I don’t like it when things go wrong so when I recently I experienced a very annoying and disruptive event it has resulted in me changing the way I go about things. My work involves me travelling to and from London on a frequent basis, something I have got very used to over the past 13 years. We all like our little routines and become creatures of habit once we settle on what works for us.

So, when some little [expletive removed] decided to steal my luggage from the train I was pretty annoyed to say the least. How dare they steal my dirty laundry and used gym kit! They got lucky on this occasion because my laptop was also in the case they got away with.

Why me? Why this day? Was I targeted? Did I make it easy for them? Did I set myself up for failure?

In 13 years of routine travel I have never experienced such an event nor even heard of anything similar happening to my colleagues. For sure I have heard the public announcements and seen posters highlighting the fact that thieves operate on the transport network but I thought I was doing things correctly to contain the risk. I was wrong. And when your luck runs out, bad things can happen.

Without realising it I had provided a moment of opportunity for the toe rag to exploit and they took their chance.

The lesson therefore is, just because something has worked OK for a long time, nothing bad has befallen you and no risks have been realised, it doesn’t mean that you are safe or immune.

Think of your organisation. There’s probably a ton of things that go on each day that ‘have always been done that way and never resulted in us experiencing any problems’. Maybe your organisation has excellent, robust processes or maybe it has been lucky! Maybe the bad guys have not got round to your organisation yet. Maybe they are waiting for the opportunity to strike.

The point is, don’t become complacent. Your luck may run out. The bad guys are coming.

This is why we have to keep re-assessing our risks and the threats we face. Is what we are doing enough to prevent the unthinkable from happening? Although our procedures and practices may have been good when they were first introduced, have we checked they are still effective nowadays?

In the Financial Sector an oft cited phrase is ‘past performance is no guarantee of future results’ – how true could that be in this context?

The challenge therefore is to recognise that the threats we face may have changed – they may not be the same as a few years ago. A quick review of your email inbox will illustrate this for you in the tactics that criminals apply nowadays compared to even a few years ago. Your defensive arrangements may need to be updated and modified to keep pace with the threat.

In the meantime, look after your luggage, 13 years of hassle-free travel can come to an end very abruptly. The stress and effort required to deal with the consequences is considerable – best avoided if possible!

On the upside, synchronised back-ups, the ability to remotely lock down devices, password protecting of files and folders and making sure the device was shutdown whilst in transit all helped to minimise the impact to me.

In summary, I had some good controls in place but there was a chink in my armour and that was enough for the risk to be realised. My controls have now been updated and extended. I am not allowing that kind of failure to occur again.

March 6, 2019 at 9:50 am
Return to All News
Category: Business Continuity, Controls, Risk Management
Tags: , ,