Phishing for Trouble from IO (ISMS.online)

You’re compliant, are you resilient?

38 min · 11 de jun de 2026
Portada del episodio You’re compliant, are you resilient?

Descripción

What happens when a cyber attack doesn’t just disrupt your business, but stops it completely? In this episode of Phishing for Trouble, IO’s Rebecca Harper and David Holloway explore why resilience has become a defining business challenge fororganisations of every size. Using the Jaguar Land Rover cyber attack as a case study, alongside insights from cybersecurity expert Pierre Noel and Professor Ciaran Martin, founding CEO of the UK National Cyber Security Centre, they unpack the growing gap between compliance and genuine operational resilience. Hear why businesses are moving from prevention to preparedness, why supply chain resilience matters now more than ever, and why the organisations best placed to survive disruption are the ones building resilience into every part of their operations. Find out more at ISMS.online [https://www.isms.online/]

Comentarios

0

Sé la primera persona en comentar

¡Regístrate ahora y únete a la comunidad de Phishing for Trouble from IO (ISMS.online)!

Empezar

2 meses por 1 €

Después 4,99 € / mes · Cancela cuando quieras.

  • Podcasts exclusivos
  • 20 horas de audiolibros / mes
  • Podcast gratuitos

Todos los episodios

20 episodios

Portada del episodio What the Regulators Want

What the Regulators Want

Today, regulators don’t just want compliance, they want accountability and resilience. In this episode of Phishing for Trouble, IO [https://www.isms.online/]’s Rebecca Harper and David Holloway explore how the shift of expectations isn’t just about speed, it’s about demonstrable, baked-in compliance. Regulators are no longer passive; they’re proactive, prescriptive, and punitive. They’re joined by Paul Vane [https://jerseyoic.org/team/paul-vane-0], the Information Commissioner for the Jersey Office of the Information Commissioner, a man who has worked in privacy and data protection for over two decades and uniquely equipped to clarify how the relationship between company and regulator should work, and why sometimes it doesn’t. Hear what you should be planning for, months or years before a breach, how the mindset for crisis readiness needs to be a continuous process rather than a periodic exercise, and how themember of staff best equipped to cope, should the worst happen, often isn’t from the senior leadership team.   The ultimate ambition is to shift the culture from “responded well” to “being able to see it coming”. It’s no longer enough to simply recover in a crisis, the expectations are now to think about future risks and show some evidence of how you mitigated those dangers ahead of time. Find out more at ISMS.online [https://www.isms.online/]

Ayer19 min
Portada del episodio The Cost of Doing Nothing

The Cost of Doing Nothing

What does a cyber incident really cost a business? In this episode of Phishing for Trouble, IO [https://www.isms.online/]’s Rebecca Harper and David Holloway explore the hidden commercial impact of weak security, poor compliance and delayed investment in resilience. They’re joined by Alan Hughes, Chief Operations Officer at Savenet Solutions, who has worked with organisations before, during and after major cyber incidents witnessing the long-term fallout that often never makes the headlines. Hear why the real damage doesn’t stop with the breach itself, from lost contracts and stalled growth to reputational harm thatcan take years to recover from. The episode explores why smaller businesses are increasingly being targeted, how supply chain requirements are reshapingcustomer expectations and why doing nothing can quickly become the most expensive decision a company makes. From ransomware attacks and failed security questionnaires to business continuity, tested backups and recovery planning, this episode looks at what separates the organisations that recover quickly from the ones left trying to rebuild. Find out more at ISMS.online [https://www.isms.online/]

25 de jun de 202622 min
Portada del episodio Scaling Securely: What High-Growth Firms Get Right

Scaling Securely: What High-Growth Firms Get Right

What happens when your business grows faster than its foundations can handle? In this episode of Phishing for Trouble, IO [https://www.isms.online/]’s Rebecca Harper and David Holloway explore why the companies that scale successfully aren’t necessarily the ones that achieve compliance fastest. They’re the ones that build security, privacy and governance into the way they operate from the very beginning. They’re joined by cyber leader Purvi Kay, whose experience spans government, aerospace and FTSE 100 boardrooms and Andy Ellis [https://origin.csoandy.com/bio/] cybersecurity advisor, former Chief Security Officer at Akamai and author of 1% Leadership. Hear why “security debt” can quietly build as startups race to grow, why compliance should be treated as a product featureand how resilience becomes a competitive advantage as organisations scale. From secure-by-design principles and embedded security teams to risk appetite, customer trust and leadership accountability, this episode explores what high-growth firms get right and why resilience is about far more than passing an audit. Find out more at ISMS.online [https://www.isms.online/]

18 de jun de 202621 min
Portada del episodio You’re compliant, are you resilient?

You’re compliant, are you resilient?

What happens when a cyber attack doesn’t just disrupt your business, but stops it completely? In this episode of Phishing for Trouble, IO’s Rebecca Harper and David Holloway explore why resilience has become a defining business challenge fororganisations of every size. Using the Jaguar Land Rover cyber attack as a case study, alongside insights from cybersecurity expert Pierre Noel and Professor Ciaran Martin, founding CEO of the UK National Cyber Security Centre, they unpack the growing gap between compliance and genuine operational resilience. Hear why businesses are moving from prevention to preparedness, why supply chain resilience matters now more than ever, and why the organisations best placed to survive disruption are the ones building resilience into every part of their operations. Find out more at ISMS.online [https://www.isms.online/]

11 de jun de 202638 min
Portada del episodio Boardroom to Breakroom: Building a Culture of Compliance

Boardroom to Breakroom: Building a Culture of Compliance

Why do organisations still struggle to turn security policy into real-world behaviour?  In this episode of Phishing for Trouble, IO [https://www.isms.online/]’s Rebecca Harper and David Holloway explore how regulations like NIS2 place direct accountability on senior leaders whilst, in many organisations, compliance still lives on paper and not in practice. They’re joined by Professor Steven Furnell [https://www.nottingham.ac.uk/computerscience/people/steven.furnell], Professor of Cyber Security at the University of Nottingham, an expert in the intersection of human, technological and organisationalaspects of cyber security and full of good advice on turning policy into real action.  Hear how having a policy isn’t the same as people understanding how it applies directly to them and their job,the importance of moving away from ‘tick box’ compliance and how, wrongly handled, security training and tests can feel punitive, rather than supportive.  Because if staff are using unapproved processes or shadow I.T. and A.I, it might actually be a clue to what resources the business is lacking and a cue to ask the questions that fillthe gaps compliantly. Find out more at ISMS.online [https://www.isms.online/]

4 de jun de 202626 min