Your address will show here +12 34 56 78
Figures revealed by the Financial Conduct Authority’s head of technology, resilience and cyber, Robin Jones, in a speech on 25 January 2018, show that a total of 69 material cyber incidents were declared to the FCA in 2017 – an increase from 38 in 2016 and 24 in 2015. That’s a rise of more than 80% last year alone!

Those numbers may seem insignificant when viewed in the context of ONS statistics that suggest there are about 1.9m incidents of cyber-related fraud each year. And, that the National Cyber Security Centre recorded over 1,100 reported attacks last year. That is until you take into account the requirement to report material cyber incidents to the FCA imposed on regulated financial services.

In these cases ‘material’ means attacks that lead to a significant loss of data, or the availability or control of IT systems; that affect a large number of customers; or result in unauthorised access to, or malicious software present on, the company’s information and communications systems. So, if cyber-attacks are a big deal in the tightly regulated area of financial services – a sector that you might expect to be exceptionally resilient – then how much of a problem are they for SMEs, trade associations, charities, and institutions?

Considering the rewards for cybercrime surpass most other forms of criminal activity. It is low risk, high reward, and it is relatively easy and cheap to be a cybercriminal. And technology is so integrated into our lives that 93% of business is conducted online. Then the problem is probably bigger than we imagine!

In fact the National Cyber Security Centre sees it is a tier one threat, next to terrorism. With sixty-six percent of small businesses having been the victims of cyber-attack or phishing campaigns last year, costing each one an average of £3000, according to some estimates. So, that puts most of us in the frame for a potential attack. But have we anything of value worth stealing?

What could happen? Email inaccessible. Other systems failures, including payroll, accounting, and ordering. Account information lost. Money and goods stolen. Data lost or compromised. Strategic plans and trade secrets stolen. The list goes on!

But what of the impact? Apart from the operational impact, lost earnings, inability to support customers and suppliers, and the need to repair systems? Ransom demands and extortion can lead to the loss of money and goods that are vital to your ability to continue trading. With the potential knock-on effect of lost competitive advantage, and damage to brand image. Plus, with the advent of more stringent GDPR requirements, the potential for regulatory penalties and fines!

So what are the threats to my business, what are my vulnerabilities, and are there any counter measures I can put in place? Phishing attacks, that involve emails claiming to be from reputable companies, try and trick staff into revealing personal or company information, such as passwords and credit card numbers, are some of the most common, and are best detected by training and vigilance.

Ransomware – software designed to block access to a computer system until a sum of money is paid – and malware, specifically designed to disrupt, damage, or gain authorized access to a computer system (which can sit on your system for up to 230 days before activation), along with a distributed denial of service, are the most common threats. Regularly updating anti-virus software and completing patching regimes are the first line of defence. But, outdated operating systems like Windows XP are particularly vulnerable because they are not supported or updated and are therefore liable to attack.

More practical measures to combat insider threats involve awareness training. Disabling USBs and other unnecessary hardware, separating user accounts, removing software, and implementing administration rights, can all be effective in overcoming insider threats and mistakes. Above all, switch on your human firewall and develop a cautious secure mind-set.

But what if I need extra help? That generally comes in two forms. The first line of defence are the expert services of a specialist IT support company that will assess your systems, recommend and install defensive barriers, and devise pro-active company security protocols. They may also test the vulnerability of your system periodically using simulated attacks; suggest and monitor staff training programmes; and use heuristic filters to protect against as yet unknown threats.

The second line of defence – cyber insurance – may seem like shutting the stable door after the horse has bolted. Far from it. Although insurance is no substitute for vigilance it can offer a valuable safety net if the worst happens. From a single point of contact through to restoration and recover services, practical help from insurers will also include legal assistance and forensic services (from specialists like Xenace). And, not forgetting that your finances and reputation will suffer – public relations cover!

But, before we leave the subject of finances, what does insurance cover? Losses could involve simple theft of funds, but might also result from hackers accessing data and demanding a ransom to release it, and income lost when viruses paralyse systems. But the knock on effect could also extend to fines and penalties incurred through data protection non-compliance, legal action by customers following accidental loss of data, and interruptions caused by the paralysis of third party providers.

At first glance Cyber-crime might appear to be a nuisance, and a distraction, from the daily routine of running a membership body. But it can quickly spiral out of control, causing untold damage, not only to finances, but also to brand image, reputation, and member confidence. So prevention in the form of technical expertise is most definitely best. But if you need a cure then insurance is there to help. Or better still, why not belt and braces?


