Speak directly to our team
01603 218000
  • About us
  • Claims
  • Resources
  • Make a payment
  • Careers
  • Contact us
The Alan Boswell Group logo
    Business Insurance
    Business Insurance Advice & Guidance
    • Commercial Insurance
      • Employers' Liability Insurance
      • Product Liability Insurance
      • Public Liability Insurance
      • Business Interruption Insurance
      • Professional Indemnity Insurance
      • Cyber Insurance
      • Legal Expenses Insurance
      • Management Liability Insurance
      • View all Commercial Insurance
    • Credit Insurance
      • Whole-Turnover Insurance
      • Bonds & Surety Guarantees
      • Specific Account Insurance
      • Invoice Discounting
      • Cash Flow Finance
      • Agricultural & Horticultural Credit Insurance Scheme
      • View all Credit Insurance
    • Business Property Insurance
      • Commercial Property Insurance
      • Property Portfolio Insurance
      • Unoccupied Commercial Property Insurance
      • View all Business Property Insurance
    • Trade & Industry Insurance
      • Recording Studio Insurance
      • Teachers Insurance
      • Marine Trade Insurance
      • Marine Transit Insurance
      • Pub Insurance
      • Franchise Insurance
      • Hospitality Insurance
      • View all Trade & Industry
    • Agricultural Insurance
      • Agricultural Insurance
      • Farm Insurance
      • Environmental Impairment Liability Insurance
      • Renewable Energy Insurance
      • Livestock Insurance
      • Agricultural Vehicle Insurance
      • View all Agricultural Insurance
    • Commercial Motor Insurance
      • Fleet Insurance
      • Motor Trade Insurance
      • Road Haulage Insurance
      • Self-Drive Hire Insurance
      • Taxi Insurance
      • Driving Instructor Insurance
      • View all Commercial Motor Insurance
    • Care & Medical Insurance
      • Care Home Insurance
      • Medical Equipment Insurance
      • Medical Malpractice Insurance
      • Surgery Insurance
      • Complementary Therapy Insurance
      • View all Care & Medical Insurance
    • Technology and Life Science Sector Insurance
      • CleanTech Insurance
      • Life Science Insurance
      • Insurance for Start-ups
      • Video Games Industry Insurance
      • Technology Insurance
      • View all Technology and Life Science Sector Insurance
    • Construction Insurance
      • Construction Insurance
      • Structural Warranty Insurance
      • Tradesman Insurance
      • View all Construction Insurance
    Employee Benefits & Healthcare
    Employee Benefits & Healthcare hub
    • Employee Benefits
      • Group Critical Illness Insurance
      • Death in Service Insurance
      • Workplace Pensions
      • Flexible Benefits
      • Group Income Protection
      • View all Employee Benefits
    • Business Healthcare
      • Health and Wellbeing Plans
      • Health Cash Plans
      • Health Screening
      • Group Private Medical Insurance
      • View all Business Healthcare
    • Business Protection
      • Key Person Insurance
      • Business Loan Protection
      • Shareholder Protection Insurance
      • Partnership Protection Insurance
      • View all Business Protection
    Risk Management
    Risk Management Hub
    • Risk Management Services
    • Engineering Inspections
    • Health & Safety
    • Health & Safety Training
    • NEBOSH Training Course
    • IOSH Training Course
    • ABRM Health & Safety Portal
    Personal Insurance
    Personal Insurance hub
    • Home & Property Insurance
      • Home Insurance
      • Home Renovation Insurance
      • Holiday Home Insurance
      • High-Value Home Insurance
      • Unoccupied Property Insurance
      • Tenants Contents Insurance
      • Listed Building Insurance
      • View all Home & Property Insurance
    • Motor Insurance
      • Classic Car Insurance
      • Motorhome Insurance
      • Private Car Insurance
      • Motor Legal Expenses
      • Call Assist Breakdown Cover
      • Short-Term Motor Insurance
      • Provisional Driver Insurance
      • View all Motor Insurance
    • Boat Insurance
      • Yacht Insurance
      • Motorboat Insurance
      • Classic Boat Insurance
      • Broads Boat Insurance
      • Dinghy Insurance
      • View all Boat Insurance
    • Travel Insurance
    Personal Financial Planning & Advice
    Personal Financial Planning hub
    • Wealth Management
      • Financial Advice for Widows and Widowers
      • View all Wealth Management
    • Savings and Investments
      • Investments
      • Individual Savings Account
      • View all Savings and Investments
    • Retirement Income Solutions
      • Personal Pensions
      • Retirement Planning
      • View all Retirement Income Solutions
    • Private Healthcare Insurance
      • Private Medical Insurance
      • View all Private Healthcare Insurance
    • Protection
      • Critical Illness Cover
      • Income Protection Insurance
      • Life Insurance
      • Personal Accident and Sickness Cover
      • View all Protection
  • Landlord Insurance
    Landlords Advice & Guidance
    • Landlord Building Insurance
    • Rent Guarantee Insurance
    • Tenant Referencing
    • Landlord Home Emergency Cover
    • Multi Property Landlord Insurance
    • Block of Flats Insurance
    • Landlord Legal Expenses Insurance
    • Commercial Landlord Insurance
    • Landlord Liability Insurance
    • Excess Protection Insurance
    • Airbnb Insurance
    • HMO Insurance
    • Serviced Accommodation Insurance
    • Private Sector Leasing Insurance
    • Buy-to-Let Insurance
    • Landlord Contents Insurance
Speak directly to our team
01603 218000
  • Business
    Business Insurance
