If you own a business the question of whether you will suffer a cyber incident is not one of ‘if’ but ‘when’. In the 12 months from March 2020/21 four in ten businesses (39%) and a quarter of charities (26%) reported experiencing cyber security breaches or attacks.
The National Cyber Security Centre (NCSC) defines a cyber incident as:
“unauthorised access (or attempted access) to an organisation's IT systems. These may be malicious attacks (such as denial of service attacks, malware infection, ransomware, or phishing attacks), or could be accidental incidents (such as damage from fire/flood/theft)”.
A cyber incident response plan is an internal document that outlines how to respond to a serious cybersecurity event that impacts a business's operations.
The key to resolving a cyber incident quickly is to have a clear cyber incident response plan in place which is accessible to relevant people in your organisation. Below are three key steps when implementing a response and recovery plan.
The first step in your response and recovery program is to undertake a cyber risk assessment. This exercise should involve data mapping, so you understand where personal data (often the target of a cyberattack) is held within your business.
It is important to identify the systems that are critical to ensuring your business can operate in the event of a cyber incident. All essential information such as email addresses and customer order information should be backed up on a daily or weekly basis.
Once you have identified the risks to the data you hold and the systems required to operate your business, you need to create a plan that sets out the steps that must be followed if a cyber incident occurs.
Qualified/trained employees should be assigned certain roles and responsibilities as a part of an incident response team. Similar to having regular fire drills, mock cyber incidents should be staged regularly so everyone can practice their recovery roles.
During these drills, each of the phases of the incident response plan should be carried out to ensure that the team fully understand the process of incident management.
Reporting a cyber incident to the right people is a crucial part of the incident handling process. A cyber attack is a criminal offence and therefore should be reported to Action Fraud and the police. If you have suffered a data breach, you are required under the UK GDPR to report the incident to the Information Commissioner’s Office (ICO) within 72 hours.
Cyber incidents must be taken seriously, and you will likely need to seek the advice and representation of an experienced solicitor to help you answer questions from enforcement bodies. Our team can assist you with reporting a cyber incident and help you navigate interactions with regulators.
For a free 15 minute cyber protection consultation, just click ‘Get started’ below.
Read more of our latest blog posts, featuring all the latest legal news, analysis and opinion from our expert lawyers.
Cyber security threats, including cyberattacks, phishing attacks, and ransomware attacks have increased markedly since 2020. As the workforce began...
The average office worker receives 121 emails per day. This, along with the fact that criminals are getting smarter, means phishing emails are beco...
If there is one thing business loathes, it is uncertainty. And for the last three years, British businesses have had to deal with so many politica...
LawBite is on a mission to provide business legal advice that is easier to access, clearer to understand and much cheaper. Our on-line legal advice platform can quickly connect you with expert business legal advice. Our friendly, highly qualified business lawyers, solicitors and mediators will give you the guidance and reassurance that comes from customised legal advice for small and medium sized business.
Whether you are bringing or defending a legal claim, outsourcing work, want a business contract review to ward off disagreements, talk to an expert trademark lawyer, resolve a contractual dispute with methods like mediation and arbitration, or getting your new company set up and on the right footing with a robust shareholder agreement and GDPR standards, we can help you succeed.