10 Steps to Cyber Security
Incident Management
Incident management is often an aspect of cyber security that isn’t considered until it’s too late. The banner of incident management covers a variety of functions.
Since incident management is pointless if the functions do not work as desired when they are needed, it is essential to conduct annual or bi-annual testing to ensure the plans continue to be fit for purpose.
The content of cyber incident response plans differs from business to business and are largely based upon need, as well as planning the initial response to a cyber incident, there may be other considerations such as pre-planned press releases should a personally identifiable information (PII) data breach occur or notification of law enforcement if criminal acts have been committed.
The NCSC defines a cyber incident as “The NCSC defines a cyber incident as a breach of a system’s security policy in order to affect its integrity or availability and/or the unauthorised access or attempted access to a system or systems; in line with the Computer Misuse Act (1990).” A cyber incident response therefore is a pre-existing methodology of steps to be taken during and after a cyber incident occurs.
Regardless of circumstance, having a robust cyber incident management plan in place is highly recommended to facilitate a rational, measured response to the cyber incident, often the stress and panic of a cyber incident can result in an overreaction that can ultimately cause more harm than it prevents.
An incident response plan should ensure that lines of communication within a business are maintained and that stakeholders are kept informed of the incident as it progresses towards remediation.
10 Steps to Cyber Security
Episode 6: Incident Management
Episode 6 of our 10 Steps to Cyber Security series examines why strong incident management is vital for responding to cyber threats calmly and effectively. It highlights how having a well‑tested response plan – from clear internal communication to predefined actions during a breach – helps your organisation stay controlled, compliant and resilient when it matters most.
Solutions for Incident Management
Disaster Recovery (DR)
Disaster Recovery is a contingency solution that is invoked at such a time as an organisations primary IT infrastructure has been rendered unusable temporarily or permanently and to allow continued operation of the organisation, critical elements of the IT infrastructure are restored and hosted in a different location, usually geographically remote, from the primary datacentre.
Traditionally, Disaster Recovery has been used as a contingency against physical damage or circumstances rendering a datacentre unusable, however increasingly Disaster Recovery solutions are being employed to continue operations in the event of a ransomware or other malware infection making critical IT infrastructure unusable for an extended period.
CyberLab consultants specialise in designing and recommending disaster recovery solutions that work for our customers.
Business Continuity (BC)
Business Continuity is sometimes confused with Disaster Recovery and the terms are often interchanged, whilst they are similar in nature, they are quite separate, Disaster Recovery is the ability to run the IT infrastructure is a separate location, a Business Continuity plan is the plan an organisation has in place that dictates how it will operate in a Disaster Recovery scenario.
Business Continuity will typically consider such things as maintaining high availability of email functionality during a Disaster Recovery incident, relocating office staff to a second location, or reverting to home working if the primary office becomes unusable and maintaining other business critical services.
CyberLab consultants specialise in designing and recommending harmonious business continuity solutions.
Backup
Backups are a key component to any business contingency plan, although this is often not understood or appropriately financed. Having a good backup solution in place can mean major hardware, cyber, or force majeure incidents can be shrugged off with minimal downtime – conversely, not having a good backup solution could mean serious trouble for a business should the worst happen.
CyberLab consultants specialise in implementing modern, robust backup solutions for our customers and there is no one-size-fits-all. General principles may remain the same but individual implementations can vary depending on business needs, available hardware or technology and geographic dispersal of customer sites.
10 Steps to Cyber Security:The Checklist
To enhance our ’10 Steps to Cyber Security’ series, we’ve consolidated all the essential steps into a single, comprehensive checklist.
This streamlined resource is designed to provide you with a clear and actionable framework to bolster your organization’s cyber defences.
Once you’ve explored the checklist, take your understanding further with our in-depth video series below, where we break down each step in more detail.
Speak With an Expert
Enter your details and one of our experts will be in touch.
Whether you’re looking to implement basic cyber security best practice, improve your existing defences, or introduce a new system or solution, our team of expert consultants, engineers, and ethical hackers are here to help.
Our team specialise in creating bespoke security solutions and testing packages to improve and maintain your security posture.
We are 100% vendor agnostic and will only ever recommend the best products and solutions for your requirements.
