Monthly Archives: October 2023

Business, Business & Property News, Law

45 Years After A Life Changing Accident: “Why I’m Embarking On A Brand New Fight To Help Others…”

THE founder of a new dispute resolution service called Right Against Might has outlined the inspirational personal story which led to the establishment of the company. 

Chris Joseph created the RAM Group to hold the world’s biggest businesses and organisations to account on behalf of underdog consumers. 

Using a unique approach, the company aims to secure “swift justice” without resorting to legal action for thousands of people across the UK with nowhere else to turn. 

For Chris, the company represents the latest chapter in an incredible life which changed forever 45 years ago. 

In 1978, then aged 20, he lost his right arm after he was pulled into the gearbox of a gantry crane while he was working in an iron foundry. 

It was caused by an absence of health and safety precautions and a lack of care by employers with insurance policies covering them against workers’ deaths. The firm at fault was fined £250 over the incident. 

Before the accident Chris had been planning to become a Catholic priest, and had been training in a monastery. 

He decided against this path, but his training as a priest helped because he had training in mind over matter and was able to use that to control the pain when the accident happened. 

Chris, from Stockton-on-Tees,  said: “I couldn’t play the piano anymore. That was my first thought when I came out of the gearbox. Then, my second thought was, get a grip, you’re bleeding to death. 

“That was when I had the thought about being very similar to Monty Python and the Holy Grail when he’s taking on the Black Knight and he’s squirting blood in all directions. So there was an element of humour that crept into my head, even though I was bleeding to death. 

“When I arrived at hospital, I actually said to the nurse when she set up the drip at the end of my bed and I just said ‘can you please fill it with Heineken? I understand it refreshes the parts other beers can’t reach’.” 

He said remains of his severed arm dropped into a furnace which was producing components for a power station project in Argentina. He was able to watch the World Cup finals in hospital and the irony of Argentina winning was not lost on him. 

Explaining how he was able to turn his life around he said: “I just taught myself to do everything again and you have to think like a child, you have to review the way you’ve done things and then think of a better way of doing it, or a clever way of doing it, like tying shoelaces and stuff like that. And there were 13 operations while I was in the hospital.” 

After having a silver hook fitted to his stump, he decided to spend his £23,000 in compensation on buying a house and renting it out. He went to work in a cheese factory, where he designed an innovative stock-taking system for the firm. 

Chris returned to university and changed his course to cover communications, broadcasting, film studies and systems thinking. 

“I was already creative and thinking with one hand made me even more so, driving, adapting, re-thinking, and I met a woman at the university who would love to become my wife and mother of my three children.” 

He said he did not want to become an accountant and applied for a job with the advertising agency Saatchi & Saatchi, but was turned down because he was “too nice”. He applied to six other agencies and was offered a position with one of the smaller agencies. 

“Basically, they hired me and they paid me nothing apart from my expenses and gave me a six-week trial, which the government paid £45 pounds a week for, as they were getting paid £45 a week to employ this disabled bloke and that’s how I got the first job in advertising.” 

After 11 months, he was promoted to new business director, and, ironically, he was subsequently head-hunted by Saatchi & Saatchi to work as a creative new business consultant. 

He suffered a leg injury while ice skating at a Saatchi party and decided to set up his own agency while he recovered. In three years, the firm had a turnover of £15 million and employed 43 people. 

After a successful career, he decided to use his experience to set up Right Against Might to champion the cause of other people who have faced adversity due to the actions of large organisations. 

Chris has gone on to become a bestselling author through his new book Zest! Seller. 

He’s also a long-term mental health campaigner who has successfully challenged several multinational companies in the High Court in London. He has also taken on and beaten the banking industry. 

His trailblazing work established the legal precedent by which all creative agencies now retain copyright in their pitch work. 

He credits losing his arm with the development of his creative thinking and his subsequent success: “My brain has had to wake up and think differently. I had to completely re-learn and it was almost like I had to sort of look at my shoelaces and think, ‘how the hell do I tie these?’ 

“Somebody said to me, what about Velcro? But I wanted to be able to choose whatever shoes I wanted, whatever tie I wanted. I can tie a bow tie one-handed. 

“There’s all sorts of things. It’s a question of adapting and learning different ways and means of doing them and not being defeated.” 

He added: “I regarded myself not as a man who had lost an arm, but as a one-armed man – there is a difference.” 

BREAKOUT:  

If you need support resolving a dispute, Right Against Might can help and want to hear from you.  Visit https://rightagainstmight.com 

Explaining his work, Chris says: “Truth is simple and black and white.  

“We may not be lawyers, but you don’t need to be one to know the difference between right and wrong and when someone is telling the truth. 

“We offer a unique creative dispute resolution service. We are experts in iconoclasm, using an infinite pool of creativity both in lawful message and method. We have a proven demonstrable reputation, and a track record for intervention in disputes of all kinds. 

“We usually resolve and settle them quickly. We have a dogged determination to seek justice and see right done as quickly as possible so you and your opponent can move on with your lives. We use the court of public opinion, it’s usually much quicker than a court of law but we know how to use both. 