[md_text md_text_title_line_height=”14″ md_text_title_separator=”no” md_text_title_google_fonts=”font_family:Roboto%3Aregular%2C100%2C100italic%2C300%2C300italic%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic|font_style:400%20regular%3A400%3Anormal” md_text_title1=”pixflow_base64PHA+PHN0cm9uZz5NaWNoYWVsIEZlZW5hbiwgRXhlY3V0aXZlIERpcmVjdG9yLCBNZW5zYSBJbnRlcm5hdGlvbmFsIGNvbmZyb250ZWQgSW5zdGl0dXRlIG9mIEFzc29jaWF0aW9uIE1hbmFnZW1lbnQgbWVtYmVycyB3aXRoIHRoZSBjaGFsbGVuZ2VzIGZhY2luZyBhbiBpbnRlcm5hdGlvbmFsIGFzc29jaWF0aW9uIGF0IE5vdmVtYmVyJnJzcXVvO3MgQ0VPIEZvcnVtIGhvc3RlZCBieSBDSVBBcyBMZWUgRGF2aWVzLjwvc3Ryb25nPjwvcD4=” md_text_title_description=”” md_text_title_description2=”” md_text_desc_google_fonts=”font_family:Roboto%3Aregular%2C100%2C100italic%2C300%2C300italic%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic|font_style:400%20regular%3A400%3Anormal” md_title_bottom_space_description=””][/md_text]

Membership bodies of nearly every stripe find themselves wrestling with the idea of internationalisation at some point in their development, but what are the pitfalls?
keep reading


  There used to be a tradition around this time of year where broadsheet newspapers would ask politicians what books they were taking on holiday as their summer reading. Some went for populist options to show they were ‘in touch’ with the electorate. Others chose heavyweight tomes by Proust, Ayn Rand, Thomas Piketty, or similar, to flaunt either their intellectual or ideological inclinations! Frankly, I doubt that any of their selections got read. Both Piketty’s ‘Capital in the Twenty-First Century’ at 696 pages, and Rand’s ‘Atlas Shrugged’ at over 1100 pages are frankly too heavy to be supported whilst lying prone in a deck chair. And Proust’s ‘À la Recherche du Temps Perdu’ at over 3,000 pages would give you a pretty hefty blow to the head if you fell asleep whilst holding it aloft! However, I’ve found a book that all politicians should put on their summer reading list. Its light, at just 300 pages including notes. It’s a paperback, so shouldn’t cause injury. And its message doesn’t require any interpretation. First published in 2015, The Joy of Tax by Richard Murphy, isn’t on any best seller lists any more, nor is it bang up to date. However, I reckon it should be required reading for politicians of either stripe. Not that they will of course, because dogma does not permit such forays into joined-up thinking.  But, even if you don’t subscribe to the author’s ultimate prescription for the ideal tax system, this little book is the perfect primer for the understanding of tax. Not only does Murphy remind us of the history of taxation and what exactly tax is, but swiftly deals with the naysayers who seek to undermine it for their own purposes. He also demolishes some of the canards that have become the backbone of much debate around the subject.
Laissez-fair capitalists my rend their clothes and tear out their hair at the notion, but tax can also have a social purpose. Murphy reminds us of the pillars on which an equitable tax system should be built and the fundamental ideas that can help fashion it. A ‘must read’ for ALL aspiring politicians!
Murphy was appointed Professor of Practice in International Political Economy in the Department of International Politics at City University London in 2015, as a part-time appointment involving research and teaching. Previously he had been a visiting fellow at University of Portsmouth Business School, the Centre for Global Political Economy at the University of Sussex, and at the Tax Research Institute at the University of Nottingham. He was the founder of, and remains on the Board of Directors of, the Fair Tax Mark. ISBN 978-0-552-17161-8

