michael Hingson ** 55:59 There you are. Yeah. Well, that is so true. That's true. Yeah.   Alex Fullick ** 56:03 I think I've learned more by just using my two ears rather than my one mouth, instead of telling people everything they you should be doing. And you know, this is what I think you should do. And like talking at people, it's so much better just talk with people, and then they'll, even if you're trying to, you know, really, really, really, get them to see your side, they will come onto your side easier and probably better if you let them realize it themselves. So you just listen, and you ask the odd probing question, and eventually comes around, goes, Oh, yeah, I get it. What you mean now by doing this and going, Yeah, that's where I was going. I guess I just wasn't saying it right, you know. And have being humble enough to, you know, even though I, I know I did say it right, maybe I just wasn't saying it right to that person, to that person, yeah, right way. So listening to them, and, you know, I think, is one of the big keys to success for me, it has, you know, and I've learned twice as much that way. And maybe that's why I enjoy answering people on the podcast, is because I ask a couple of questions and then just let people talk,   Michael Hingson ** 57:18 which is what makes it fun. Yeah,   Alex Fullick ** 57:21 yeah. It's sometimes it's fun to just sit there, not say anything, just let someone else do all the talking.   Michael Hingson ** 57:29 What you know your industry is, I would assume, evolved and changed over the years. What are some of the major changes, some of the ways that the industry has evolved. You've been in it a long time, and certainly, business continuity, disaster recovery, whatever you want to call it, has, in some sense, has become a little bit more of a visible thing, although I think people, as both said earlier, ignore it a lot. But how's the industry changed over time?   Alex Fullick ** 57:54 Well, when I started, it was before y 2k, yes, 96 and back then, when I first started, everything was it focused. If your mainframe went down, your computer broke. That's the direction everyone came from. And then it was you added business continuity on top of that. Okay, now, what do we do with our business operations. You know, other things we can do manually while they fix the computer or rebuild the mainframe. And then it went to, okay, well, let's bring in, you know, our help desk. You know, who people call I've got a problem with a computer, and here's our priority and severity. Okay, so we'll get, we'll respond to your query in 12 hours, because it's only one person, but if there's 10 people who have the issue, now it becomes six hours and bringing in those different aspects. So we went from it disaster recovery to business continuity to then bringing in other disciplines and linking to them, like emergency management, crisis management, business continuity, incident management, cyber, information security. Now we've got business continuity management, you know, bringing all these different teams together and now, or at least on some level, not really integrating very well with each other, but just having an awareness of each other, then we've moved to operational resilience, and again, that buzzword where all these teams do have to work together and understand what each other is delivering and the value of each of them. And so it just keeps growing in that direction where it started off with rebuild a mainframe to getting everybody working together to keep your operations going, to keep your partners happy, to keep your customers happy. You know, ensuring life safety is priority number one. When, when I started, life safety was, wasn't really thrown into the business continuity realm that much. It was always the focus on the business. So the these. The sky, the size and scope has gotten a lot bigger and more encompassing of other areas. And I wouldn't necessarily all call that business continuity, you know it, but it is. I see business continuity as a the hub and a wheel, rather than a spoke, to bring all the different teams together to help them understand, you know, hey, here's, here's how you've Incident Management, you know, help desk, service desk, here's how you help the Disaster Recovery Team. Here's how you can help the cyber team. Cyber, here's how you can actually help this team, you know, and being able to understand. And that's where the biggest change of things is going is now, more and more people are understanding how they really need to work together, rather than a silo, which you know, a lot of organizations still do, but it's those walls are starting to come down, because they can understand no One can do it alone. You have to work together with your internal departments, leadership, data analysts, who have to be able to figure out how to rebuild data, or your third parties. We need to talk with them. We have to have a relationship with them our supply chain, and understand where they're going, what they have in place, if we or they experience something. So it's definitely grown in size and scope   Michael Hingson ** 1:01:27 well, and we're seeing enough challenges that I think some people are catching on to the fact that they have to learn to work together, and they have to think in a broader base than they have in the past, and that's probably a good thing. Yeah, well, if, if you had the opportunity, what would you tell the younger Alex?   Alex Fullick ** 1:01:50 Run, run for the hills. Yeah, really, no, seriously, I kind of mentioned a couple of them already. Don't sweat the small things. You know, sometimes, yeah, and I think that comes down to our mindset thing as well. You know, understand your priorities and what's important. If it's not a priority or important, don't sweat it. Don't be afraid to take risks if you if you do your planning, whether it be jumping out of a plane or whatever, you know the first thing you want to do is what safety measures are in place to ensure that my jump will be successful. You know, those kind of things. Once you understand that, then you can make knowledgeable decisions. Don't be afraid to take those risks. And it's one of the big things. It's it's okay to fail, like I said about the book thing where you all those that marketing material I sent out, it's okay to fail. Learn from it. Move on. I can laugh at those kind of things now. You know, for years, I couldn't I was really like, oh my god, what I do wrong? It's like, No, I didn't do anything wrong. It just wasn't the right time. Didn't do it the right way. Okay, fine, move on. You know, you know, don't be afraid to fail. If, if you, if you fail and get up, well then is it really a failure? You learned, you got back up and you kept going. And that's the part of resilience too, right? Yeah, if you trip and fall, you get up and keep going. But if you trip and fall and stay down, well then maybe you are   Michael Hingson ** 1:03:30 failing. That's the failure. I mean, the reality is that it isn't failure if you learn from it and move on. It was something that set you back, but that's okay, yeah,   Alex Fullick ** 1:03:41 my my favorite band, Marillion, has a line in one of their songs rich. Failure isn't about falling down. Failure is staying down. Yeah,   Michael Hingson ** 1:03:50 I would agree with that. Completely agree   Alex Fullick ** 1:03:53 with it. He'll stand by it. W

Listen to this episode of the ORX Operational Risk Podcast to hear the ORX News team cover the top five largest operational risk losses of April 2025, including the top losses for insurance, the US and other global regions. In addition, the team focus on operational resilience including covering a story about the power cut which severely impacted financial services in Spain and Portugal last month, and a cyber incident still affecting retail giant, Marks and Spencer, over a month after the incident was first reported. You can find the top 5 largest operational risk losses of April 2025 discussed in this episode on our website at: https://orx.org/blog/top-5-orx-news-losses-april-2025 You can also read our blog on ‘Building operational resilience' on our website here: https://orx.org/blog/building-operational-resilience ORX News subscribers can find out more about the stories covered in this episode on the ORX News website here: https://news.orx.org/node/13106 and https://news.orx.org/node/13107. You can view the highlights from the Q1 2025 ORX News information session on our website here: https://orx.org/blog/highlights-orx-news-information-session-q1-2025 ORX News subscribers can find out more and access the recording of the Q1 2025 information session, as well as register for the Q2 2025 information session on our website at: https://orx.org/events/orx-news-quarterly-information-sessions-2025 To find out more about ORX News, ORX Membership, and access other operational risk resources, just search ‘ORX' or visit: www.orx.org.   

No matter the economic climate, regularly reviewing operational expenses is key to staying aligned with your growth goals. In this episode, Jamie sits down with Polaris Fractional COO Executive Adin Bradley to share practical tips for streamlining spending, boosting efficiency, and building a more resilient business ready to weather any storm.

