The ISO Show Blackmores UK

ISO 42001 was published in December of 2023, and is the first International Standard for Artificial Intelligence Management Systems.
It was introduced following growing calls for a common framework for organisations who develop or use AI, to help implement, maintain and improve AI management practices.
However, its benefits extends past simply establishing an effective AI Management System.
Join Steph Churchman, Communications Manager at Blackmores, on this episode as she discusses the top 10 reasons to adopt ISO 42001.
You’ll learn
·      What is ISO 42001?
·      What are the top 10 reasons to use ISO 42001?
·      What risks can ISO 42001 help to mitigate?
·      How can ISO 42001 benefit both users and developers of AI? 
 
Resources
·      Isologyhub
·      ISO 42001 training waitlist
 
In this episode, we talk about:
[00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo.
[02:30] What is ISO 42001?: Go back and listen to episode 166, where we discuss what ISO 42001 is, why it was introduced and how it can help businesses mitigate AI risks.  
[02:45] Episode summary: We take a look at the top 10 reasons why you should consider implementing ISO 42001.
[02:55] #1: ISO 42001 helps to demonstrate responsible use of AI.  – , ISO 42001 helps ensure fairness, non-discrimination, and respect for human rights in AI development and use.
Remember, AI can still be bias based on the fact that AI models are typically trained on existing data, so any existing bias will carry over into those AI models – an example of this is the existing lack of representation for minority groups.
We also need to take care in the use of AI over people, as staff being replaced by AI is a very real concern and should not be treated lightly. We’ve already seen a few cases where this has happened, especially across the tech support field where some companies mistakenly think that a chatbot can replace all human staff.
We also need to consider the ethics of AI content. It’s predicted that 90% of online content will be AI generated by 2026!
A lot of this generated content includes things like images, which poses a real concern over the values we’re translating to people. The content we consume shapes the way we think and if all we have is artificial, then what message is that conveying?
An example of this is Dove’s recent advert, which showed an example of AI generating images of very unobtainable ideals of a beautiful face. Which were predictably absolutely flawless, almost inhuman and something that can only be achieved through photo editing. If the internet was flooded with this sort of imagery, then that starts to become the expectation to live up to, which can be tremendously damaging to people’s self-esteem. They then went on to show actual unedited people, in all their varied and wonderful glory and stated that they will never use AI imagery in any of their future marketing or promotional material.
Which sends a very strong message – AI definitely has its place, but we need to fully consider the implications and consequences of it’s use and possible oversaturation.
[05:20] #2: Traceability, transparency and reliability - Information sourced via AI is not always correct – It collates information published online, and as many of us are aware, not everything on the internet is correct or accurate.
Data sets carelessly scrapped from online sources may also contain sensitive or unsavoury content. We’ve had cases where people have managed to ‘break’ Chat GPT, causing it to spew out nonsense answers which also contained sensitive information such as health data and personal phone numbers. While not usually accessible when requested, it does not stop the risk of this data being dug up through exploits. AI is like any other

Nearly 60% of businesses that are impacted by a cyber incident go out of business within the 6 months following.
With our heavy reliance on technology to keep both businesses and services running, it’s imperative that everyone take cyber risk seriously.
However, incidents will inevitably happen and it’s up to you to ensure that your business is prepared to ride out the wave, and hopefully make a full recovery!
We invited Jack Morris, Account Director at Epiq, back onto the show to discuss the consequences of not being prepared for a cyber incident and the key steps businesses should take in the event of an incident.
You’ll learn
·      Who are Epiq?
·      What does the current cyber incident landscape look like? 
·      What are the consequences if a business does not respond to a cyber incident effectively?
·      How can a business detect if they’re being attacked?
·      How should businesses respond in the event of a cyber incident?
·      What role does a legal team play in incident response?
 
