On 21 March 2024 the NCSC issued a cyber incident response guide, aimed at CEOs, giving guidance on key things to consider when faced with a cyber incident.
The guide contains sections on:
- Proportionate and effective governance
- Encouraging the use of external experts
- Considering the impact of a breach and reporting obligations that flow from this
- Thinking about public messaging to reassure individuals and protect your reputation
- Considering the risks of making payment where ransomware is involved
- Considering staff welfare
- Ensuring lessons are learned
This is a recommended read for senior management as a quick check that procedures currently in place cover all the bases when it comes to cyber incidents.
The full guide can be found here.