Response and Recovery: A Cyber Guide for Business Owners and IT Managers
The UK National Cyber Security Centre (NCSC) in partnership with Business in the Community (BITC), has created this toolkit, designed to provide small businesses with guidance about how to prepare for, and recover from, a cyber incident.
How to prepare your small- or medium-sized enterprise’s response and recovery to a cyber incident.
- Step One – Prepare for incidents
How to prepare for the most common threats to your business
- Step Two – Identify what is happening
How organisations can detect if they’re being attacked.
- Step Three – Resolve the incident
Steps to get your organisation back on its feet, whether your IT is managed internally or externally
- Step Four – Report the incident to wider stakeholders
A brief guide to your legal and practical obligations following a cyber incident
- Step Five – Learn from the incident
Learning lessons from an cyber incident can reduce the likelihood of it happening again
The NCSC defines a cyber incident as unauthorised access, or attempted access, to an organisation’s IT systems. These may be malicious attacks such as denial of service attacks, malware infection, ransomware or phishing attacks; or could be accidental incidents such as damage from fire, flood or theft.
Impacts of cyber incidents on small businesses can be devastating. A breach could mean loss of reputation or contract, a GDPR fine or could lead to small businesses becoming insolvent and going out of business. Therefore, it is vital that businesses have robust cybersecurity measures in place to be prepared for a cyber breach and response and recovery plans should the worst occur.
You can also download a shorter factsheet that summarises this document.