At the back end of July Hart Square held a seminar entitled ‘Get Personal or Get Ignored’, featuring contributions from Rachel Weber of dotmailer and Steve Smith of City & Guilds. Here’s my verdict:  Allen Reid Plumbing the depths of his experience Allen Reid, director of client projects at Hart Square, the niche not-for-profit tech consultancy, ruminated in July on the lack of insight that most NFPs have into their customers and members’ personal preferences. Typically Sarah, Allen’s archetypal customer, is not interested in your work silos. She has her own, and she’s not going to waste time on yours. In fact she only opens one in fifteen emails, unless they happen to be from a colleague. Nevertheless, in most associations a ‘spray and pray’ methodology is still employed: scattering a plethora of messages over Sarah, most of which are irrelevant to her.    Even as far back as the turn of the 20th century, when nearly all advertising was via printed media, this was recognised as an inefficient way of promoting a message. However, in those days there was little other choice. Even John Wannamaker, one of the pioneers of American department store retailing, is quoted in 1917 as saying, “I know half of advertising is wasted, we just don’t know which half”. And, according to Allen at least, little had improved as the century neared its end, and he began his career as an analyst. His experience, and that of Hart Square, proved that the keys to personalised messaging are data, systems integration, and staff empowered to make use of that data. However, in most organisations, there is no point staff having ‘good ideas’ because current systems are too clunky to make pursuing them worthwhile. Very few associations can deny holding their data on multiple spreadsheets. Partly because ‘knowledge is power’, and those wielding that power fear that losing it will undermine their role in the organisation. However Allen – whose motto is “if it moves, track it” – contends that automated interactions should free up staff to do things that only humans can do. And frankly associations have got to re-think their role in an era when they are no longer information ‘gate-keepers’. Rachel Weber Linking the two presentations Rachel Weber, senior account manager at dotMailer, highlighted the benefits and technical improvements that could be achieved by installing a system such as theirs. Allied to all important timing, organisations could move to email personalised with mail-merge by name, branch, and areas of interest. Personal preferences can also be recorded, giving an advantage to sales teams tasked with sustaining client relationships. Internally the practical advantages to the association are: simple and quick data transfer and synching; easy email set-up; unique customer view with data held in one place; and automated actions.Overall, Rachel’s advice to not-for-profits is to get trained, clean up existing data, implement developments in stages, and test everything as you go along. A discipline underscored by the final speaker. Steve Smith City & Guilds are a global leader in skills development, providing services to training providers, employers, and trainees across a variety of sectors.  Today’s workplace demands training, and two million learners are working towards one of their qualifications, developing their talents and abilities in the hope of career progression. Whilst vocational qualifications, technical qualifications and apprenticeships are valued by employers world-wide. So the task of integrating and personalising data and communications was no mean achievement. The journey started in 2012 with no targeted audiences and over a four to five month tender period built into a brand refresh and the construction of templates. The original concept was a three-year strategy, bringing in other departments over time. Rapid progress followed, and by 2014 they were looking at customer preferences and interests at a granular level. In 2015 it was decided to bring in the sales department, and the old system of disseminated Excel spreadsheets was abandoned.  Hart Square held their hands throughout the process, asking relevant questions and helping define objectives, like what data was needed, how to capture it, and how and what to measure. In 2017 the system went live with the global sales team using Microsoft Dynamics! But did integrating their ESP with CRM have the desired effect? The answer is yes, with deliverability up two percent, opens up forty-one percent, and clicks up by a staggering two hundred and twenty-five percent. They also have forty-one percent new contacts! The future holds the prospect of further integrations, possibly including Hootsuite, Sitecore, Eventbright, and SAP. But what are Steve’s top tips for success? First, gain executive sponsorship and governance for your plans, including a Board level steering group, and have clear objectives from the outset. In their case they decided to think big, start small, then scale-up quickly. Next, always involve users from the outset, and plan for infrastructure to support the growing needs of the business. And lastly, use an external partner for scale, and don’t ever under-estimate the support you’ll need after going live! Steve’s last tip – and my verdict? Don’t let the IT department lead the process!!!   Michael Hoare  