“RAM (Right Against Might™) offers a service of unashamed irreverence towards ‘Goliaths’ who can be individuals, organisations, and companies who seek to crush powerless ‘Davids’. We empower you, helping you fight back and think ‘outside the box’. Although acutely aware of the legal tramlines we must not cross, (we always work within the law) and with excellent legal minds and experts at our fingertips, we know where to go, who to talk to, and most importantly, what to do to disrupt inertia, redress the balance and seize the initiative. 

“Each dispute is different and interesting and sometimes we work pro bono. With years of experience in the advertising industry, we produce communications or campaigns that are legal, honest, decent and truthful. Our imagery, messages and media clout are powerful and we work creatively and strategically with you in myriad ways. My message if you are a ‘Goliath’ and if you ever hear from us, is to please just do the right thing.”

Cardiff, News, Sustainability

Cardiff-based Alcumus acquires sustainability leader Planet Mark

Alcumus welcomes Planet Mark as its newest acquisition: setting forth on an exciting sustainability journey

Planet Mark, a leading sustainability certification and Net Zero pioneer, has been acquired by Alcumus, a global leader in workplace safety and compliance solutions, marking a significant milestone in their shared journey toward a more sustainable future.

For 10 years, Planet Mark has been working with its members to enable meaningful change, creating a more sustainable and equitable world. With Alcumus’ experience, resource and technology, Planet Mark will be able to significantly expand its offering at a key stage in its growth journey. This partnership is supported by a shared ambition and commitment to helping all organisations and especially small and medium-sized enterprises manage their risk in a sustainable way.

Alcumus, a company under the ownership of Apax, has a longstanding commitment to promoting safer and more sustainable workplaces, building on its history as a successful and globally expanding enterprise. As a global company, Alcumus has its roots firmly planted in Wales. This acquisition represents a proud moment for the Welsh business community, reaffirming Wales’ position as a hub for innovative and forward-thinking companies on the world stage.

This partnership represents a powerful alliance to accelerate positive change. Both Planet Mark and Alcumus are built on a common purpose and values, servicing similar parts of the economy. As the partnership evolves, ongoing integration will reveal complementary offerings that will enhance the experience for Planet Mark’s existing clients and create new avenues for substantial growth. 

Steve Malkin, the visionary CEO and Founder of Planet Mark, commented: “As we reach our 10-year milestone, it gives the team and me great confidence knowing we’re joining forces with such a dynamic company as Alcumus. We have a shared vision to create a better future and drive impactful change. With their international presence and established history of helping businesses cut carbon, reach net zero and provide positive impacts for society and the environment., the possibilities are endless – we’re expecting big things as we enter our second decade.” 

Alyn Franklin, CEO at Alcumus, added: “Alcumus is committed to measuring what matters, inspiring change, and making the world a safer and more sustainable place for all. The acquisition of Planet Mark is the latest part of our journey. This acquisition not only propels our growth ambitions but also adds tremendous value to our UK customer base, and represents a monumental stride towards a brighter and prosperous future.”

Planet Mark’s sustainability expertise is set to become an integral part of Alcumus’ comprehensive portfolio, offering clients a holistic range of compliance, risk management, and sustainability solutions, including net zero. This partnership will amplify the impact both organisations can make in driving transformation and sustainability across the businesses they serve.

Games Sector, Gaming & Entertainment, News, Tech, Technology, Tyneside

Business gaming Hackathon to unlock Port of Tyne’s 2050 Vision – 9 October 2023

Hackathon at Maritime Innovation Week 2023 will gamify strategic goals and award cash prizes to developers

Gamers and software developers across the UK are invited to apply their skills to some of the ambitious strategic goals set by the Port of Tyne at a unique business gaming hackathon (also known as Game Jam), taking place at Maritime Innovation Week 2023 on 9th November.

As a forward-looking, port of the future, Port of Tyne has published a very ambitious Tyne 2050 strategy focused on themes including innovation, sustainability, green energy, and safety. An industry first for the ports and maritime sector, the one day game hackathon will allow teams of creative and forward-thinking developers to transform complex business strategy ideas and themes into an engaging game concept.

Teams of up to 4 people are invited to select a theme of their choice from the strategic development projects listed under the Tyne 2050 strategy and devise a game concept using a no-code game development platform. 

Game concepts will be presented to a judging panel of gaming experts including event partners Ubisoft, who will nominate the ultimate winners of a £500 cash prize. 

“Business gamification is already widely adopted in many sectors, but this is the first time we’ve been part of a Game Jam supporting the future of maritime innovation,” says Damien Glorieux, General Manager for Ubisoft’s Consumer Relationship Centre (CRC) based in Newcastle.. “Through their 2050 Maritime Innovation Hub, the Port of Tyne has a future-focused culture that embraces new ways of working, this event is another example of their vision in action and we’re delighted to be involved.”

