10a. Integrity

Just FIY The Unit 4 - Section 3 workbook lists Intensity, Rigour, and Discipline.

I'll talk about integrity, rigour and discipline in the relation to the post mortem from the previous question.

Integrity can be seen in numerous examples throughout the BL's post mortem.

British library was completely open about the extent of the breach. They documented and presented what happened, how it happened, and where their security measures fell short. Honesty of this kind is crucial. Not just for the internal cyber team as a learning point, but for maintaining trust with users, staff and stakeholders.

Another reason integrity is so important, is that it allows for accurate and constructive assessment of failures. The BL was very open about their shortcomings such as lack of multi-factor authentication on some of their systems, and how this contributed to the severity of the attack. Publicly owning up to a mistake isn't easy but it's definitely the right thing to do. side note: It's a learning point for the good actors, but for the bad actors too :(

Integrity is about being honest, ethical, and consistent in the organisation's action, values and principles. It's about sticking to the facts even when us, the general public, would have no idea if the data they present in the post-mortem are factual.