Associations, Uncategorized
The phrase “Mind the Gap” was coined in about 1968 as an automated announcement, after it became impractical for drivers and station attendants to warn passengers verbally on London Underground. Now, minding the gap between customer expectations and our digital performance may not be as devastating as tumbling between a tube train and the platform, but it will have consequences never-the-less.And so it was that Allen Reid, director of client projects, and Simon Pardy, a business consultant at Hart Square gave their early-rising NetXtra Breakfast Club audience a two-handed rendition of the pitfalls. Helping, along the way, to identify approaches to adopting contemporary technology. But first, over to Sarah, the cause of all this angst. Sarah is the average member, and doesn’t care about your departments. She isn’t interested in your data silos, and doesn’t much care about her membership body. She doesn’t like admin; won’t just go to the website; and does NOT want to call you. You, on the other hand, want to talk to her! But she’s busy, and you’re bombarding her with impersonal email messages, texts, and Tweets – particularly when they’re mostly irrelevant to her – simply doesn’t cut it. In-fact they might drive a wedge between you. And pretending to be personal is even worse, as it exposes your lack of authenticity.Sarah has loads of choice, has apps coming out of her ears, and in these economically straightened times may choose not to invest in a membership body that views her simply as a statistic. So why not take a leaf out of the Mumsnet book, or even Coeliac UK, with its scrapbooks, recipes, restaurants, and advice on diagnosis? To succeed, you need to understand your members’ needs and what’s driving them to you. How can you satisfy those needs? Great – maybe crowd sourced – content is good; self-service (for booking, buying, and profile updates) is a must; and, most of all, community. People talking on your site, exchanging news, jobs, and events, add to that feeling of highly personalised communications according Allen and Simon.Next, in a break from tradition, Scott Cole of NetXtra interviewed Rob Ilsley of The Dispute Service (TDS) to extract some important nuggets from their decision to go for CRM. As a government regulated scheme provider that protects over £1 billion in tenant deposits TDS membership is something of a grudge purchase. But with their current systems having grown organically over a number of years, minor tweaks to any process would result in unforeseen chaos further down the line. It was time to act, sweeping away processes that weren’t user friendly and replacing them with a high degree of self service. But only after analysis of the tenant’s role as a customer. The result has been efficiency, cost savings, and a reduction in disputes.Pay per click advertising (PPC), search engine optimisation (SEO), and conversion rate optimisation (CRO) are Tom Bowden’s game at Footprint Digital, and he had everyone on their feet to demonstrate the fact. Measure it – test it, is their mantra, and Tom demonstrated it. Although we may make assumptions about what looks great and is likely to engage our audience, with the benefit of A/B testing partnered with SEO/analytics reporting, we can actually put definable data behind decision making.
So, what did others think? I asked fellow delegate, Dan Nimmo, Communications Manager at the Institute of Biomedical Science, and he told me that, “Having only started as the communications manager at the Institute of Biomedical Science in January, and with no prior experience in membership organisations, the Breakfast Clubs have provided me with a wealth of information and ideas of how to make improvements in our organisation. As well as the steps to overcome some of the problems I have had and can foresee in the future. The June presentations were the second Breakfast Club that I have attended this year and I was pleased that on both occasions the content has been relevant to my role. I also enjoy the relaxed atmosphere of the presentations and meeting fellow communications professionals. The added bonus of a fresh cup of coffee and a bacon roll on arrival are also a much appreciated welcome to the day ahead.”
  1. Any stand-out moments?
“Yes, learning about some of the challenges other organisations have overcome and the different ways that they have done this is helpful when I come to plan our communication and engagement strategies. As I am currently looking at ways to improve the user experience of our digital membership platform, I found the ‘Mind the digital gap’ presentation especially rewarding. The idea of personalising the membership area for each member is something that I am going to look into further and the Coeliac example used was very appealing.”
  1. And did the round-table and interview sessions add to your enjoyment?
“I really enjoyed discussing some of the issues in the round table discussion. As someone that is new to my role, I discussed some of the issues that I have faced with the new ideas I am bringing to the role and changes I am beginning to implement. So it was really helpful to hear from other comms staff at my table, who discussed the problems that they have had to overcome in their organisations.”
  1. What will you be able to apply most immediately to your current role?
 “The last presentation on ‘Mind the SEO gap’ was informative and good fun. Although being one of only 3 in the room to pick the first correct answer was a source of pride, although I soon found my short-lived quiz success was over by the next question. The style of the presentation proved a great way to drive home the idea that A/B testing along with SEO/analytics can enable us to make better decisions in our marketing. Something that will come in especially handy to all membership communications teams as we all look to improve on our engagement and better ways to measure it. It also comes at a time when I have been investigating A/B testing to increase our level of open and click through rates in our digital communications to our members.”
  1. See you next time?
“The NetXtra Breakfast Clubs have given me a really useful insight into the membership sector. I am able to take away lots of new ideas for member engagement and it also allows me to network with fellow comms professionals. I look forward to the next event in September!”.
Written by Michael Hoare