We’re using the Game Jam format to bring our Tyne 2050 strategic objectives to life for port colleagues. Our vision is ambitious and we want game developers to inspire us, using novel concepts to drive home both the potential for change and its commercial relevance,” says Ian Blake, Head of Technology at the Port of Tyne.

Sign up for the Maritime Innovation Week Game Jam

When: 9th November 2023

Where: 2050 Innovation Hub, Port of Tyne

How: Game development must not involve use of coding languages and should be developed with an approved no code / low code gaming engines, e.g. GameMaker, GDevelop.

Challenge: Gamify the Tyne 2050 Strategy

The challenge for game developers is to explore a Tyne 2050 theme of their choice and build a fun and creative 2D game in a single day, that can be played by the 350 colleagues across the Port of Tyne, enabling them to appreciate the wider impacts of the strategy.

Any Tyne 2050 theme and game setting can be selected. The following example ideas have been developed to help kick start brainstorm sessions. 

  • Zero Harm: The Port has a Zero Harm safety objective. Consider a warehouse setting with different hazards/trips/spills scattered across the warehouse map. The purpose of the game could be to locate and select the correct hazard classification within a given time, competing for safety points on a leaderboard. The person with the most points wins.
  • Green Energy: The port has a goal to achieve net zero by 2030. The purpose of the game will be to reach net zero using the least amount of time and money. There will be a sum of money that can be allocated between different green energy sources such as solar, wind, tidal, etc. with different costs and carbon reduction impacts. A timer will run on top counting down towards 2030. Whoever reaches net zero with the least amount of time and money spent tops the leaderboard.
  • Operational Efficiency: The port has an objective to deliver efficiencies and drive down the time and cost of operations. The game setting could be a container terminal holding 20 containers, 20 containers on the ship, and several free spaces where containers could be placed. The goal would be to move the 20 containers from terminal to ship and vice versa in the least number of moves. The player with the least moves tops the leaderboard.

To find out more about the Hackathon and sign up, visit: https://www.eventbrite.co.uk/e/maritime-innovation-week-hackathon-2023-tickets-730304730107?aff=oddtdtcreator

News

Swansea Building Society unveils sponsorship agreement with Swansea RFC

As it marks its centenary year, Swansea Building Society proudly announces the continuation of its commitment to local sports, community organisations and charitable causes through the renewal of its sponsorship with the local rugby union team, Swansea RFC, known as ‘The Whites.’

Swansea ‘Whites’ was originally established in 1872 as a football club, before the team switched to the rugby code in 1874. A few years later, in 1881, Swansea RFC became one of the founding clubs of the Welsh Rugby Union and has gone on to be four-time Welsh Premier Division Champions.

During its early years, the team displayed remarkable prowess, boasting an astonishing 22-month unbeaten streak. In 1935, it achieved a crowning achievement by defeating the formidable New Zealand All Blacks with a score of 11-3, becoming the first-ever rugby union club to conquer this renowned team.

Fast-forward to the 1990s, and the club experienced another era of remarkable success, highlighted by a historic 21-6 victory at home against the reigning world champions, Australia. The team’s home ground, St. Helen’s Rugby and Cricket Ground, offers picturesque views of Swansea Bay. Their inaugural home game at this venue took place in 1876, and it also hosted the first-ever home international match for Welsh rugby in 1882.

The club boasts an illustrious roster of former players, including notable names like Gavin Henson, Dan Biggar, Mark Wyatt, Ryan Jones, and the esteemed Alun Wyn Jones, who not only represented Wales but also captained the British and Irish Lions.

The renewed sponsorship of Swansea RFC comes in the same year that Swansea Building Society marks a momentous occasion: celebrating 100 years. Founded as a mutual in 1923, the Society has remained dedicated to serving the South Wales area by offering a range of savings and mortgage products. With its headquarters in Swansea and branch offices in Mumbles, Carmarthen, and Cowbridge, Swansea Building Society has become an integral part of the community, embodying a personal, face-to-face approach that caters to the unique needs of its members.

The Society’s centenary year has seen it announce record-breaking results, with total assets, mortgage balances, savings, capital and profits all reaching record highs in the 12 months to December 31, 2022. For the remainder of 2023, Swansea Building Society will continue to celebrate its centenary milestone by engaging in various charitable initiatives and community projects – including the donation of over £100,000 to local charities. These initiatives reflect the Society’s ongoing commitment to giving back to the Swansea community that has supported it for the past 100 years.

David Blyth, Board Member, Swansea RFC, said:

“We are thrilled to renew our partnership with Swansea Building Society – which has been a long-standing supporter of the club – as it celebrates its centenary year. This sponsorship is a testament to the Society’s unwavering commitment to the local community and sports and something we fully appreciate here at Swansea RFC. Together, we aim to continue our legacy of excellence, both on and off the field.”

Alun Williams, Chief Executive Officer, Swansea Building Society, said:

“All here at Swansea Building Society are proud to renew our support for Swansea RFC, a club with a rich history and a deep connection to the local community. Our shared values and commitment to the people of South Wales have been the foundation of Swansea Building Society’s success for a century, and in the case of Swansea RFC for just over 150 years. We are delighted to be able to continue our support of this historic club and wish the team every success in the coming season.”