ServiceNow, the AI platform for business transformation, and Aptiv PLC, a leading global technology company focused on making the world safer, greener, and more connected with advanced software defined solutions, has announced a strategic partnership focused on driving intelligent automation and operational resilience across telco, automotive, enterprise, and industrial sectors. Combining the strength of the ServiceNow Platform with Aptiv's virtualisation platform enabled by Wind River cloud and Linux solutions - the partnership will drive greater automation and efficiency for telco and enterprise customers, with a shared vision to transform how connectivity powers the future of mobility and industrial sectors. Aptiv has also selected ServiceNow to help scale enterprise intelligence and unlock value across its organisation. Businesses face mounting pressures navigating a dynamic global landscape, while ensuring operational efficiency and continuous improvements in customer service. The collaboration between ServiceNow and Aptiv will deliver a powerful, scalable solution that connects real time data from complex, asset heavy systems with digital enterprise processes, enabling smarter decisions, faster response times, and operational agility for customers across industries. "The AI world doesn't respect organisational boundaries. It takes innovative partnerships to deliver on the potential of intelligent systems. ServiceNow and Aptiv are creating new possibilities for how industries operate, transform, and grow through next generation platforms," said ServiceNow Chairman and CEO Bill McDermott. "Together we will deliver precision, speed, and resilience in every workflow, in every sector, around the world." "Our edge to cloud solutions are purpose built for the world's most demanding environments - where safety, security, and performance are mission critical," said Kevin Clark, Chair and Chief Executive Officer, Aptiv. "With ServiceNow, we're applying the same real time, systems level intelligence that powers next generation mobility and infrastructure to the enterprise, transforming manual processes into integrated workflows that will drive operational resilience, efficiency, and performance for our customers across industries." ServiceNow's AI powered CRM workflows that connect the full telco customer lifecycle will integrate with Aptiv solutions including the Wind River Cloud Platform, a cloud native, on premises, private cloud solution, and Wind River eLxr Pro, an enterprise Linux offering for AI and mission critical workloads. Through the integration, customers are able to manage their assets through a cloud computing approach rather than traditional software. The collaboration is designed to support: Real time insights: Secure, low latency cloud deployments to ensure faster decision making and greater agility. End to end connectivity: Transforms cumbersome, manual processes into streamlined, automated workflows to enable greater connectivity and efficiency across the entire value chain. Security and scalability: Delivers robust data orchestration and management tools to handle complex workloads while ensuring regulatory compliance. The integration of ServiceNow CRM capabilities with Aptiv's platforms and technology from Wind River will enable customers to manage their own infrastructure with greater control, security, and reliability. New capabilities for virtualising and managing network functions will empower customers to achieve increased agility, flexibility, and cost effectiveness. Across industries, demand is rising for real time, intelligent systems that are secure, scalable, and reliable. Aptiv's platform powers mission critical applications from the edge to the cloud, enabling customers to capture and act on data where it's generated in vehicles, aircraft, factories, and networks. The collaboration will bring together Aptiv's edge intelligence and real time systems with ServiceNow's enterprise automation and AI ...

Regulated firms with third party service providers or those undergoing digital transformation by either procuring new technology, developing their own or undergoing a technology migration, will need to take a proactive approach to potential areas of vulnerability and invest in their resilience. In this podcast episode, David Shone, Martijn Stolze and Tabitha Harris discuss the impact of these regimes and they also cover: What DORA is, and what challenges is it designed to address The major points of difference between the UK and EU regimes Key aspects regulated firms should watch out for

In this episode of SolarWinds TechPod, hosts Chrystal Taylor and Sean Sebring explore the key differences between monitoring and observability with guest Jeff Stewart, GVP of Product Management at SolarWinds. Observability goes beyond traditional monitoring, offering AI-driven insights and a holistic view of system health. Like understanding the anatomy of the body, observability reveals how IT systems are interconnected—where one issue can ripple across the entire environment. They discuss how businesses can leverage observability to reduce downtime, improve efficiency, and stay ahead in a rapidly evolving tech landscape. © 2025 SolarWinds Worldwide, LLC. All rights reserved

George Toumbev, Chief Commercial Officer, NatWest Boxed BaaS provider NatWest Boxed has gone live with its first customer, the AA, which will use Boxed's embedded finance platform to offer financial products to millions of personal breakdown members and insurance customers as well as the broader market. The venture marks the first time 2 leading UK brands have agreed a strategic partnership to embed financial services into the customer journey. Robin Amlôt of IBS Intelligence discusses the new offering with NatWest Boxed's CCO George Toumbev.

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Safeguarding Operations: The Role of Cybersecurity in IT and OT EnvironmentsPub date: 2025-03-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow is joined by Peter Jackson, a seasoned expert from New Zealand with a robust background in industrial automation and cybersecurity. Together, they unravel the intricacies of balancing security with reliable operations and explore the evolving landscape of OT cybersecurity in critical infrastructure. Listen in as they discuss everything from the importance of safe operations and risk management to the nuances of vulnerability management in diverse industrial environments.  Whether you're an OT professional or an IT practitioner, this episode is packed with insights that cater to both ends of the spectrum, all shared with a passion for protecting the future of our interconnected systems.    Key Moments:  05:22 Bridging IT and OT Silos 14:53 Business Risk Beyond Cyber Concerns 17:46 "OT Security Risks in Business" 25:46 Simplifying Complex OT Management 30:10 Cybersecurity Misunderstandings in Safety Systems 36:58 Prioritizing Systems and Security Integration 39:51 Improving Business Trust Tolerance Journey 44:42 Hesitancy and Future of OT Cloud 52:07 Operational Resilience and Risk Reduction 55:26 "Assessing System Security Strategies" 58:59 Network Security Maturity Strategies 01:05:00 "Improving IT Resilience and Preparedness" 01:13:43 "Towards Improved System Security Awareness" 01:15:03 Continuous Security Improvement Basics 01:20:00 Safety First: A Unique Culture About the guest :  Peter Jackson is a passionate and dedicated professional in the field of Operational Technology (OT) security. As a long-time admirer of the work done by Tails, Peter has cultivated a deep connection with fellow enthusiasts, sharing a common bond and commitment to the industry. Emphasizing the importance of collaboration and personal interaction, he has valued opportunities to gather around the table, exchange ideas, and strengthen the sense of community among peers. Despite the challenges posed by the pandemic, Peter adapted to remote work but now relishes the return to in-person engagements, where he can once again partake in the vibrant exchange of knowledge and camaraderie that is integral to his professional identity. Feel free to follow Peter on LinkedIn: https://www.linkedin.com/in/peterjnz/ If you're interested in the NZ ICS/OT cyber community: https://icscyber.org.nz If you're interested in the work that he does with the SGS team: https://www.sgs.com/en/services/operational-technology-cyber-safety  or email global.otcyber@sgs.com Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this episode, host Tessa Norman is joined by Duncan Scott and Rory Spedding-Jones from PwC's Technology, Data and Resilience practice, to delve into the topic of operational resilience. Our expert guests reflect on financial services firms' ongoing operational resilience journeys, how these are likely to evolve beyond the March 2025 UK implementation deadline, and how regulatory expectations are changing. Our guests also explore the evolving resilience landscape in response to changing threats and market expectations, as well as the transformative potential for AI and other technologies to enhance firms' resilience capabilities, drive efficiencies and add value in the short and long term.You can contact our PwC speakers if you'd like to discuss any of the topics covered, at tessa.norman@pwc.com, duncan.j.scott@pwc.com and rory.spedding-jones@pwc.com.  To hear more from us on financial services risk & regulation, you can access all our regular publications at this site: https://www.pwc.co.uk/industries/financial-services/understanding-regulatory-developments.html. 

When a cyber crisis strikes, leaders face intense pressure to make rapid decisions that can determine the fate of their organizations.  In this episode, I sit down with Dan Potter, Senior Director of Operational Resilience at Immersive, to explore how leaders can effectively manage high-stakes cyber incidents. From major crises like MOVEit and Log4J to the evolving landscape of AI-driven threats, Dan shares practical insights on what businesses can learn from past events to strengthen their response strategies. We discuss the key components of a well-structured decision-making framework, how to maintain strategic focus under pressure, and why trust and psychological safety within teams are essential during a crisis. Dan also walks us through a checklist for effective leadership before, during, and after a cyber event, emphasizing the importance of continuous, hands-on training to build organizational resilience. With cyber threats becoming more sophisticated and unavoidable, organizations need more than just technical defenses—they need leaders who can navigate uncertainty and execute decisive action. Tune in to learn how to transform crisis management from a reactive scramble into a well-prepared, strategic response. Are today's business leaders truly ready for the next cyber crisis? Let's find out.  

