Response and Recovery: A Cyber Guide for Business Owners and IT Managers
Response and Recovery: A Cyber Guide for Business Owners and IT Managers
The UK National Cyber Security Centre (NCSC) in partnership with Business in the Community (BITC), has created this toolkit, designed to provide small businesses with guidance about how to prepare for, and recover from, a cyber incident.
How to prepare your small- or medium-sized enterprise’s response and recovery to a cyber incident.
- Step One – Prepare for incidents
How to prepare for the most common threats to your business - Step Two – Identify what is happening
How organisations can detect if they’re being attacked. - Step Three – Resolve the incident
Steps to get your organisation back on its feet, whether your IT is managed internally or externally - Step Four – Report the incident to wider stakeholders
A brief guide to your legal and practical obligations following a cyber incident - Step Five – Learn from the incident
Learning lessons from an cyber incident can reduce the likelihood of it happening again
The NCSC defines a cyber incident as unauthorised access, or attempted access, to an organisation’s IT systems. These may be malicious attacks such as denial of service attacks, malware infection, ransomware or phishing attacks; or could be accidental incidents such as damage from fire, flood or theft.
Impacts of cyber incidents on small businesses can be devastating. A breach could mean loss of reputation or contract, a GDPR fine or could lead to small businesses becoming insolvent and going out of business. Therefore, it is vital that businesses have robust cybersecurity measures in place to be prepared for a cyber breach and response and recovery plans should the worst occur.
You can also download a shorter factsheet that summarises this document.
Related content
The King’s Seeing is Believing Impact Report 2025
The King’s Seeing is Believing programme Impact Report 2025 shares the impacts and stories that demonstrate the programme’s enduring strength: the ability to forge meaningful connections between business and community and catalyse action at both the individual and organisational level.
Caring for Carers
Angela Watson, Business in the Community’s (BITC) Age Manager, writes about our employer support for working carers, including our innovative Let’s Care Together programme.
Resilience Business Networks: Are business networks emergency-ready?
This 'Resilient Business Networks' report explores the role of business networks in urban resilience.