News

North Wales college number one in the country for DofE… and Exec Director is a former student

COLEG CAMBRIA is the number one FE institution in Wales for the Duke of Edinburgh’s Award (DofE).

The north east Wales college – based in Wrexham, Northop, Llysfasi and Deeside – has seen more than 270 learners achieve the Bronze, Silver or Gold DofE Award in the last year.

And those taking part donated a staggering 3,107 hours of their own time for volunteering and charity work.

To celebrate the achievement, a group from the charity visited Cambria’s Yale site in Wrexham, including former student and DofE UK Executive Director Rebecca Kennelly, and Director for the DofE in Wales, Stephanie Price.

Following a tour led by Gold Award participants Kitty Davies and Lowri Green, who hail from the city, there was a special presentation for Gary Abnett and Alan Lowry, Cambria’s DofE coordinators, who have given almost five decades of time and commitment to the Duke of Edinburgh’s Award in Wales.

Cambria’s Learner and Enterprise Manager Rona Griffiths thanked the DofE for its support of learners over the years, notably those from challenging backgrounds.

“They helped us to focus on our provision for vulnerable students or young people with additional learning needs and even offered 150 funded places so we could deliver the courses to them, providing support and teaching new skills,” she said.

“Hundreds of students have really benefited as a result, and a lot of that is down to colleagues across all sites, led by our coordinators Alan and Gary, who have worked so hard – much of it in their own time – to empower them, to teach them and build their confidence.

“We could not be prouder of what they’ve done, and the effect Cambria has had in partnership with the DofE, in making a real difference to their lives.”

Reinforcing those words, Stephanie added: “It’s great to see so many young people from Coleg Cambria achieving a DofE Award, which is a testament to the hard work and dedication of the learners and DofE leaders who support them.

“Last year, DofE participants at Cambria collectively volunteered 3,107 hours, a fantastic contribution to their local community and charities.

“It was fantastic to be able to thank Alan and Gary for their long service to recognise the significant contribution they have made in providing DofE opportunities to learners at the college over the years.”

The final word goes to Kitty and Lowri, who spoke positively about their DofE experiences.

A former pupil at Darland High School, Lowri is studying Criminal Justice at Yale, and said: “I achieved my Bronze and Silver at Cambria and am now working toward my Gold. As well as learning new skills it has helped towards my career as I hope to a be police officer in the future.”

Uniformed Public Services student Kitty added: “I’m also doing my Gold award and being part of the DofE helped me to get work placements and employment opportunities. It’s also good for your CV and the community, which is really rewarding.”

Visit www.cambria.ac.uk for the latest news and information from Coleg Cambria.

For more on the DofE, visit the website: www.dofe.org.

Business Expansion

How Help Desk Software Can Help Enhance Customer Satisfaction

We all strive toward customer satisfaction as it is a key part of driving business growth. The problem is that you can often encounter lots of issues when communicating with customers or solving concerns. These can be things such as slow response times, inconsistent service quality, and inefficient issue resolutions.

There are several measures you can take to prevent such and enhance customer satisfaction, but one of the best is using comprehensive HR help desk software. Such a system offers several features and functionalities that can help you immensely improve your customer service.

Multichannel Customer Support

There are lots of communication options available today, and each customer has their preferred option. This can be email, live chat, social media, or even traditional phone calls. One of the best things about an HR platform is that it allows you to cater to each of these seamlessly. You will be able to let your customers choose from the many options available today, hence communicating with them on their terms. This way, customers will feel it’s easy for them to reach out to your business.

Centralized Ticket Management

You can have customer inquiries coming in at a fast speed, all from different communication channels. Arguably, the best thing about HR help desk software is that it allows a business to bring all these together in what is known as centralized ticket management. Here, all interactions, whether from email, chat, or social media, are recorded in a single, unified system. They are then assigned ticket numbers as they come in, which means that you won’t stumble upon a customer query or request that went unnoticed or unaddressed. Not only that, but the system will also be able to let you know the requests that are urgent and need to be prioritized.

Automated Ticket Routing

A key part of ensuring that your customers are satisfied is being precise with every request, and this starts right after it’s sent. Normally, you would have a person who reviews all requests and assigns them to various people. The problem with this is that it takes time and is also prone to human error. An HR help desk service makes everything about routing automated. When a request is sent through any platform, it is given a ticket number and then assigned to the right person. User technical issues or queries are immediately directed to your technical team, while billing questions are automatically routed to the finance department. No query will be overlooked, and none will be sent to the wrong department.

Faster Response Times

HR help desk software helps make issue resolutions very fast. When a customer sends a request, the system immediately routes it to the right agent and sends a real-time notification. But even besides that, it knows how to escalate issues that require immediate response. These are identified as high priority, and the agents are then able to resolve them immediately.