Steve Britain, CEO, Monument TechnologyMonument Technology's Banking-Platform-as-a-Service model is a tribute to Monument Bank, which has scaled from £1 billion in assets to £5 billion in the last 12 months. The bank created its tech stack through a combination of best-in-class solutions together with its own tech where the latter could act as a differentiator. Steve Britain, now CEO of Monument Technology was previously COO of the bank. He speaks to Robin Amlôt of IBS Intelligence about the decision to go into the bank-in-a-box business.

Davis DeRodes, Lead Data Scientist, Fusion Risk ManagementLast year's CrowdStrike failure firmly put the need for robust scenario testing under the global spotlight. Online and app outages at some of the UK's biggest banks in early 2025 have only served to underline the need to ensure operational resilience. Davis DeRodes, Lead Data Scientist at Fusion Risk Management speaks to Robin Amlôt of IBS Intelligence about current trends in scenario testing and says 2025 will be the year of the AI agent.

Anil Kollipara "You shouldn't wait around. You should be out there trying to break it, to fix it in advance," says Anil Kollipara, Vice President, Product Management, Spirent. In this edition of Technology Reseller News, publisher Doug Green sits down with Anil Kollipara, Vice President, Product Management at Spirent, to discuss a critical theme in modern telecom: operational resilience. As Mobile World Congress (MWC) approaches, the industry faces growing demands for always-on, secure, and reliable networks. Kollipara explains why continuous testing, security validation, and AI-driven automation are now essential for maintaining uptime and mitigating risk. The New Reality: Why Telecoms Must Build Resilience Now With telcos under pressure to launch new services, comply with increasing regulations, and secure networks against evolving threats, operational resilience has become a business imperative. Kollipara highlights key challenges: Rising Complexity – With 5G, cloud-native architectures, Open RAN, and AI, networks are more complex than ever, spanning multiple vendors and increasing risks. Security Threats & Compliance – As attack surfaces expand, regulators are enforcing stricter security and uptime requirements, making compliance failures costly. Customer Expectations – Downtime isn't an option. Even a short service disruption can lead to frustration, revenue loss, and customer churn. Why Traditional Testing Fails Kollipara explains that traditional telecom testing models are outdated. Many operators still assume their vendors will handle testing, which is no longer a viable approach. Recent real-world incidents, such as supply chain vulnerabilities, have cost companies hundreds of millions in losses. He emphasizes that telcos must own their testing process and adopt a zero-trust change management approach: Proactive vs. Reactive Testing – Instead of waiting for failures, operators should continuously test, stress, and break their networks in controlled environments before customers feel the impact. Continuous Testing Pipeline – A lab-to-live methodology ensures that networks are resilient at every stage—from pre-launch simulations to real-time service monitoring. Security & AI-Driven Automation – AI-powered fault detection, remediation, and security testing can predict and prevent outages before they occur. The ROI of Continuous Testing While continuous testing may seem costly, the return on investment (ROI) is undeniable. Kollipara outlines key benefits: Massive Cost Avoidance – Avoid fines, legal costs, and customer losses from regulatory non-compliance or service disruptions. Operational Efficiency – AI and automation reduce reliance on manual testing, cutting costs while increasing accuracy and speed. Customer Retention & Revenue Growth – A more reliable network leads to higher customer satisfaction, reduced churn, and new monetization opportunities. Trends to Watch at Mobile World Congress As MWC 2025 kicks off, AI-driven testing, cloud-native resilience, and next-gen security strategies will be major talking points. Kollipara teases some of the latest innovations Spirent will showcase: AI Agents for Network Operations – Accelerating root cause analysis and remediation of issues in real-time. SCNF Resiliency Testing – A new test category focused on validating how telecom applications behave in cloud-native failures. 5G & Edge Security Strategies – How operators can harden security as networks expand beyond traditional data centers. Learn More & Meet Spirent at MWC For a deeper dive into operational resilience, continuous testing, and AI-driven automation, visit Spirent's website. If you're attending Mobile World Congress, be sure to connect with Anil Kollipara and the Spirent team for expert insights into the future of telecom resilience. Description of Spirent: Spirent Communications plc.

Want the secrets to building a resilient business and learn how to future-proof your entrepreneurial journey with insights from our guest, Phil Portman. Listen as Phil shares his inspiring transformation from a difficult upbringing to becoming a successful entrepreneur, motivated by the desire to secure a stable future for his autistic son. Discover the importance of moving from micromanaging to empowering your team and creating systems that ensure your business can thrive independently, even in your unexpected absence. Phil's personal anecdotes shed light on crucial strategies, including estate planning and key person life insurance, that safeguard your business legacy. Stay ahead of the curve in communication technology with our exploration of the rising trend of text messaging in the U.S., particularly among those under 50. Phil and I discuss the immediacy and convenience of text messaging in urgent scenarios, illustrated by personal stories. We also tackle the challenges posed by spam and phishing, unveiling how the industry, alongside Phil's company Textdrip, is innovating solutions like delivery tracking and spam prevention. This episode is a compelling blend of business wisdom and tech insights, designed to equip you with the knowledge to both secure your business operations and enhance your communication strategies.   Timestamps 00:00:00 - Introduction and Welcome to Business Legacy Podcast 00:00:37 - Phil Portman's Early Life and Motivation for Entrepreneurship 00:02:15 - Transition from Micromanaging to Empowering the Team 00:04:00 - The Importance of Estate Planning and Key Person Life Insurance 00:05:30 - Personal Anecdote: Business Associate's Health Crisis and Lessons Learned 00:07:00 - Strategies for Operational Resilience and Testing Systems 00:09:00 - Introduction to Text Messaging as a Preferred Communication Method 00:10:15 - Personal Experiences with the Convenience of Text Messaging 00:11:30 - Industry Challenges: Spam and Phishing in Text Messaging 00:12:51 - Textdrip's Innovative Solutions for Delivery Tracking and Spam Prevention 00:15:00 - Early Development and Challenges in Creating Textdrip 00:17:00 - Success in Targeting the Insurance Industry with Textdrip 00:18:45 - Advantages of Text Messaging Over Traditional Communication Methods 00:20:15 - Threats and Solutions for Future Text Messaging Security 00:22:30 - Ensuring High Deliverability and Accurate Reporting with Textdrip 00:24:00 - Case Study: Overwhelming Success of a Text Campaign 00:26:00 - The Importance of Personalized Customer Service at Textdrip 00:27:30 - Closing Remarks and Information on Trying Textdrip and Following Phil Portman   Episode Resources: Check out what Phil is up to at Textdrip here: https://textdrip.com/ Legacy Podcast: For more information about the Legacy Podcast and its co-hosts, visit businesslegacypodcast.com. Leave a Review: If you enjoyed the episode, leave a review and rating on your preferred podcast platform. For more information: Visit businesslegacypodcast.com to access the shownotes and additional resources on the episode.

In this episode, Jeffrey discusses the State of Resilience Report from Cockroach Labs. This is Part 4 of 4. Each week, Jeffrey will be sharing his knowledge on Service Delivery (Mondays) and Service Management (Thursdays). Jeffrey is the founder of Service Management Leadership, an IT consulting firm specializing in Service Management, Asset Management, CIO Advisory, and Business Continuity services.  The firm's website is www.servicemanagement.us.   Jeffrey has been in the industry for 30 years and brings a practical perspective to the discussions. He is an accomplished author with seven acclaimed books in the subject area and a popular YouTube channel with approximately 1,500 videos on various topics.  Also, please follow the Service Management Leadership LinkedIn page.