Resources
·      Epiq
·      Isologyhub
 
In this episode, we talk about:
[00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo.
[02:05] Episode summary: Today Mel is joined by guest Jack Morris, Account Director at Epiq, to discuss how businesses should respond to a cyber incident.
[03:00] Who are Epiq?  – Epic is a global leader in technology enabled legal services. In fact, it supports 90% of the top law firms globally! With over 8000 employees spread over 19 countries, it helps to support corporations, law firms and government agencies across the globe.
[04:35] What constitutes a cyber incident and why is it so important to respond effectively? – A cyber incident refers to unathorised access or attempted access to an organisation’s IT systems. Types of incident include breaches, malicious attacks (e.g. Ransomware), and accidental events (e.g. Fire Damage). Responding effectively is crucial to minimize damage and protect sensitive data.
[05:40] What does the cyber incident landscape currently look like, and what challenges will organisations face in responding to an incident? : The cyber incident landscape is ever evolving, but here are some key trends we saw in 2023:
Attacks on the rise – the number of organisations posted on ransomware and data theft sites increased by over 70% year-on-year.
Business Email Compromise (BEC) incidents surged by 67% in 2023 – these events are where people within an organisation fall victim to phishing or similar – clicking on malicious links which ultimately compromise your mailbox.
For me, there are 3 main challenges that organisations face when responding to a cyber incident:
·      Day-to-day management – balancing the technical aspects of the incident with broader business continuity, communications, financial and legal considerations. This can be hugely difficult for an organisation, during and already high stakes situation.
·      Expertise and support – navigating the complex legal, technical and operational aspects of an incident
·      Data-focused impact – understanding and assessing the risk to data after resolving an incident.
[10:00] What are the solutions to these challenges?  – Understanding the various external expertise and support available to a business, whether that be engaging with a law firm, a cyber incident response expert and cyber insurer will give you access to support with both the day-to-day management of an incident, as well as the legal, operational and commercial impact of said incident.
 [12:10] What are the consequences for an organsiation that does not respond effectively to a cyber incident? – : Failing to respond effectively to a cyber incident often leads to a variety of sever co

Cyber incidents are on the rise as data shows there was a 20% increase in data breaches from 2022 to 2023. 
Technology has become an integral part of most businesses, especially post pandemic where many who may have avoided this reliance on tech had no choice but to adapt to survive.
As a result, the question of businesses being affected by a cyber incident has become ‘when’ rather than ‘if’.  However, there are a number of steps you can take to mitigate risks ahead of any potential incidents.  
We invited Jack Morris, Account Director at Epiq, to discuss cyber incidents, the importance of being proactive in reducing cyber incident risk and the steps you can take to mitigate these risks. 
You’ll learn
·      Who are Epiq?
·      What is a cyber incident?
·      The importance of being proactive in reducing the risk of an incident
·      What can organisations do to be proactive in mitigating cyber incident risk?
·      What are forensic tabletop exercises, and how do they enhance preparedness?
·      Why might an organisation need to get an incident response retainer?
·      What role do Information Governance consultants play in reducing cyber risk?
 
Resources
·      Epiq
·      Isologyhub
 
In this episode, we talk about:
[00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo.
[02:05] Episode summary: Today Mel is joined by guest Jack Morris, Accoutn Director at Epiq, to discuss how to mitigate cyber incident risk.
[02:40] Who are Epiq?  – Epic is a global leader in technology enabled legal services. In fact, it supports 90% of the top law firms globally! With over 8000 employees spread over 19 countries, it helps to support corporations, law firms and government agencies across the globe.
[04:31] Who is Jack Morris? – Jack joined the industry relatively fresh out of university, starting at an organisation called Kroll where he was focused on data management – including overcoming ransomware infected devices and essentially allowing organisations to get access to data that was previously taken away from them.
Kroll was later acquired by Duff and Phelps and went through a turbulent time of many name changes before settling on Kale Discovery. He ended up leaving a year ago and joined Epiq as an Account Director.
Jack’s role at Epiq includes being a facilitator, introducing law firms, corporations and cyber insurers to best in class people and technology.
[06:40] What is a cyber incident?: A Cyber Incident is any unauthorised or unexpected event that compromises the confidentiality, integrity or availability of an organisation’s information systems, data or network. Incidents can range from data breaches and malware infections to single mailbox compromises and insider threats.
Organisations looking to combat information security risks should consider ISO 27001, as it’s key principles include the confidentiality, integrity or availability of your businesses information.
[08:29] Why is it important for organisations to be proactive in reducing their risk of an incident, no matter the size of your business?  – Let’s look at some startling statistics:
In 2022, 39% of businesses in the UK identified a cyber attack in the previous 12 months. Of this 39%, 31% of those businesses experienced attacks at least once a week.
48% of Small to Medium Businesses, globally, experienced a cyber incident in the last 12 months, with 61% of all cyber-attacks specifically targeting small business.
This is the most shocking of the statistics, and why it’s so important for us to be having these kinds of conversations around how business, no matter the size, need to be proactive in mitigating the impact of a cyber incident.
70% of small to medium businesses in the UK believe that th