A Personal Touch in Customer Support

We live in a world where everything is being personalized, and customer support is one of the best applications of personalization. HR desk software helps achieve this as it offers your support team a comprehensive view of all previous interactions with a specific customer. This includes things such as what they asked about and any preferences that they might have mentioned. Thanks to this, they will feel that they are valued by the company and their satisfaction prioritized.

Feedback Collection for Improvement

Growing a business is all about making improvements, regardless of how small, in every area. HR help desk software helps you take feedback from your customers about how they were served, an option provided at the end of every chat. This way, they can let you know whether the agent they connected to was helpful and knowledgeable. You can also ask users about the overall service you give them as a business, giving you a clear idea of where to improve and how to enhance customer satisfaction.

Cybersecurity, News, Tech Thought Leadership

Proactively Preventing Your Company from Becoming the Next Cyberattack Headline

Written by Justin Giardina, Chief Technology Officer at 11:11 Systems

The news last month of yet another cyberattack on MGM Resorts, initiating a system shutdown and disrupting its operations, is yet another in a very long list of attacks that we have witnessed in the past couple of years.  Having the right preventive and defensive cybersecurity measures in place for such attacks is a given, and it is what most organisations focus on. But it is also about understanding how the organisation will recover from an incident and how they can limit the extent of an attack.

Today, being impacted by a cyberattack is almost inevitable. The global average cost of a data breach in 2023 was USD 4.45 million, a 15% increase over 3 years, according to IBM. Therefore, companies also need to think about how they can proactively recover, how quickly they can recover, and the cost of recovery to the business.

For MGM the priority now will be to stabilise infrastructure, while they find the best copy of their data and restore it so they can continue to drive business operations, bringing systems back online as quickly and securely as possible.

Here at 11:11 Systems, we know that recovering from a data-compromising cyberattack requires planning, investment, capabilities, procedures, and more. We also understand how important it is for organisations to recognise the difference between traditional disaster recovery, in response to incidents such as wildfires, earthquakes, and extreme weather conditions, and compromised data recovery in the event of a cybersecurity incident.

We’re keen to help educate the market in understanding their own capabilities to get back to business-as-usual post an attack. An interruption to operations caused by a cyberattack can cost businesses an enormous amount, financially and reputationally, so this type of intelligence is vital.  Below are some essential elements organisations should think about in order to proactively protect their infrastructure:

 

1. Understanding the Insider Threat

Employees are often the first line of defence against cyberattacks. But without proper training, they can also be the weakest link. While external threats are more dramatic and grab the biggest cyberattack headlines, insider threats—whether malicious or the result of negligence—can be more costly and dangerous. According to Verizon’s 2023 Data Breach Investigations Report (DBIR), 74% of all breaches involve the human element.

Comprehensive employee training goes beyond mere awareness. It involves regular phishing simulations, workshops on identifying social engineering tactics, and creating a culture where cybersecurity is everyone’s responsibility. By transforming the team into a human firewall, you not only protect the organisation but also empower employees to be part of the solution.

 

2. Segmenting the network

A network is more than just a collection of connected devices; it’s the backbone that facilitates the organisation’s operations. Protecting the network is as important as securing the physical boundaries of the organisation.

Technologies like firewalls, intrusion detection systems (IDSs), intrusion prevention systems (IPSs), and network access controls are essential. But it doesn’t stop there. Network segmentation enables organisations to create barriers within the network, limiting the spread of threats. By securing the perimeter of each segment, this ensures that even if one part is compromised, others remain intact.

 

3. Continuous scanning and monitoring

Software flaws and misconfigurations are like unlocked doors waiting to be exploited. It’s imperative that the organisation continuously scans for these vulnerabilities and promptly patches them. Industry professionals still talk about the 2017 Equifax breach that exposed 143 million records, all because of an unpatched vulnerability.

Closing these doors requires a proactive approach, where security teams are not just reacting to threats but actively seeking and addressing potential weaknesses. After all, an exposed vulnerability is an open invitation to attackers.

 

4. Knowing when to revoke access

Access controls are the gatekeepers to the organisation’s most valuable assets. This means implementing complex passwords, deploying multifactor authentication (MFA), and limiting access to sensitive data are all imperatives.

But access control is also about knowing when to revoke access. For example, immediately disabling former employees’ credentials is crucial as often insider threat cases involve a disgruntled ex-employee.

Employees don’t necessarily have to be disgruntled to be a threat to the business, though. Yahoo, for instance, recently sued a former senior research scientist for stealing valuable trade secrets minutes after being offered a job by a competitor. By acting as vigilant gatekeepers, you can ensure that only authorised individuals can access vital information.

 

5. Shielding the frontline

Endpoint protection is about securing the devices that interact directly with users and data. These endpoints, such as laptops and servers, are often the frontline in the fight against cyberthreats.

Tools like endpoint detection and response (EDR), antivirus software, disk encryption, and application whitelisting are crucial. By shielding the frontline, organisations not only prevent attacks but also gain insights into potential threats, allowing for more informed decision-making.

 

6. Safeguarding data requires a multifaceted approach

Data is the lifeblood of the modern organisation. It fuels growth, innovation, and customer satisfaction. Safeguarding this data requires a multifaceted approach.

