RESPONSE AND RECOVERY
Cyber incidents are now an established challenge facing organisations today. The NCSC has created the Small Business Guide to Response and Recovery, which provides small to medium sized organisations with guidance about how to prepare their response, and plan their recovery to a cyber incident.
We have seen many cases where organisations were unprepared to respond to cyber incidents, which severely impacted their ability to recover.
In this newsletter, we'll quickly discuss the main areas of the newly released guidance so you can start implementing good practice.
Key Areas of Response and Recovery to Cyber Incidents
Prepare for the incidents
- Identify critical systems and assets (if you don't know what you have, then it's difficult to know how to protect it)
- Prioritise the risk, and manage it
- Put risk on the agenda
- Make an incident plan, make sure the relevant people involved know what it is, and then test it
Identify what's happening
- Find out if you're being (or have been) attacked
- Find out what's happened
- Stop the incident getting any worse
Resolve the incident
- If your IT is managed externally: contact the right people to help
- If you manage your own IT: put your plan into action
Report the incident to wider stakeholders
- Cyber attacks are a crime. We always encourage victims to report the crime to ActionFraud via phone (0300 123 2040) or website (https://www.actionfraud.police.uk). The more individuals report, the more likely it is that perpetrators will be arrested, charged and convicted.
- Keep everyone informed
- Consider legal advice
Learn from the incident
- Review actions taken during the response
- Review and update your incident plan
- Strengthen your defences
- Consider the terms of your contracts, and whether they need updating or amending
This is a basic summary of key focus points featured in the NCSC's Response and Recovery Guide. For the full guide, please see the NCSC website at https://www.ncsc.gov.uk/collection/small-business-guidance--response-and-recovery