Panel Discussion: Anatomy of a Crisis
Please note that this panel discussion is exclusive to BCI Members only. If you are a BCI Member, please login into your profile to access the content.
Please do not share the link/content of this page on social media or any other platform without authorization from The BCI.
The aim of this panel discussion is to examine what happens within an organization when a cyber attack strikes - particularly focusing on the roles, reactions and responses of each department. The panel will feature a cyber attack exercise on a fictional organization (WhatUNeed) led by James McAlister FBCI.
James will guide five experts (each playing a different organizational department) through the crisis scenario with various injects. During the exercise he will discuss their reactions and responses, and ask them important questions that will provide the audience with valuable suggestions, tips and some serious ‘food for thought’.
About the speakers:
James McAlister, FBCI (Exercise Role: Facilitator). James is a former police officer with over 35 years’ experience in Business Continuity (BC), Crisis, Major Incident & Disaster Management, Civil Protection, Emergency Planning, Security, Firearms, Public Order, Training and Exercising. He has advised, planned and led many operations and exercises throughout the UK and internationally including political party conferences, major sporting events, royal / ministerial visits, counter terrorism operations, public order events and environmental / man-made disasters.
Sarah Garrington MBCI (Exercise Role: Business Continuity Manager). Sarah has over 8 years’ experience in the Business Continuity, Crisis Management and Resilience industry and is currently a Head of Resilience, leading on Resilience and Sustainability. She is an industry speaker, having spoken at both the BCI’s World Conference in both 2020 and 2021, and the Global Resilience Summit in March 2021. Sarah has worked to implement Business Continuity strategies across the Professional Services, Financial Services and Legal industries and is passionate about encouraging the next generation of Resilience professionals.
Dr Craig Breheny (Panel Discussion Role: Crisis Communications Specialist). Craig is a former BBC journalist who works as a communications consultant. With a quarter of a century working in PR has has advised all kinds of clients on everything ranging from the biggest explosion in Europe since WW2 to personal misconduct and cyber security issues.
Bryn Case (Panel Discussion Role: Legal Team). Bryn is a highly accomplished lawyer who has worked in-house for the past 16 years. Firstly as legal director within the Capita Group for 10 years, before moving to DAS Group in 2016 as Group General Counsel and taking advantage of a more local focus in his home town of Bristol. With a broad spectrum of legal experience ranging from financial services, M&A to outsourcing and infrastructure projects both in the UK and across the globe Bryn strives to deliver commercially astute solutions to challenges which transcend business operations.
Mark Hobden MBCI (Panel Discussion Role: Risk Management). Mark is Risk Director at Ward Security. Mark has been in the security industry for 15 years, since leaving the UK Armed Forces, and has spent his time working on projects such as; contract mobilisations, business continuity, risk, and emergency response.
Gary Hibberd (Panel Discussion Role: Information Security / IT). Gary is formally the MD of Agenci Information Security Consultancy and is now a shareholder, Director and the ‘Professor of Communicating Cyber’ at Cyberfort Group. Cyberfort employs over 130 people with a turnover of £18Million. Starting his career as a programmer, he now has 35 years of experience in Cyber, with 20 of these focused on Cyber Security, Governance, Business Continuity and Data Protection. He is a published author and international speaker on topics as diverse as Cybersecurity, Darkweb, Cybercrime and CyberPsychology. He helps companies large and small implement information security management frameworks such as ISO27001, ISO22301, PCI DSS, and the GDPR, he comes with a wealth of practical experience, advice, knowledge, and skill. As a Data Protection Officer and Cybersecurity specialist for 20 years, Gary simplifies complex programme management challenges and helps bring about clarity and value.”
About the (fictional) organization:
WhatUNeed is the UK’s 4th largest retailer of trade tools, accessories and hardware products, with HQ in Liverpool UK – admin / HR / IT / sales call centre / etc. The company has 200 retail stores across UK, 2 distribution centres – in Liverpool & Birmingham - and 4,378 employees. Its website attracts 2 million unique visitors per week and they have a Phone app, which provides a click & collect / delivery service to ove 2 million active customers. Their turnover is around £500 million.