Classifying sensitive data, implementing robust controls around high-risk information, encrypting both data at rest and in transit, and regular backups are crucial. By treating data as a valuable asset, the organisation will improve the chances of this data remaining secure, accessible, and compliant with regulatory requirements.

 

7. Regularly tested incident response plan

No defence is unbreachable. Even with the best security measures, some attacks will inevitably succeed. That’s why it is important to have a well-maintained and regularly tested incident response plan.

This plan should detail roles, responsibilities, and processes for detection, containment, eradication, and recovery, including updated business continuity (BC) and disaster recovery (DR) plans.

This includes being prepared to restore impacted systems and data quickly. Organisations should maintain recent backups of critical assets, including immutable backups, to ensure they can rapidly restore when needed. Furthermore, these backup processes should be regularly tested to ensure they’re up to date and align with any changes in the production environment.

 

8. Treat security as a continuous journey

Security is not a one-time effort; it’s a continuous journey. Periodic third-party audits and vulnerability assessments provide an external perspective on security posture and help identify gaps, risks, and opportunities to address any shortcomings.

The ISO/IEC 27001 standard, adopted by organisations worldwide, emphasises the importance of regular audits and continuous improvement. Embracing this culture ensures that security measures evolve with the changing threat landscape to provide robust protection against current and future threats.

 

9. Change the narrative

The MGM cyberattack is an all too familiar story that we have heard countless times before over the years.

In today’s world of heightened attacks, organisations need a multi-disciplinary, layered approach involving ongoing diligence, training, and investment, if they are going to be ready to minimise business interruption from a cyber event as well as proactively prevent the company from becoming the next cyberattack headline.

 

Cybersecurity, News, Tech Thought Leadership

Why a robust risk management and cyber resiliency plan is an absolute necessity

Written by Simon Church, Chairman, Xalient  

As we are in the midst of Cybersecurity Awareness Month, and in the lead-up to our own Secure Connected Future Summit which we are hosting in November, I feel that a lot of the focus when it comes to cybersecurity still tends to be on prevention tactics. However, I would argue that it is not just about having the right defensive cybersecurity tools in place, but it is also about understanding how the organisation will recover from an incident – how quickly and at what cost to the business.  The focus should also be on having a robust cyber risk management strategy in place.  Here I outline five key tips for organisations to consider when devising their cyber risk and resiliency plans.

 

  1. Dry-run your recovery plan

Today, being impacted by a cybersecurity incident is unfortunately almost inevitable, and therefore companies also need to consider whether they can recover, how long recovery will take, whether employees can continue to work, what applications and data they will recover first, and the cost of recovery to the business.

In particular, I would urge organisations to make sure they dry-run their recovery plan, so that in the event of an attack they know they are prepared and understand the process and who is doing what.  And I’m not just talking about technology here, but people and processes.  For example, what communications about the attack will they share with employees, customers, and other stakeholders? What do they want employees to do? What do they want senior executives and the board to do?  All too often I see organisations assume that because they have the technology in place, it will magically and seamlessly recover their systems, but they neglect the fine detail around communications and reassurance. So, it is important to not only have a plan but to dry-run that plan again and again and again.

 

  1. Focus on employee security awareness training 

One of the biggest risks to an organisation is the human risk, in fact (depending on the sources you refer to) 75-90% of all cyber incidents are human initiated.  So, it is very important to focus on having employee security awareness training in play.

Today employees operate in a blended environment, moving seamlessly between work applications and personal apps. Whereas previously they have been prevented from sharing company data outside the network perimeter, in our world of social media we often overshare, which leads to a lot of freely available open-source data, or OSINT.

Cybercriminals use OSINT for social engineering purposes. They gather personal information through social profiles and use this to customise phishing attacks.  The most recent MGM breach, for example, was a result of a social engineering attack on an employee who inadvertently gave hackers access to MGM’s systems.

Investing heavily in training to enable employees to make smarter security decisions will help them manage the ongoing problem of social engineering and clever phishing attacks. Performance should also be regularly measured to see how employees are implementing training in the real world, and there must be KPIs around this, that are ideally discussed at senior management or Board level. It is likely that the MGM attack could have been averted if the employee had been more aware and better trained.

 

  1. Implementing data-driven metrics

This is where data-driven metrics are utilised to better monitor and manage the environment and to short-cut some of those labour-intensive tasks.   What I’m talking about here is understanding what vulnerabilities to prioritise, what incidents to contain, what are acceptable incident response times. Having visibility and context to prioritise the vulnerabilities that need to be scanned and patched. Without it, security teams are flying blind and attempting to triage thousands of possible threats, while they determine the organisation’s exposure.

Additionally, as many breaches utilise a vulnerability or flaw in operating systems’ code, the patching cadence and criticality needs to be agreed and assessed on a regular basis, so that the organisation prioritises patches based on risk to the business. To put this into context, last year there were approximately 20,000 new patches created by software vendors; this year that figure is expected to increase to 22,000. This means that the largest organisations have a backlog of over 100,000 patches to deploy, which is an almost impossible task without clear risk prioritisation.

