Cyber incidents are now an established challenge facing organisations today. The NCSC has created the Small Business Guide to Response and Recovery, which provides small to medium sized organisations with guidance about how to prepare their response, and plan their recovery to a cyber incident.

We have seen many cases where organisations were unprepared to respond to cyber incidents, which severely impacted their ability to recover.

In this newsletter, we'll quickly discuss the main areas of the newly released guidance so you can start implementing good practice.

Key Areas of Response and Recovery to Cyber Incidents

Prepare for the incidentsResponse1For more information :

- Identify critical systems and assets (if you don't know what you have, then it's difficult to know how to protect it)
- Prioritise the risk, and manage it
- Put risk on the agenda
- Make an incident plan, make sure the relevant people involved know what it is, and then test it

Identify what's happening
- Find out if you're being (or have been) attacked
- Find out what's happened
- Stop the incident getting any worse

Resolve the incident
- If your IT is managed externally: contact the right people to help
- If you manage your own IT: put your plan into action

Report the incident to wider stakeholders
- Cyber attacks are a crime. We always encourage victims to report the crime to ActionFraud via phone (0300 123 2040) or website ( The more individuals report, the more likely it is that perpetrators will be arrested, charged and convicted.
- Keep everyone informed
- Consider legal advice

Learn from the incident
- Review actions taken during the response
- Review and update your incident plan
- Strengthen your defences
- Consider the terms of your contracts, and whether they need updating or amending

This is a basic summary of key focus points featured in the NCSC's Response and Recovery Guide. For the full guide, please see the NCSC website at

By using this website you agree to our use of cookies to enhance your experience. I understand

Windows 7 EOL

On January 14th 2020 Windows 7 and Windows Server 2008 (inc.variants) reached End of Life and will no longer have release updates or security patches provided by Microsoft.

These systems will still work after this date, but your business may be exposed to emerging threats of new viruses and malicious attacks.

Please don’t hesitate to contact either Julie or Darryn on 01460271055 to discuss your concerns.