In this episode, Jeffrey discusses the State of Resilience Report from Cockroach Labs. This is Part 3 of 4. Each week, Jeffrey will be sharing his knowledge on Service Delivery (Mondays) and Service Management (Thursdays). Jeffrey is the founder of Service Management Leadership, an IT consulting firm specializing in Service Management, Asset Management, CIO Advisory, and Business Continuity services.  The firm's website is www.servicemanagement.us.   Jeffrey has been in the industry for 30 years and brings a practical perspective to the discussions. He is an accomplished author with seven acclaimed books in the subject area and a popular YouTube channel with approximately 1,500 videos on various topics.  Also, please follow the Service Management Leadership LinkedIn page.

Trăim într-o lume a schimbării continue: de la primele monede, la cardurile bancare și, în ziua de azi, la asset-uri digitale, modul în care efectuăm plăți a evoluat constant.Nu e, însă, singurul lucru în schimbare. Riscurile informatice din prezent sunt un pericol constant, iar instituțiile financiar-bancare sunt printre cele mai des vizate ținte. Îmbinând digitalizarea cu protecția informatică, Uniunea Europeană a conceput DORA, sau Digital Operational Resilience Act, ale cărui aspecte, fie ele reușite sau nu, le-am dezbătut în această ediție.Invitata lui Marian Hurducaș și a colegului său de Upgrade 100 Live Talks în ediție Digitalination, Radu Puchiu, expertul în e-guvernare al Upgrade 100: Raluca Micu, economistă și Șefa Serviciului Monitorizarea plăților și instrumentelor de plată, BNR.

Kimberley Cole hosts Risky Women Radio with guests Carol Beaumier and Bernadine Reese to discuss the top compliance issues in 2025. They reflect on 2024, highlighting the impact of US Supreme Court decisions on regulatory authority and a UK court ruling on discretionary commissions. They discuss the importance of AI in compliance, the need for dynamic risk assessments, and the challenges of global alignment on regulations. Key priorities for 2025 include AI, financial crime, operational resilience, and third-party risk management. They emphasize the importance of leveraging technology, ongoing training, and focusing on outcomes to improve compliance effectiveness. SHOW NOTES 04:42 Review of 2024 Compliance Developments 11:17 2025 Compliance Priorities and Regional Views 17:12 Unique Considerations for Compliance Organizations 24:21 Regional Challenges and Horizon Scanning 29:20 Final Recommendations for Compliance Departments

In this episode, Jeffrey discusses the State of Resilience Report from Cockroach Labs. This is Part 2 of 4. Each week, Jeffrey will be sharing his knowledge on Service Delivery (Mondays) and Service Management (Thursdays). Jeffrey is the founder of Service Management Leadership, an IT consulting firm specializing in Service Management, Asset Management, CIO Advisory, and Business Continuity services.  The firm's website is www.servicemanagement.us.   Jeffrey has been in the industry for 30 years and brings a practical perspective to the discussions. He is an accomplished author with seven acclaimed books in the subject area and a popular YouTube channel with approximately 1,500 videos on various topics.  Also, please follow the Service Management Leadership LinkedIn page.

From online banking to mobile payments, nearly every aspect of our financial lives relies on digital systems. This reliance has brought incredible convenience, but it also means that any disruption — whether due to cyberattacks, system failures, or operational incidents— can have severe consequences.    The Digital Operational Resilience Act (DORA) provides the framework to ensure that financial entities have robust measures to withstand and recover from disruptions. By addressing vulnerabilities in this highly digitized ecosystem, DORA not only protects financial institutions but also safeguards the stability and well-being of the European society as a whole. Madelein van der Hout, Senior Analyst at Forrester, joins Business Security Weekly to discuss why DORA is important, how prepared financial institutions are, the consequences of failing to comply, and the impact these regulations will have outside of the EU, including fines up to 2% of global annual turnover or €10 million—whichever is higher. In the leadership and communications segment, Cybersecurity Responsibilities Across the C-Suite: A Breakdown for Every Executive, Humble Leaders Inspire Others to Step Up, Effective Communication in the Workplace, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-381

From online banking to mobile payments, nearly every aspect of our financial lives relies on digital systems. This reliance has brought incredible convenience, but it also means that any disruption — whether due to cyberattacks, system failures, or operational incidents— can have severe consequences.    The Digital Operational Resilience Act (DORA) provides the framework to ensure that financial entities have robust measures to withstand and recover from disruptions. By addressing vulnerabilities in this highly digitized ecosystem, DORA not only protects financial institutions but also safeguards the stability and well-being of the European society as a whole. Madelein van der Hout, Senior Analyst at Forrester, joins Business Security Weekly to discuss why DORA is important, how prepared financial institutions are, the consequences of failing to comply, and the impact these regulations will have outside of the EU, including fines up to 2% of global annual turnover or €10 million—whichever is higher. Show Notes: https://securityweekly.com/bsw-381

From online banking to mobile payments, nearly every aspect of our financial lives relies on digital systems. This reliance has brought incredible convenience, but it also means that any disruption — whether due to cyberattacks, system failures, or operational incidents— can have severe consequences.    The Digital Operational Resilience Act (DORA) provides the framework to ensure that financial entities have robust measures to withstand and recover from disruptions. By addressing vulnerabilities in this highly digitized ecosystem, DORA not only protects financial institutions but also safeguards the stability and well-being of the European society as a whole. Madelein van der Hout, Senior Analyst at Forrester, joins Business Security Weekly to discuss why DORA is important, how prepared financial institutions are, the consequences of failing to comply, and the impact these regulations will have outside of the EU, including fines up to 2% of global annual turnover or €10 million—whichever is higher. In the leadership and communications segment, Cybersecurity Responsibilities Across the C-Suite: A Breakdown for Every Executive, Humble Leaders Inspire Others to Step Up, Effective Communication in the Workplace, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-381

From online banking to mobile payments, nearly every aspect of our financial lives relies on digital systems. This reliance has brought incredible convenience, but it also means that any disruption — whether due to cyberattacks, system failures, or operational incidents— can have severe consequences.    The Digital Operational Resilience Act (DORA) provides the framework to ensure that financial entities have robust measures to withstand and recover from disruptions. By addressing vulnerabilities in this highly digitized ecosystem, DORA not only protects financial institutions but also safeguards the stability and well-being of the European society as a whole. Madelein van der Hout, Senior Analyst at Forrester, joins Business Security Weekly to discuss why DORA is important, how prepared financial institutions are, the consequences of failing to comply, and the impact these regulations will have outside of the EU, including fines up to 2% of global annual turnover or €10 million—whichever is higher. Show Notes: https://securityweekly.com/bsw-381

In this episode, Jeffrey discusses the State of Resilience Report from Cockroach Labs. This is Part 1 of 4. Each week, Jeffrey will be sharing his knowledge on Service Delivery (Mondays) and Service Management (Thursdays). Jeffrey is the founder of Service Management Leadership, an IT consulting firm specializing in Service Management, Asset Management, CIO Advisory, and Business Continuity services.  The firm's website is www.servicemanagement.us.   Jeffrey has been in the industry for 30 years and brings a practical perspective to the discussions. He is an accomplished author with seven acclaimed books in the subject area and a popular YouTube channel with approximately 1,500 videos on various topics.  Also, please follow the Service Management Leadership LinkedIn page.