 

  1. Managing third-party cyber risk

And to add to the CISO’s challenges, managing their third parties and any extended ecosystem cyber risk is also critical. It is very difficult from an outside view to determine which third party has strong cyber controls and which ones are already, or likely to be, compromised. Standard risk assessment processes tend to be point in time, involving questionnaires and audits. For cybersecurity, this is a flawed approach that usually leads to risk tolerance or acceptance. Rather than just categorising third parties as high or low risk, organisations should focus on the nature of the relationship and their adherence to the same security policies and practices implemented by the organisation. Do they control sensitive data or have they got access to critical systems?

 

  1. The importance of dynamic risk-based policies 

And finally, identity has now become a key security control for access policies and places additional emphasis on the user and device authentication process.  Not only does this require constant validation of identities and associated permissions, but this must now also be combined with the behaviour of that identity (be it human or a device) in the wider environment. In other words, it needs to be dynamic so that it can adjust and change as required.

From a security technology perspective, adoption of technologies such as Secure Web Gateways and Zero Trust Network Access as part of a wider SASE implementation can help to consolidate the security platforms needed to enforce the company’s security and risk policies, while also reducing the administrative overhead for security teams.

 

Cybercrime is predicted to be worth $10.5 trillion dollars by the end of the year. If it were a country, it would equate to the third-largest country in the world, in terms of GDP, so it is clearly big business.  Having robust security controls, a solid risk management plan, and dynamic risk policies, as well as a tried and tested recovery plan, won’t totally remove the threat of a cyberattack, but it will certainly reduce not only the probability of a breach but also the impact to the business.

News, Pensions

Finding Britain’s forgotten pensions: a memory test we can’t afford to fail.

A pension is one of the biggest investments most people will ever make. However, a YouGov survey, commissioned by the National Pension Tracing Day campaign, reveals that while 95% of Britons who’ve owned a car can recall the model and brand of their first motor, less than half (44%) can remember the company that provided their first pension.

Lost pensions – a growing Issue

The survey of over 2,000 people also reveals a concerning trend in the management of pension pots.

A significant 78% of respondents who have a pension plan have accumulated between 1 to 3 pension pots in total, with 6% having 4-6 pots. However, 16% don’t even remember how many pensions they have.

This lack of awareness could be contributing to the growing number of unclaimed pensions, which has surged by over a third to approximately £27 billion since 2018.[i]

The National Pension Tracing Day campaign aims to change this and reunite people with their lost pensions.

Alan Morahan, Chief Commercial Officer at Punter Southall, said: “The fact nearly everyone can remember their first car but not their first pension supports what most of us already know: making people more interested in their pensions is really tough, even if it means finding thousands of pounds you didn’t know about.  Around one in 20 people in the UK may have lost pensions, estimated to be worth on average £9,500 each and finding them could make a significant difference to their retirement.”

Unclaimed Wealth

Despite the potential financial windfall, a staggering 86 per cent of respondents with a pension plan have not traced a lost pension. Age may be a factor, but with people not saving enough for later life, it’s one more thing people can do for themselves.

The research also found that of those British people who had/ have a pension plan:

  • 41% have less than £50,000 in their pensions.
  • Only 9% have between £50,000 to £100,000 saved.
  • 13% have more than £100,000.
  • 37% either couldn’t recall their savings or preferred not to tell us.

Interestingly, 48% of respondents who have a pension plan and who are working or retired, feel confident about saving enough for retirement which could be misplaced confidence, as the figures contrast sharply with Standard Life’s analysis of the PLSA’s Retirement Living Standards[ii] on the amount of money needed for people to achieve a comfortable retirement.

According to Standard Life, to attain a minimum living standard, individuals should amass around £50,000, while a moderate retirement standard requires roughly £285,000. For a comfortable retirement, the goal is approximately £530,000.

Cost-of-living impacting retirement plans

YouGov also found that the escalating cost of living is already being felt.

Of those whose retirement plans have been affected by the increase in the cost of living, 39% said they now need to continue working for as long as possible, a quarter (26%) believe they won’t be able to afford to retire, and another 25 per cent had wanted to retire early but now find it financially out of reach.

One remedy for boosting retirement funds is to trace and recover misplaced pensions, a solution that many overlook, with 45% surveyed saying they wouldn’t know who to contact or where to start their search, while others cited a lack of time or complexity as barriers.

The unsung solution: Government’s Pension Tracing Service

Remarkably, 83% of respondents were unaware of the government’s pension tracing service, a resource designed to assist individuals in locating lost pensions.

However, when asked what they would do with if they found £9,500, they said:

  • 43% would put the money into a savings account.
  • 22% would use the money to fund a better retirement.
  • 20% would allocate the money towards paying their bills/ debt.
  • 14% would set it aside for later-life care.