Businesses looking to tackle their environmental impact will need to look at how they can reduce their carbon emissions and offset any remaining emissions to ensure that they reach Net Zero.
One of the most common ways businesses offset their emissions is through the purchasing of carbon credits that typically go towards planting trees or re-wilding.
However, there are a number of new emerging trends following on from the current commodification of nature, resulting in an attitude shift from businesses who are looking to get a lot more involved in the offsetting process.
We invited Luke Baldwin, Co-founder and CEO of Nature Broking, back onto the show to explain the latest trends in the carbon market.  
You’ll learn
·      What are the latest trends in the carbon market?
·      The importance of high integrity within carbon offsetting
·      Looking for impactful solutions
·      Why education around carbon offsetting is key for long-term sustainability commitment
·      How buying carbon credits now can lead to significant savings
 
Resources
·      Nature Broking
·      Isologyhub
 
In this episode, we talk about:
[00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo.
[02:05] Episode summary: Today Mel is joined by guest Luke Baldwin, Co-founder and CEO of Nature Broking, to discuss emerging trends in the carbon market that help businesses tackle their carbon offsetting.  
[02:50] What are the key trends in the Carbon Market  – As of 2024, Luke states the leading trends as:
·      High Integrity
·      Impactful solutions
·      Education
·      Purchase carbon credits now and save later
[04:10] High Integrity – There’s now a lot of carbon credits available and due to the nature of the unregulated carbon markets, it’s led to an increase in bad actors generating revenue in a bad way.
Once example of this is Kariba, a project in Zimbabwe that aimed to tackle deforestation, which was recently exposed in the Guardian and The New Yorker for having incorrect calculations. Credits purchased towards that programme were then called into questions and any associated companies were accused of greenwashing.
To avoid this, businesses are now putting a greater focus on high integrity solutions, which involves considerations such as:
·      Are the credits durable? Will the carbon be stored long term?
·      Are their significant CO2 benefits?
·      Are the credits contributing anything besides just removing carbon? i.e. regenerative agriculture or woodland plantation
[06:20] Impactful Solutions: The carbon markets offers a lot of fantastic solutions and businesses are moving away from the quick commodification of those solutions, and are instead looking to really understand the impact of how they chose to offset their emissions.
It’s becoming more of a question of buying carbon credits that align with your values, whether this be social values or sustainability values.
They’re looking to invest in projects that will have a tangible outcome. Which is exactly what Nature Broking sets out to assist businesses with by tailoring bespoke solutions that adhere to their specific values.
[08:10] Education  – The need for more education around the carbon markets is crucial.
Luke remembers the quote “you can't love what you don't know”, which applies as how can a business truly invest in something that they don’t fully understand.
Sustainability is a mindset, and a cultural shift towards more sustainable practices starts with an education.
Carbonology uses an ISO framework, but also provide an education around the carbon reduction plan provided to inspire a mindset shift change towards sustainability.
[09:05] Blackmores experience – Blackmores

The UK is the first major economy to achieve it’s 50% reduction target for Greenhouse Gas Emissions (between 1990 and 2022). However, we’ve still got a lot of work to do to reach our 2023 target of a 68% reduction.
Many businesses are already making great strides to reduce their Impact, and while you can reduce, achieving true carbon neutrality will involve offsetting a certain amount of emissions.
One of the biggest challenges for businesses in terms of completing their offsetting is finding a credible carbon offsetting scheme.
Mel is joined by Luke Baldwin, Co-founder and CEO of Nature Broking, to discuss credible nature-based solutions for carbon offsetting.
You’ll learn
·      Who are Nature Broking?
·      What is Natural Capital?
·      How can we restore nature at scale?
·      Financing transition regenerative agriculture through the sale of natural capital
·      How have Nature Broking worked with clients to complete their carbon offsetting?
·      How can you demonstrate a credible carbon offsetting scheme?
·      What projects are Nature Broking currently working on?
 
