Author: Garry Hibberd

Date: 23rd December 2020


No matter if you are a client or not, this is an open letter to you all.

As the year draws to a close, and we all begin to think about closing our offices and companies for the festive season, I’d like to take this time to reflect with you, on what has been a historic year. But before this, I’d just like to thank all our clients for their commitment to Cybersecurity and Data Protection. I’d also like to thank you for reading our blogs and for the continued support of me, and Cyberfort!

Finally, thank you to all our team at Cyberfort Group. A team who are committed to helping protecting clients, and the wider society from cybercrime and data breaches.

With that said… Let’s take a look back at 2020 together.


2020 Vision

At the end of 2019, I wrote a blog about having ‘2020 Vision’, the ability to see clearly. Of course, none of us could have foreseen the impact that COVID19 has had. Even though a pandemic was overdue, and there were signs of it in late 2019, the impact and ongoing disruption was new for us all.

There is little doubt that we are living through an historic period of time, and one which our children and grandchildren will learn about at school and we will be asked about in years to come. 

It will come as no surprise that the last 9 months have been incredibly difficult for many sectors, as they struggled to cope with restrictions, lock downs and disruptions. Every sector, industry, company, family and individual has lessons to learn, and therefore things we need to improve if we are to be more resilient to the future.

So, what have we learnt and what does the future hold for us?


What COVID19 taught us

In the last 9 months we learnt;

  • Being a school teacher is hard work!
  • Keeping to a sensible training and diet plan is hard too!
  • We are not as resilient to change as we thought

Now, the first two of these I can fully empathise with (I now regret telling my Maths teacher I would never need to explain HOW I came up with the answer!), but the third is a difficult one for me. Not least because I have been working in the Business Continuity and Risk sector for countless years, and still hear entrepreneurs and business owners say that they don’t need a plan, because they will “cross that bridge when they come to it!” They hadn’t considered disruption to their supply chain.

They hadn’t considered school closures, and the impact on their employees. They hadn’t considered long term absence of key staff members.

When I began talking about Avian Flu in 1997, I also began talking about the “ostrich effect”. People putting their heads in the sand, ignoring the importance of preparing for large scale events is the pandemic that we’ve been living with since then.

Of course, all of us have been impacted by the pandemic in ways that we could never fully anticipate. But in truth, I have seen some who had fully embraced Business Continuity and Organisational Resilience, not just survive but thrive in this current situation.

We have learned over the last 9mths that although people are incredibly resilient, and some have plans and processes in place, the importance of good, clear, and concise communication has never been more apparent. This is at a government, local, business and individual level. 


The Lessons;

  • Communicate often.
  • Communicate honestly.
  • Communicate with empathy

But as companies scrambled to create and implement contingency plans, cybercriminals began to circle around those who didn’t have a fully developed plan or security framework in place. Like sharks who sense blood in the water, cybercriminals began to capitalise on the weak and ill-prepared.

If you thought you were quick and clever to’ pivot’ when faced with this challenge, then you should pause for a moment to consider just how entrepreneurial Cybercriminals are. They launched COVID19 related scams, phishing campaigns, and malware within days of a global pandemic announcement.  A rise in phishing attacks and Cybercrime (specifically related to COVID19) of over 650% was seen in the first 3 months of the pandemic.

What many people fail to remember is that Cybercrime is a sector in its own right. It’s full of entrepreneurs who are continually looking for ways to expand their reach and ‘clients’.  They don’t have rules, health and safety, or compliance to worry about; But they are fully aware that we do.


The Lesson;

  • Cybercrime is enjoying a boom period.
  • Train your staff on what to look out for.
  • Develop a strategy for Cybersecurity for 2021


What next?

If you haven’t already, now is the time to begin to plan for 2021. Brexit is on the horizon, and I can only hope that all those business coaches out there, and business strategies are advising their clients on what to do next (My prediction; There will be an influx of ‘Brexit Experts’ on LinkedIn!). As the government ad states; change is coming, and you need to be prepared.

What also comes next is yet more communication. I would suggest you can’t over-communicate, but you do need a strategy. Think carefully about who you’re communicating with, and develop an appropriate approach for each.  If there is anything we have learnt over the last 9mths, it is that people are our greatest asset. People are our clients, our employees and our suppliers.

Communicating with empathy and compassion has never been more important. Although I’m not a Comms expert, I understand the psychological impact a major crisis and prolonged event can have on people. For example, business leaders put their own (business) interests ahead of their teams, but I am quick to remind them of Maslow Hierarchy of Needs, and that during a crisis, they (business) will be pretty low on the list of priorities. 

Communicating with suppliers is important too, as they may have issues with supplies due to Brexit or COVID19. What is happening to them? How are they coping? Do you need to put in additional security measures due to changes in data protection rules?


The future is here

No one can say for sure what 2021 will bring us, but we know that Brexit is not going away; It will be hard or soft, but it’s happening. What will the impact be on you? COVID19 will continue to be disruptive, it will likely get tougher, before it gets easier. But that doesn’t mean we can ignore it. Yes, it’s difficult to plan for, but make a plan, and review it monthly or even more frequently than this.

Finally, communicate. You might have noticed a theme in this blog, and it’s not all Cybercrime related.  Communication and education are the two things that will reduce the impact on your business from Cybercrime, COVID19 and Brexit.  A wise man once told me “Knowledge without doing, is to not know at all.”

There is no doubt we are going through tough times, and I can only hope that things get easier. But hope is not good enough. Hope is being able to see that there is light despite all of the darkness, but I think it’s a mistake to ever look for hope outside of one’s self. Therefore, we need to prepare and be prepared for whatever 2021 brings us.

It won’t be easy. But it will be worth it.

Other resources

Case studies

Our cyber consulting team works with clients from public sector bodies and global businesses to SMEs and start-ups. Read our success stories here. Learn more >


See what our team have been discussing around current issues in regulation and data security, and recommended processes and policies that will benefit your business. Learn more >


In our collection of whitepapers, Cyberfort’s cyber consulting experts explore issues from cyber threat intelligence to incident planning and data security. Read our whitepapers to help make informed decisions for the benefit of your business.Learn more >