How should you respond to a cyber incident?

Cyber-Security, News,

The National Cyber Security Centre (NCSC) has recently published a guide for business owners on responding to a cyber incident.

A cyber incident can range from a ransomware attacks, to phishing scams, data breaches, or perhaps an employee misusing their access to your systems, either intentionally or otherwise. The resulting damage can also range broadly, from financial loss, to reputational damage and legal consequences, and frequently cause disruption to your normal business operations. 

The immediate aftermath of any type of cyberattack will probably be incredibly challenging, and involve difficult decisions while you try to limit the impact on your business, customers and team.

The guide published by NCSC helps businesses to know what to do, both at the start of an incident and as time goes on.

The sections included in the guide are as follows:

  • Who is this guidance for?
  • Why do I need this guidance?
  • Put in place proportionate and effective governance
  • Bring in resources for advice and support
  • Consider the impact of a data breach
  • Think about your public messaging
  • In a ransomeware attack, consider the risks of making a payment
  • Consider team resilience and welfare
  • Review the lessons learned
  • Report it

The guide includes links to assured companies who can support you with a cyber incident response, as well as guidance from the Information Commissioners Office (ICO), and around staff welfare which may be helpful.

We’d definitely recommend that all business owners take the time to read through the guidance, even before any incident. The old adage is ‘forewarned is forearmed’ and this is definitely one of those times! Having an idea of how you’ll deal with such an event will make dealing with it much easier should it be needed. The ideal approach would be to have a process drawn up that you can follow when needed, but ‘ideal’ isn’t always the reality!

You can see a copy of the Guidance here.

Business News

We send regular updates that keep clients aware of changes and suggestions on a wide range of subjects; if you’d like to receive those too, just add your details below and we’ll do the rest! We promise not to bombard you and you can unsubscribe at any time.

  • This field is for validation purposes and should be left unchanged.
If you've found this post helpful, please share it with others…