Catherine Castaldo, Christian Leuthner and Asélle Ibraimova  break down DORA, the Digital Operational Resilience Act, which is new legislation that aims to enhance the cybersecurity and resilience of the financial sector in the European Union. DORA sets out common standards and requirements for these entities so they can identify, prevent, mitigate and respond to cyber threats and incidents as well as ensure business continuity and operational resilience. The team discusses the implications of DORA and offers insights on applicability, obligations and potential liability for noncompliance. This episode was recorded on 17 January 2025. ----more---- Transcript:  Intro: Hello, and welcome to Tech Law Talks, a podcast brought to you by Reed Smith's Emerging Technologies Group. In each episode of this podcast, we will discuss cutting-edge issues on technology, data, and the law. We will provide practical observations on a wide variety of technology and data topics to give you quick and actionable tips to address the issues you are dealing with every day.  Catherine: Hi, everyone. I'm Catherine Castaldo, a partner in the New York office of Reed Smith, and I'm in the EmTech Group. And I'm here today with my colleagues, Christian and Asélle, who I'll introduce themselves. And we're going to talk to you about DORA. Go ahead, Christian. Christian: Hi, I'm Christian Leuthner. I'm a Reed Smith partner in the Frankfurt office, focusing on IT and data protection law.  Asélle: And I'm Asélle Ibraimova. I am a council based in London. And I'm also part of the EmTech group, focusing on tech, data, and cybersecurity.  Catherine: Great. Thanks, Asélle and Christian. Today, when we're recording this, January 17th, 2025, is the effective date of this new regulation, commonly referred to as DORA. For those less familiar, would you tell us what DORA stands for and who is subject to it? Christian: Yeah, sure. So DORA stands for the Digital Operational Resilience Act, which is a new regulation that aims to enhance the cybersecurity and resilience of the financial sector in the European Union. It applies to a wide range of financial entities, such as banks, insurance companies, investment firms, payment service providers, crypto asset service providers, and even to critical third-party providers that offer services to the financial sector. DORA sets out common standards and requirements for these entities to identify, prevent, mitigate, and respond to cyber threats and incidents as well, as to ensure business continuity and operational resilience.  Catherine: Oh, that's comprehensive. Is there any entity who needs to be more concerned about it than others, or is it equally applicable to all of the ones you listed?  Asélle: I can jump in here. So DORA is a piece of legislation that wants to respect proportionality and allow organizations to deal with DORA requirements that will be proportionate to their size, to the nature of the cybersecurity risks. So, for example, micro-enterprises or certain financial entities that have only a small number of members will have a simplified ICT risk management framework under DORA. I also wanted to mention that DORA applies to financial entities that are outside of the EU, but provide services in the EU so they will be caught. And maybe just to also add in terms of the risks. It's not only the size of the financial entities that matter in terms of how they comply with the requirements of DORA, but also the cybersecurity risk. So let's say an ICT third-party service provider, the risk of that entity will depend on the nature of that service, on the complexity, on whether that service supports critical or important function of the financial entity, generally dependence on ICT service provider and ultimately on its potential to disrupt the services of that financial entity.  Catherine: So some of our friends might just be learning about this by listening to the podcast. So what does ICT stand for, Asélle?  Asélle: It is informational communication technology. So in other words, it's anything that a financial entity receives as a service or a product digitally. It also covers ICT services provided by a financial entity. So, for example, if a financial entity offers a platform for fund or investment management or a piece of software or its custodian services are provided digitally, those services will also be considered an ICT service. And those financial entities will need to cover their customer-facing contracts as well and make sure DORA requirements are covered in the contracts.  Catherine: Thank you for that. What are some of the risks for noncompliance? Christian: The risks for noncompliance with DORA are significant and could entail both financial and reputational consequences. First of all, DORA empowers the authorities to impose administrative sanctions and corrective measures on entities that breach its provisions. Which could range from warnings and reprimands to fines and penalties to withdrawals of authorization and licenses, which could have significant impact on the business of all the entities. The level of sanctions and measures will depend on the nature, gravity and duration of the breach, as well as on the entity's cooperation and remediation efforts. So better be positive to help the authority in case they identify the breach. Second, non-compliance with DORA could also expose entities to legal actions and claims from the customers, investors, or other parties that might suffer losses or damages as a result of cyber incident or disruption of service. And third, non-compliance with DORA could also damage the entity's reputation and trustworthiness in the market and affect its competitive advantage and customer loyalty. Therefore, entities should take DORA seriously and ensure that they comply with its requirements and expectations.  Catherine: If I haven't been able to start considering DORA, and I think it might be applicable to me, where should I start?  Asélle: It's actually a very interesting question. So from our experience. We see large financial entities such as banks, etc. Look at this comprehensively. Comprehensively, obviously, all financial entities had quite a long time to prepare, but large organizations seem to look at it more comprehensively and have done the proper assessment of whether or not their services are caught. But we are still getting quite a few questions in terms of whether or not DORA applies to a certain financial entity type. So I think there are quite a few organizations out there who are still trying to determine that. But once that's clear although DORA itself is quite a long kind of piece of legislation, in actual fact, it is further clarified in various regulatory technical standards and implementing technical standards, and they clarify all of the cybersecurity requirements that actually appear quite generic in DORA itself. So those RTS and ITS are quite lengthy documents and are all together around 1,000 pages. So that's where kind of the devil is in the detail there and organizations will find it may appear quite overwhelming. So I would start by assessing whether DORA applies, which services, which entities, which geographies. Once that's determined, it's important to identify whether financial entities' own services may be deemed ICT services, as I just explained earlier. The next step in my mind would be to check whether the services that are caught also support critical or important functions, and also when kind of making registries of third party ICT service providers, also making sure, kind of identifying those separately. And the reason is quite a few of the requirements, additional requirements applied to critical and important functions. For example, the incident reporting obligations and requirements in terms of contractual agreements. And then I would look at updating contracts, first of all, with important ICT service providers, then also checking if customer-facing contracts need to be updated if the financial entity is providing ICT services itself. And also not forgetting the intra-group ICT agreements where, for example, a parent company is providing data storage or word processing services to its affiliates in Europe. So they should be covered as well.  Catherine: If we were a smaller company or a company that interacts in the financial services sector, can we think of an example that might be helpful for people listening on how I could start? Maybe what's the example of a smaller or middle-sized company that would be subject to this? And then who would they be interacting with on the ICT side?  Asélle: Maybe an example of that could be an investment fund or a pensions provider. I think most of this compliance effort when it comes to DORA will be driven by in-house cybersecurity teams. So they will be updating their risk management and risk frameworks. But any updates to policies, whenever they have to be looked at, I think will need to be reviewed by legal and incident reporting policies, contract management policies, I don't think they depend on size. If there are ICT service providers supporting critical or important functions, additional requirements will apply regardless of whether you're a small or a large organization. It's just the measures will depend on what level of risk, say, certain ICT service provider presents. So if this internal cybersecurity team has kind of put, you know, all the risk, all the IST assets in buckets and all the third-party IST services in various buckets based on criticality, then that would make the job of legal and generally compliance much easier. However, what we're seeing right now is that all of that work is happening all at the same time in parallel as people are rushing to get compliance. So that will mean that there may be gaps and inconsistencies and I'm sure they can be patched later.  Catherine: Thank you for that. So just another follow-up question, maybe Christian can respond, would my data center contract be subject to DORA regulations if I was a financial services entity? Christian: It's worth to look into that and see if it's an ICT provider that you use to provide your services. So I'm pretty sure you need to look into that and see if you can implement at least the contractual requirements that arise from DORA.  Asélle: I would just add to support Christian's response and say that the definition of ICT services is quite broad and covers digital and data services provided through ICT systems. So, I mean, as you can see, it's just so generic and I'm pretty sure it would cover data centers, but I guess not directly because say a financial entity was receiving a service of a cloud service provider, then data centers are probably a second or third kind of level subcontractor. And unfortunately, or fortunately, DORA has very detailed requirements in terms of subcontracting and the obligations don't stop at a certain level. Therefore, data centers are likely to be caught somehow and will be receiving DORA addenda to their contracts.  Catherine: Thank you for that clarification. I was, like probably many people have tried to digest this regulation, a little confused on how broad the coverage for information and communication technology went. But that's very helpful then, I'm sure. Any final thoughts?  Asélle: We are helping a few organizations and learning a lot as we work with them. And the legislation is pretty complex and requires in-house teams to work together as well. And Christian and I would be very happy to assist and navigate this complex framework. Christian: And if you haven't started yet, of course, it's a huge regulation. There's so many requirements to tackle, but there's one day you have to start. So then start today, look into it, and implement the requirements that arise from DORA.  Catherine: Well, thank you so much, Christian and Asélle, and everybody, as we said before, we're talking about DORA today, because today, January 17th, is the day that it becomes effective. So if, like Christian said, you haven't started, today's a good day to start. And I'm sure you can reach out to one of my colleagues to get some assistance. Thanks for joining. Christian: Thanks for having us, Catherine.  Asélle: It was a pleasure. Thank you.  Outro: Tech Law Talks is a Reed Smith production. Our producers are Ali McCardell and Shannon Ryan. For more information about Reed Smith's emerging technologies practice, please email techlawtalks@reedsmith.com. You can find our podcasts on Spotify, Apple Podcasts, Google Podcasts, reedsmith.com, and our social media accounts.  Disclaimer: This podcast is provided for educational purposes. It does not constitute legal advice and is not intended to establish an attorney-client relationship, nor is it intended to suggest or establish standards of care applicable to particular lawyers in any given situation. Prior results do not guarantee a similar outcome. Any views, opinions, or comments made by any external guest speaker are not to be attributed to Reed Smith LLP or its individual lawyers.  All rights reserved.  Transcript is auto-generated.