    • Commercial Insurance
      • Employers' Liability Insurance
      • Product Liability Insurance
      • Public Liability Insurance
      • Business Interruption Insurance
      • Professional Indemnity Insurance
      • Cyber Insurance
      • Legal Expenses Insurance
      • Management Liability Insurance
    • View All Commercial Insurance
    • Credit Insurance
      • Whole-Turnover Insurance
      • Bonds & Surety Guarantees
      • Specific Account Insurance
      • Invoice Discounting
      • Cash Flow Finance
      • Agricultural & Horticultural Credit Insurance Scheme
    • View All Credit Insurance
    • Business Property Insurance
      • Commercial Property Insurance
      • Property Portfolio Insurance
      • Unoccupied Commercial Property Insurance
    • View All Business Property Insurance
    • Trade & Industry Insurance
      • Recording Studio Insurance
      • Teachers Insurance
      • Marine Trade Insurance
      • Marine Transit Insurance
      • Pub Insurance
      • Franchise Insurance
      • Hospitality Insurance
    • View All Trade & Industry
    • Agricultural Insurance
      • Agricultural Insurance
      • Farm Insurance
      • Environmental Impairment Liability Insurance
      • Renewable Energy Insurance
      • Livestock Insurance
      • Agricultural Vehicle Insurance
    • View All Agricultural Insurance
    • Commercial Motor Insurance
      • Fleet Insurance
      • Motor Trade Insurance
      • Road Haulage Insurance
      • Self-Drive Hire Insurance
      • Taxi Insurance
      • Driving Instructor Insurance
    • View All Commercial Motor Insurance
    • Care & Medical Insurance
      • Care Home Insurance
      • Medical Equipment Insurance
      • Medical Malpractice Insurance
      • Surgery Insurance
      • Complementary Therapy Insurance
    • View All Care & Medical Insurance
    • Technology and Life Science Sector Insurance
      • CleanTech Insurance
      • Life Science Insurance
      • Insurance for Start-ups
      • Video Games Industry Insurance
      • Technology Insurance
    • View All Technology and Life Science Sector Insurance
    • Construction Insurance
      • Construction Insurance
      • Structural Warranty Insurance
      • Tradesman Insurance
    • View All Construction Insurance
    Business Insurance Advice & Guidance
    Employee Benefits & Healthcare
    • Employee Benefits
      • Group Critical Illness Insurance
      • Death in Service Insurance
      • Workplace Pensions
      • Flexible Benefits
      • Group Income Protection
    • View All Employee Benefits
    • Business Healthcare
      • Health and Wellbeing Plans
      • Health Cash Plans
      • Health Screening
      • Group Private Medical Insurance
    • View All Business Healthcare
    • Business Protection
      • Key Person Insurance
      • Business Loan Protection
      • Shareholder Protection Insurance
      • Partnership Protection Insurance
    • View All Business Protection
    Employee Benefits & Healthcare hub
    Risk Management
    • Risk Management Services
    • Engineering Inspections
    • Health & Safety
    • Health & Safety Training
    • NEBOSH Training Course
    • IOSH Training Course
    • ABRM Health & Safety Portal
    • View All Risk Management
    Risk Management Hub
  • Personal
    Personal Insurance
    • Home & Property Insurance
      • Home Insurance
      • Home Renovation Insurance
      • Holiday Home Insurance
      • High-Value Home Insurance
      • Unoccupied Property Insurance
      • Tenants Contents Insurance
      • Listed Building Insurance
    • View All Home & Property Insurance
    • Motor Insurance
      • Classic Car Insurance
      • Motorhome Insurance
      • Private Car Insurance
      • Motor Legal Expenses
      • Call Assist Breakdown Cover
      • Short-Term Motor Insurance
      • Provisional Driver Insurance
    • View All Motor Insurance
    • Boat Insurance
      • Yacht Insurance
      • Motorboat Insurance
      • Classic Boat Insurance
      • Broads Boat Insurance
      • Dinghy Insurance
    • View All Boat Insurance
    • Travel Insurance
    Personal Insurance hub
    Personal Financial Planning & Advice
    • Wealth Management
      • Financial Advice for Widows and Widowers
    • View All Wealth Management
    • Savings and Investments
      • Investments
      • Individual Savings Account
    • View All Savings and Investments
    • Retirement Income Solutions
      • Personal Pensions
      • Retirement Planning
    • View All Retirement Income Solutions
    • Private Healthcare Insurance
      • Private Medical Insurance
    • View All Private Healthcare Insurance
    • Protection
      • Critical Illness Cover
      • Income Protection Insurance
      • Life Insurance
      • Personal Accident and Sickness Cover
    • View All Protection
    Personal Financial Planning hub
  • Landlord Insurance
    • Landlord Building Insurance
    • Rent Guarantee Insurance
    • Tenant Referencing
    • Landlord Home Emergency Cover
    • Multi Property Landlord Insurance
    • Block of Flats Insurance
    • Landlord Legal Expenses Insurance
    • Commercial Landlord Insurance
    • Landlord Liability Insurance
    • Excess Protection Insurance
    • Airbnb Insurance
    • HMO Insurance
    • Serviced Accommodation Insurance
    • Private Sector Leasing Insurance
    • Buy-to-Let Insurance
    • Landlord Contents Insurance
    • View All
    Landlords Advice & Guidance
  • About us
  • Claims
  • Resources
  • Make a payment
  • Careers
  • Contact us
  • Resources
  • Guide to cyber security incident response planning
Home
10 mins read
Guides and advice Business & Commercial Insurance