Resources
·      Nature Broking
·      Isologyhub
In this episode, we talk about:
[00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo.
[02:05] Episode summary: Today Mel is joined by guest Luke Baldwin, Co-founder and CEO of Nature Broking, to discuss credible nature based solutions for carbon offsetting and explore some of the wonderful projects Nature Broking have been involved with.
[04:10] What is natural capital?  – Natural capital is the idea of creating value from nature. What natural capital does is, it encompasses all the things that we get from nature that we rely on. That could be the shelter in your house all the way through to carbon offsets.
[04:55] Who are Nature Broking? – Nature Broking’s story starts off on a somber note. Sadly, Luke lost one of his friends in a mountaineering accident, and in his memory, Luke and another friend rewilded one acre of Scottish Borders Woodlands. This is something they make a point to visit every year, to pay tribute and to keep their living, breathing monument of his friends memory alive and well.
The experience was an eye opening one. For as lovely as the process was, it was incredibly expensive, and not very easy to do. Luke then realised that philanthropy alone wasn't going to be able to cover the costs of what we required to restore nature.
Looking into the matter further he found that 50% of the world's GDP is moderately or highly dependent on nature and that the UK, whilst green and beautiful, sits in the bottom 10%.
And so, an idea was sparked. Together his friend and Co-founder Andy started down the nature restoration path and created Nature Broking.
[06:20] What is Nature Broking’s mission?: Nature Broking have 2 major missions:
#1: Help restore nature at scale
#2: Help finance a transition to regenerative agriculture
[06:34] How can we restore nature at scale?  – The UK Government has set targets of halting nature decline by 2030, with a view to increase nature by 2045.
The Green Finance Institute has calculated that there is a funding gap of about 56 billion in order for us to achieve our legally binding environmental targets. That’s a hefty sum to put on public money and philanthropy, which is where private markets and business can make a big impact.
Frameworks like PAS 2060 (ISO 14068) help businesses invest in nature, and with the creation of carbon credits, carbon has been commodified to make it more accessible for businesses to contribute to carbon offsetting.
[08:20] How can we help finance transition regenerative agriculture through the sale of natural capital? – Regenerative agriculture is about restoring the soils, restorin

The UK recently hit a huge milestone, according to the Department for Energy Security and Net Zero (DESNZ), the UK have reduced their Greenhouse Gas Emissions by 50% between 1990 and 2022. 
The UK are the first major economy to achieve this, however we’ve still got a lot of work to do to meet our 2030 target of a 68% reduction.
Over the past few years there have been a number of schemes aimed at businesses to help tackle their impact, specifically their energy consumption. Here in the UK, ESOS (The Energy Savings Opportunities Scheme) was introduced as an implementation of the EU Energy Efficiency Directive and has been a mandatory undertaking for large organisations that fit the criteria.
Recently, that scheme has been updated and a number of changes have come into effect for Phase 3. 
Ian Boylan, Chief Executive Officer at ISO Baseline, joins Mel to explain the recent changes to ESOS, how they affect organisations in the UK and EU and how ISO Baseline’s software can help businesses consistently manage their energy consumption in alignment with ISO 50001 (The Energy Management Standard).
You’ll learn
·      Who are ISO Baseline?
·      What is the Energy Savings Opportunities Scheme (ESOS)?
·      What are the changes to ESOS?
·      How do the changes affect those who currently comply using ISO 50001
·      What are the changes to the ESOS eligibility requirements?
·      How can ISO Baseline help businesses with their ISO 50001 and ESOS compliance?
 
Resources
·      ISO Baseline
·      Isologyhub
·      ISO 50001
 
In this episode, we talk about:
[00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo.
[02:05] Episode summary: Today Mel is joined by guest Ian Boylan, Chief Executive Officer at ISO Baseline, to discuss the changes to The Energy Savings Opportunities Scheme (ESOS), and how the changes will affect the European Directive on energy management and energy reporting.
[03:20] Who is Ian and ISO Baseline?  – Ian has been involved with ISO Standards for a number of years, starting with the technical aspects of building Management Systems, to working with Certification Bodies as an auditor for Management Systems.
From this experience, Ian really got to understand the challenges that organisations face when implementing ISO Standards. Challenges such as maintenance to ensure they are achieving their requirements and objectives.
Which is where the concept for ISO Baseline was born. Targeted specifically towards the Energy Management Standard ISO 50001, ISO Baseline’s software allows organisations to manage their energy processes and provide evidence that you are meeting your energy objectives.
[05:30] What features are included in ISO Baseline’s software? – Features include:
Energy reporting: Information can be displayed in graph or Sankey diagrams to help visualize your energy performance.
Identification of opportunities: Any opportunities for improvement found in the provided energy report will be recorded in an ‘Opportunities Register’
Financial Assessments: Work out life-cycle costs for assets, which can be used as a guide to establish possible savings by implementing suggested improvements.
[07:25] What is ESOS?: ESOS was introduced when we were still a part of the European Union, when there was a European Directive on energy efficiency.
It placed a requirement on member states in the EU to put together schemes for ensuring that large organisations undertake energy audits on a regular 4 yearly basis. In the UK this was adopted as the ESOS regulations.
For many years, if a business’s ISO 50001 certification scope covered all of its energy usage, then your business was considered compliant with ESOS.
If you didn’t have an ISO 50001 Management System in plac