The deadline for the EU's Digital Operational Resilience Act (DORA) has arrived. This regulation applies to most financial entities operating in the EU market and impacts a broad range of third-party providers of technology-related services. In this episode of Connected with Latham, Christian McDermott and Alain Traill explore the key changes introduced by DORA, its broad territorial scope, the types of entities that will be impacted, and what compliance is likely to involve for each of them.   This podcast is provided as a service of Latham & Watkins LLP. Listening to this podcast does not create an attorney client relationship between you and Latham & Watkins LLP, and you should not send confidential information to Latham & Watkins LLP. While we make every effort to assure that the content of this podcast is accurate, comprehensive, and current, we do not warrant or guarantee any of those things and you may not rely on this podcast as a substitute for legal research and/or consulting a qualified attorney. Listening to this podcast is not a substitute for engaging a lawyer to advise on your individual needs. Should you require legal advice on the issues covered in this podcast, please consult a qualified attorney. Under New York's Code of Professional Responsibility, portions of this communication contain attorney advertising. Prior results do not guarantee a similar outcome. Results depend upon a variety of factors unique to each representation. Please direct all inquiries regarding the conduct of Latham and Watkins attorneys under New York's Disciplinary Rules to Latham & Watkins LLP, 1271 Avenue of the Americas, New York, NY 10020, Phone: 1.212.906.1200

We're delighted to share the first episode in this short legal insights podcast series where we explore some of the legal risks that operational disruptions pose to financial services in this evolving, technology-driven, global enterprise landscape.   In this episode, our speakers discuss the operational risks associated with the UK's Senior Managers and Certification Regime (SMCR).

**Anzeige** Cyberangriffe sind in der heutigen Wirtschaftswelt allgegenwärtig und besonders die Finanzindustrie mit ihren wertvollen Daten gerät zunehmend ins Visier. Der von der EU verabschiedete Digital Operational Resilience Act (DORA) soll die digitale Widerstandsfähigkeit der Branche stärken. Die Umsetzungsfrist bis zum 17. Januar 2025 stellt für Finanzunternehmen und ihre IT-Drittanbieter eine erhebliche Herausforderung dar. Wie gut sind sie darauf vorbereitet?

Hear from Pedro Morales, the Director and Global Head of AML/Sanctions Compliance at Google, about AI, cyber threats, fraud, third-party risk, regulation and other complex operational resilience obstacles, trends and risks. The Federal Reserve defines operational resilience as the ability to deliver operations, including critical operations and core business lines, through a disruption from any hazard. In an interconnected world rife with volatility and uncertainty, there are certainly a plethora of hazards that can disrupt a business, and managing operational resilience is therefore a daunting task. At financial institutions, the operational resilience umbrella covers everything from AI, geopolitical threats and cyber risk to fraud, money laundering, IT outrages, third-party risk and disaster recovery. Indeed, on any given day, an operational resilience leader could have to contend with, for example, a cyberattack, an AI threat, a money-laundering scheme, or the fallout from a natural disaster or from wars in Eastern Europe and the Middle East. Governance and regulatory obstacles, moreover, also come with the job. With so many different problems to contend with, there's not necessarily a one-size-fits-all approach for operational resilience. But a manager must stay on top of trends and be aware of all potential risks, while also following best practices – all as part of an effort to withstand, adapt and recover from disruptive events. *The views expressed by our guest speaker, Pedro Morales, are his alone and do not necessarily reflect those of his employer. Relevant Links: GARP Benchmarking Initiative Risk Intelligence: Operational Risk   Speaker's Bio Pedro Morales is the Director and Global Head of AML/Sanctions Compliance for Google. He previously served as Google's Global Head of Enterprise Risk Management for Payments, and has also worked in various leadership roles at the Federal Reserve Bank of New York, where he supervised large banks.

So, how resilient is your supply chain? The honest answer for many companies, which they learned the hard way during the Covid pandemic, is that their supply chains are not very resilient — that is, not able to adapt and recover from disruptions very quickly and effectively. That is why, over the past few years, ... Read more The post [Video] Operational Resilience in Action: A Practical Guide for Supply Chain Leaders appeared first on Talking Logistics with Adrian Gonzalez.

In addition to working towards preventing breaches, cybersecurity leaders and their teams must devote significant resources to planning for an efficient recovery when one happens. That's because for every day, the organization's IT systems are down, operational resilience is impacted, and the financial drain worsens. So just what should cyber leaders be doing to prepare? What steps can be taken inside cybersecurity, within IT, and then in collaboration with operational units and emergency management to ensure all affected by an outage will be on the same page until the applications come back on? In this timely webinar, we'll speak to leaders who are building an understanding of operations and key relationships that will be required to weather a cyber-outage storm. Source: Examining Cyber’s Role in the Development of Business Continuity Plans that Strengthen Operational Resilience on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.

Join me as I talk with respected globally recognized operational risk, business continuity, and risk expert, and chair of the BCI's Women in Resilience Interest Group, Ratna Pawan. During our discussion we touch on two topics: Operational Resilience and Women in Resilience. 1. Operational Resilience (OpR) a. Defining operational resilience, b. OpR is BCM done well (neither of us like this comment), c. Risk awareness, d. OpR ownership, e. Understanding the inter-relationships, f. BCM as an OpR professional, g. Why other areas need to pay attention to OpR...and more! 2. Women in Resilience (WiR) a. What WiR? b. WiR initiatives, c. The challenges being faced, d. Allies and equality, e. Contacting and being part of the WiR interest group...and more! Ratna share some great insights into Operational Resilience and talks candidly about the BCI's Women in Resilience group - the successes and the challenges. Don't miss what Ratna has to share. Enjoy!

It's part 2 of my talk with resilience specialist, Jason Hoss, as we continue out discussion on personal resilience and how it helps establish strong organizational and operational resilience within our businesses. We use our own stories of resilience to help understand how the personal side of resilience will help build and influence Organizational and Operational Resilience. You don't want to miss these stories - both personal and professional. Perhaps they'll help you on your organization's path of resilience. Enjoy!

