12th April - Titanic - All calm
Gary Hibberd FCIIS
I simplify ISO27001 & Information Security for SMEs, helping them practice good 'Cyber Hygiene' ??
Thursday, 12th April 1912
After leaving Queenstown, the Titanic set sail for her final destination, immortality.
The expectation by the crew was that she was due to arrive in New York, USA, on the 17th of April, and everyone was prepared for an uneventful and pleasant trip.
Prepared for the best
This part of the journey was indeed uneventful. Titanic set sail from Queenstown into calm waters and began her journey without incident or event. Remembering that the Titanic was seen as 'practically unsinkable', her crew catered for the wealthy passengers' every need - but not their ultimate safety.
At the time there was no requirement to train the crew on the use of the lifeboats, even though the davits they were attached to were new and untested. I have already stated that there was a lack of lifeboats on board, a number which had previously been reduced from 64, to 32 and then finally 20. But training the crew, and disturbing the guests was seen as unnecessary.
In addition, the new Marconi radio was in full operation, but the primary function and purpose of the radio wasn't to receive warning and safety messages. It was there for the use of the wealthy passengers, on their way to New York. Any messages received about issues or problems would 'eventually' reach the deck of the Titanic, but there was no clear process or imperative.
The Lesson
When things are going well, and all is calm, we can have a tendency to ignore what's on the horizon or beyond it. But it's better to prepare for the worst and hope for the best.
Once again this brings us back to Risk Management and our consideration of the possible issues we might come across in our day-to-day activities. Once the risks are known we can put in place compensating controls, either technical or operational, to reduce the likelihood or impact of a risk crystalising.
领英推è
Having a process in place, and training people on how to use critical systems is vitally important. Otherwise, why have the controls at all?
On the Titanic, there were lifeboats that no one knew how to use. There were radio operators who had no clear process for reporting issues or concerns.
But what about YOUR business?
- Do you have 'lifeboats' that no one knows how to use? Are you training your crew on the use of firewalls? malware protection? network monitoring tools?
- Do you have clear processes for reporting of issues and incidents?
- Do your lookouts know what to scan the horizon for, and do they have the right equipment?
When everything is calm, it is the perfect time to look at your processes and see what improvements can be made. Don't wait for the storm to arrive before buying an umbrella. Or to put it another way...
Remember - It wasn't raining when Noah built the Ark!
Want to know more?
You can read more here
Information Security professional with crossover skills and experience in Business Continuity & Resilience and Data Protection/GDPR
2 å¹´Should be focusing on the words but I was wondering where you got the picture from?