Alan said: “The survey showed that when people do uncover a forgotten pot, most opt to save it. In tough times, it’s encouraging that people still want to put by what they can for later life because, as we’ve shown, most will not have enough for retirement.

We urge people to think back and use our simple checklist to see if they might have overlooked a pension. With approximately £27 billion waiting to be claimed, it is a concrete opportunity.”

National Pension Tracing Day

National Pension Tracing Day, is a cross-industry campaign created by Punter Southall, and is supported by Aegon, Aviva, Hargreaves Lansdown, Legal & General, Royal London, Scottish Widows, Smart Pension, Standard Life, and The People’s Pension. NPTD works in association with the Pension Attention campaign.

Case study – Ceri Hatton

How tracking down six lost pensions helped me to move house

After reading about the billions tied up in forgotten pensions, Ceri Hatton cast his mind back to the jobs he’d had since starting work at 17.

Now 61, he went back over his working life and was eventually reunited with six pensions he had overlooked after using the government’s pension tracing service.

He was able to cash them in and put £8,000 towards moving house.

Ceri, who lives in Bridgwater in Somerset, said he found four pensions while the further two were identified after pension companies got in touch.

He said: “I was considering slowing down for my retirement and read about unclaimed pensions and ended up finding four pensions and two found me! They were all for quite small amounts so I cashed them in and ended up with around £8,000.

“Whilst this amount wasn’t life changing it was still a welcome surprise to receive cash I hadn’t been expecting and it’s enabled me to move house. It’s also made me realise just how important it is to keep track of these things and every week I now keep an eye on my other pensions and how they are performing.

“I found the whole experience very easy. Pension companies want you to have your money and I felt the whole journey was very positive. Everyone involved was very helpful. I’d recommend that anyone, especially those nearing retirement age who have been working all their lives, to check if they have lost a pension.

“I had worked for several companies as well as being self-employed over the years and it’s so easy to forget what you have and for that money just to disappear. I plan to retire in a few years and this little bit extra has given my finances a little extra boost.”

 

[i] [ii] https://www.pensionspolicyinstitute.org.uk/sponsor-research/research-reports/2022/2022-10-27-briefing-note-134-lost-pensions-2022-what-s-the-scale-and-impact/

[ii] https://www.standardlife.co.uk/about/press-releases/plsa-retirement-living-standards#:~:text=Assuming%20a%20full%20state%20pension%20is%20received%2C%20a%20retiree%20would,pot%20of%20around%20%C2%A3530%2C000.

 

 

All figures, unless otherwise stated, are from YouGov Plc.  Total sample size was 2066 adults. Fieldwork was undertaken between 15th – 18th September 2023.  The survey was carried out online. The figures have been weighted and are representative of all GB adults (aged 18+).

Awards, Manufacturing, Mid Wales, News, Newtown, Technology

Welshpool manufacturer recognised for technology and innovation

A company that makes lightweight aluminium components for the automotive industry was recognised at the Powys Business Awards for its innovation and use of technology.

CastAlum Limited, which has been based in Welshpool since 1999 and has 150 employees, won the Technology and Innovation Award, sponsored by CellPath, at the annual awards ceremony held at The Hafren, Newtown on Friday, October 20.

Organised by Mid Wales Manufacturing Group (MWMG) with support from sponsors, the coveted annual awards, which began in 2009, are open to companies, organisations, social enterprises and charities.

Castalum is a high pressure aluminium die casting and machining centre that produces complex components for almost all makes of cars.

The company became the first in the UK to start making dies from printed forms instead of steel which improved productivity, quality and enhanced the ability to produce increasingly difficult components.

CastAlum has introduced a second printer in its new additive manufacturing suite now that printed inserts are included in every die it uses.

The progressive company also uses Microsoft SharePoint technology to train and develop employees. Using a database of work instructions as its base, CastAlum has developed a purpose-built app to track what training has been completed and what is still required for each employee.

“This is only the beginning of a journey to modernising training and every day we are thinking of new uses for the technology,” said Greg Howe, CastAlum’s training manager.

“We also invest heavily in our apprenticeship programme – many of our employees started as an apprentice. We find as people grow with the business, they gain experience that we just will not find elsewhere.”

Receiving the award, CastAlum’s managing director Karl Meredith: “This is a sign that the pioneering work we are doing at Cast Alum is worthy of recognition.

Also, I can’t emphasise enough how important apprenticeships are to teach skills which Rhys Jones, our additive manufacturing engineer and apprentice mentor, has proven.”

Powys Business Awards judges said: “CastAlum have succeeded in truly embedding innovation into their business. Innovative use of new and existing technologies has clearly been championed within the business and encouraged with resource allocation.”

“At CastAlum, technology adoption is endorsed by the leadership team and embraced as a tool to train the next generation of staff.”

The award runners up were P.M Training and Assessing Ltd, Crickhowell and Arcticfox Adaptive Ltd, Montgomery.

Picture caption:

CastAlum’s managing director Karl Meredith and additive manufacturing engineer and apprentice mentor Rhys Jones receive the Technology and Innovation Award from Tim Davies from CellPath, sponsor.