To help establish strong organizational and operational information within our businesses, one first must start with personal resilience; the foundation upon which you can build and influence Organizational and Operational Resilience. I speak with resilience specialist and friend, Jason Hoss, as we share our own stories - the good, the bad, and the ugly - about our own journeys of resilience. You don't want to miss these stories - both personal and professional. Perhaps they'll help you on your organization's path of resilience. Enjoy!

Kimberley Cole interviews Anna Mazzone, VP of Risk Security and ESG at ServiceNow, about her career and the digitization of enterprise and governance programs. Mazzone discusses her journey from Bank of America to Reuters, SuperDerivatives, and Markit, highlighting her role in building the KYC managed service. She explains ServiceNow's platform, which integrates data from various enterprise functions to enhance decision-making. Mazzone emphasizes the importance of digitizing enterprise processes, understanding third-party risks, and implementing AI governance. She advises focusing on people, quick wins, and strategic partnerships to drive successful change and improve operational resilience. SHOW NOTES03:09 Career journey 10:08 What is ServiceNow 14:19 Creating Impact 21:38 Digitizing the Enterprise and Governance Programs 33:30 Opportunities and Challenges in GRC 40:48 Final Thoughts and Recommendations More great risk content and transcript: https://www.riskywomen.org/2024/10/podcast-s7e7-digitizing-enterprise-governance-programs-anna-mazzone/

Jeffrey Wheatman is the SVP, Cyber Risk Evangelist at Black Kite. In this episode of Hidden Risk, he joins host Scott Schober to discuss the Digital Operational Resilience Act, or DORA, a European Union (EU) regulation that aims to improve the cybersecurity and operational resilience of financial institutions. and how it builds on existing laws, such as the NIS Directive and GDPR, to close gaps in digital risk management. An award-winning intelligence platform, Black Kite is disrupting traditional third-party risk management practices worldwide by providing cybersecurity experts with full visibility they've never experienced before. Learn more about our sponsor at https://blackkite.com.

Operational Resilience is a key area of focus of many organizations. I'm joined my seasoned security strategist and specialist Steve ‘Stitch' Hindle, as we talk about Security & Operational Resilience in terms and perspectives different from the usual run-of-the-mill chatter. During our chat we touch on: 1. Disruptive events, 2. It's OK to fail, 3. People empowerment, 4. Driven by the top, 5. Operational Resilience (Defined), 6. Bringing people together, 7. Experiencing resistance, 8. Feedback (it flows in both directions), 9. 3 Pillars of Cyber Security (People, Technology, Process), 10. Testing it all, 11. Embedded assumptions, 12. Using technology the right way, 13. Making lives better...and more. Don't miss Steve's take on these topics, as they will provide you and your organization some amazing insights into Security & Operational Resilience. Enjoy!

Many cybersecurity experts are calling recent attacks on healthcare more sophisticated than ever. One attack disrupted prescription drug orders for over a third of the U.S. and has cost $1.5 billion in incident response and recovery services. Separately, an operator of over 140 hospitals and senior care facilities in the U.S. was also victimized. These attacks are becoming all too common. Disruptions can lead to life-and-death situations with massive impacts on patient care. All industries, especially healthcare, have to better prepare for ransomware attacks. Are you ready to turn the tables on threat actors? Marty Momdjian, Semperis EVP and General Manager provides advice on how hospitals can regain the upper hand. This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisbh to learn more about them! The annual report details the latest ransomware attack trends and targets, ransomware families, and effective defense strategies. Findings in the report uncovered an 18% overall increase in ransomware attacks year-over-year, as well as a record-breaking ransom payment of US$75 million – nearly double the highest publicly known ransomware payout – to the Dark Angels ransomware group. Segment Resources: For a deeper dive into best practices for protecting your organization and the full findings, download the Zscaler ThreatLabz 2024 Ransomware Report Link below - https://zscaler.com/campaign/threatlabz-ransomware-report This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerbh to learn more about them! Show Notes: https://securityweekly.com/esw-372

Many cybersecurity experts are calling recent attacks on healthcare more sophisticated than ever. One attack disrupted prescription drug orders for over a third of the U.S. and has cost $1.5 billion in incident response and recovery services. Separately, an operator of over 140 hospitals and senior care facilities in the U.S. was also victimized. These attacks are becoming all too common. Disruptions can lead to life-and-death situations with massive impacts on patient care. All industries, especially healthcare, have to better prepare for ransomware attacks. Are you ready to turn the tables on threat actors? Marty Momdjian, Semperis EVP and General Manager provides advice on how hospitals can regain the upper hand. This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisbh to learn more about them! The annual report details the latest ransomware attack trends and targets, ransomware families, and effective defense strategies. Findings in the report uncovered an 18% overall increase in ransomware attacks year-over-year, as well as a record-breaking ransom payment of US$75 million – nearly double the highest publicly known ransomware payout – to the Dark Angels ransomware group. Segment Resources: For a deeper dive into best practices for protecting your organization and the full findings, download the Zscaler ThreatLabz 2024 Ransomware Report Link below - https://zscaler.com/campaign/threatlabz-ransomware-report This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerbh to learn more about them! Show Notes: https://securityweekly.com/esw-372

Join me as I with with leading resilience and risk expert, Terry Lee. During today's discussion we touch on 3 key important topics: Operational Resilience, Vendor Risk Management, and Enterprise Risk Management. 1. Operational Risk ( Defining OpR, Leadership confidence, Risk as an opportunity, Who 'owns' OpR, Where OpR resides in an organization...and more!) 2. Vendor Risk Mgmt. (The difference between supply chain mgmt. and vendor risk mgmt., Regulatory standards, Vendor assessments, NDAs and obtaining necessary information, Testing with vendors...and more!) 3. Enterprise Risk Mgmt. (BCM and ERM, Changing Cultures, risk registry, Risk in motion, Model risks...and more!) Terry shares a wealth of great information and insights that all business leaders and contingency/resilience professionals can benefit from. Don't miss what Terry has to share. Enjoy!

Join me as I talk with experienced Operational Resilience and Business Continuity professional, Yusuf Ukaye, as we talk on the topic of Starting a BCM Program from Scratch. During our discussion we talk about: 1. Asking the right questions (What are we protecting? and more), 2. Impacts of not doing what you do, 3. Feeling about risk, 4. Good governance, 5. RACI, 6. It's NOT a project, 7. Everyday BC usage, 8. Building roadmaps, 9. Articulating needs, 10. Standards and guidelines, 11. Stakeholders, 12. Soft Skills, 13. Escalate and communicate w/ leaders, 14. Looking for support, 15. Listen more, 16. Be aware of the human element, 17. Validating you're on the right track, 18. Understanding assumptions and dependencies, 19. Communications...and more! Yusuf provides lots of great insights for those new to the field to help them get started, but also some insights to those that might be wondering why their program isn't as effective as it could be. Don't miss what Yusuf has to share. Enjoy!

In this episode, host Jim Van Over, Field Innovation Officer at ServiceNow, interviews Dan Prior, Partner, Risk Technology at EY. Together, they discuss the challenges and opportunities in operational resilience and the transformative impact of AI on risk management and business operations.See omnystudio.com/listener for privacy information.

In this episode of the Innovation Today podcast, host Jim Van Over welcomes Andrew VanWagoner, EMA ServiceNow Platform Lead and a ServiceNow Certified Master Architect at KPMG and a ServiceNow certified master architect, to discuss the critical importance of operational resilience in today's dynamic business environment.See omnystudio.com/listener for privacy information.

To ensure financial stability in the UK, banks and other financial service firms operating in the UK must be ready to handle unexpected disruptions to their services. Our guest, Richard Ransom, discusses the UK's new legislation (SS1/21) and the responsibility firms have to mitigate any risk, minimize impact, and continue providing essential services regardless of the cause of the disruption.

In cybersecurity, understanding the constantly evolving landscape of threats is key to safeguarding digital assets and sensitive information. DirectDefense, a leading security services provider, offers valuable insights into the world of threat intelligence through a candid conversation with Jim Broome, the Director of DirectDefense. In a recent discussion with Sean Martin, they delved into the nuances of IT and OT convergence, network separation, and the critical significance of threat reports.Uncovering Threat Intelligence TrendsThe dialogue between Sean Martin and Jim Broome sheds light on the intricate details of threat intelligence gathered by DirectDefense. Jim Broome's extensive experience in the industry, coupled with DirectDefense's commitment to cybersecurity excellence, unveils compelling narratives of threat actors, attack methodologies, and strategic responses to mitigate risks effectively.From Penetration Testing to Managed Services: DirectDefense's EvolutionJim Broome narrates DirectDefense's journey from its inception, focusing on core services like penetration testing and managed services. The shift towards leveraging threat reports to provide actionable insights to clients showcases DirectDefense's proactive approach in addressing emerging cyber threats effectively.The Impact of Threat Actor Behavior on Security PostureThrough real-world examples like the Scattered Spider threat group's activities, Jim Broome highlights the direct impact of threat actor behavior on organizations. By dissecting attack vectors and lessons learned from engagements with threat actors, DirectDefense empowers clients with the knowledge to strengthen their security postures.Collaboration and Customized SolutionsJim Broome emphasizes the value of collaboration and customization in cybersecurity services. By tailoring alerts, response strategies, and monitoring solutions to suit each client's unique environment, DirectDefense fosters a culture of resilience and preparedness against potential cyber threats.Empowering Organizations with Actionable InsightsThe blog post underscores the importance of utilizing threat reports to gain actionable insights and establish robust security protocols. DirectDefense's approach to presenting information in a tangible and practical manner resonates with organizations seeking to enhance their cybersecurity frameworks.Looking Towards the Future of CybersecurityAs cybersecurity landscapes continue to evolve, organizations face the challenge of adapting to new threats and vulnerabilities. DirectDefense's proactive stance on integrating cybersecurity solutions with core IT disciplines signals a strategic approach towards ensuring operational resilience and uptime in critical infrastructure sectors.The Essence of Collaboration and Expert GuidanceDirectDefense's emphasis on collaboration, expert guidance, and responsiveness to evolving threats underscores their commitment to ensuring clients are equipped with the necessary tools and insights to navigate the complex cybersecurity landscape successfully.DirectDefense's conversation with Jim Broome offers a glimpse into the intricate world of threat intelligence, showcasing a blend of experience, expertise, and foresight in safeguarding organizations against cyber threats. By leveraging actionable insights and strategic responses, DirectDefense paves the way for a more secure and resilient digital environment.Learn more about DirectDefense: https://itspm.ag/directdef-gs7Note: This story contains promotional content. Learn more.Guest: Jim Broome, President and CTO, DirectDefense [@Direct_Defense]On LinkedIn | https://www.linkedin.com/in/jim-broome-88a0a02/ResourcesLearn more and catch more stories from DirectDefense: https://www.itspmagazine.com/directory/directdefenseView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Guest: Cameron Dicker, Director of Global Business Resilience at FS-ISAC [@FSISAC]On LinkedIn | https://www.linkedin.com/in/cameron-dicker-74804959/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn this episode of the Redefining CyberSecurity Podcast, host Sean Martin engages in a conversation with Cameron Dicker, the Director of Global Business Resilience at FS-ISAC (Financial Services Information Sharing and Analysis Center). The discussion delves into the critical role of FS-ISAC in enhancing business resilience within the financial services sector.Cameron Dicker provides insights into the extensive global program he oversees at FS-ISAC, focusing on conducting exercises for members and fostering a community of practitioners in risk, resilience, crisis management, and business continuity. The organization serves as a platform for members to share experiences, assess risks, and collaborate on addressing operational challenges collectively.The conversation expands to highlight the unique positioning of FS-ISAC as a global node network, comprising over 5,000 member organizations across 75 countries. The organization's pillars of intelligence, resilience, and security work in unison to collect, analyze, and disseminate valuable information to bolster members' resilience and security measures.Furthermore, Sean and Cameron discuss the increasing challenges posed by third-party services in the financial sector, emphasizing the need for standardized reporting practices among multinational banks. The episode underscores the importance of continuous learning and adaptation in response to evolving cybersecurity threats.The episode includes a call to action for increased engagement within the FS-ISAC community, encouraging members to actively participate in discussions and initiatives aimed at strengthening the sector's resilience to cybersecurity challenges. Through a blend of real-world insights and strategic foresight, the episode offers a comprehensive overview of the vital role played by FS-ISAC in safeguarding the financial services industry against emerging cyber threats.Top Questions AddressedWhat are the challenges posed by third-party services in the financial sector?How does FS-ISAC foster global collaboration among members?What role does intelligence sharing play in bolstering business resilience within the financial services sector?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

On this episode of Infrastructure Matters, host Steven Dickens is joined by Anthony Anter, Technology Solutions Director and Tim Ceradsky, Director of Software Consulting for BMC Software. The discussion focuses on the strategic importance of weaving operational resilience into the fabric of the mainframe development lifecycle through the CI/CD pipeline. Their discussion covers: Key steps in the CI/CD pipeline to enhance mainframe system resilience Tailoring automated testing suites for mainframe environments within the CI/CD pipeline Optimized deployment strategies for mainframe operations resilienceImplementing rigorous monitoring protocols to bolster mainframe operational resilience The crucial role of collaboration between development and operations teams in integrating resilience measures  

On this episode of Infrastructure Matters, host Steven Dickens is joined by BMC's Chad Reiber, Solution Engineer, and Tim Ceradsky, Director of Software Consulting, for a conversation on how modern enterprises can ensure operational resilience in the hybrid cloud environment, especially when dealing with mainframe data. Our discussion covers: The concept of operational resilience in the context of mainframe data within a hybrid cloud environment. The importance of immutable copies of mainframe data for ensuring operational resilience, and how they differ from traditional backup methods. The key benefits of strategically placing immutable copies of mainframe data across the hybrid cloud infrastructure to mitigate risks. Common challenges organizations face when implementing and managing immutable copies of mainframe data in the hybrid cloud. Strategies for leveraging immutable copies of mainframe data to enhance data availability and expedite recovery processes in hybrid cloud environments. Learn more at BMC.

Our guest, Rachel Riley, co-founder and head of GRC ESG at Ansarada, shares her profound insights on the significance of operational resilience in today's fast-paced and unpredictable business landscape. With a rich background in risk management, compliance, and sustainability, Rachel's journey from a promising career in accounting to pioneering in GRC and operational resilience offers invaluable lessons for professionals across sectors. We discussed the challenges companies face in implementing a formal resilience framework, the impact of regulatory landscapes on resilience efforts, and the innovative strategies businesses can adopt to navigate emerging operational risks, including cybersecurity threats and climate change implications. Rachel also sheds light on common misconceptions about operational resilience and provides practical advice for organizations looking to bolster their defensive capabilities against disruptions. If you're a Chief Risk Officer, involved in cyber security, or interested in sustainability and risk management strategies that can transform your company, this episode is packed with actionable insights. If you want to be our guest or suggest someone with unique insights into risk management, cyber security, or sustainability, send your email to info@globalriskconsult.com with the subject line "Podcast Guest Suggestion." Join us in expanding the conversation on the Global Risk Community platform, where experts share and shape the future of risk management.