Guide to cyber security incident response planning

15.11.21

By Alan Boswell Group

Cyber security incident planning
  1. Who should have a cyber incident response plan (IRP)?
  2. What elements make up a cyber security incident response plan?
  3. What else should businesses be doing to protect their cyber security?
  4. How do I develop a cyber incident response plan?
In this article
  1. Who should have a cyber incident response plan (IRP)?
  2. What elements make up a cyber security incident response plan?
  3. What else should businesses be doing to protect their cyber security?
  4. How do I develop a cyber incident response plan?

Darren Chapman, Director and Principal Consultant at CyberScale, talks us through cyber security incident response planning (IRP). We look at why all businesses should have a plan in place as part of a robust cyber security process, how you can go about putting an IRP together, and some of the other ways you can protect your business from the threat of cyber attacks.

With a multitude of risks facing businesses, and cyber criminals constantly developing more sophisticated ways to keep ahead of defences, 100% prevention relating to cyber-attacks is impossible. To this end, organisations also need to invest in risk mitigation and ensuring that they can get their business up and running again as quickly as possible post attack. No technical solution can create full protection, so bringing in people and process to the mix is fundamental.

The UK Government Cyber Security Breaches Survey 2021 reports that “Most organisations (66% of businesses and 59% of charities) do report having some sort of formalised incident response process”. However, this is slightly misleading as the respondents are asked whether they do one of seven possible things within their organisation, not whether they have a full plan in place.

Who should have a cyber incident response plan (IRP)?

All businesses and organisations that manage data or personal information are potential targets for cyber criminals, there are no organisations too small or unattractive to attackers. It’s common to hear smaller businesses say that they aren’t a big enough or attractive enough target for cyber criminals, however it is often easier and more damaging for hackers to target smaller organisations.  When you suffer a security incident how you deal with it in terms of detection, response, communication, and recovery will define the level of impact it has on your business.

Ensuring that a business is set up to respond depends heavily on the investments made in building an appropriate incident response plan and management approach. All organisations should ideally have some form of incident management process in place appropriate to their size and structure, ensuring that it is able to be initiated quickly and not reliant on detailed technical expertise or complex processes. Primarily, focus must be on getting the business back up and running again as quickly as possible.

What elements make up a cyber security incident response plan?

The development of an incident response plan focuses on four key areas of consideration that should be developed in-line with the specifics of your business by a Cyber Security specialist. These are:

  1. How can I best protect customer, personal and sensitive data?

  2. How can I best detect and respond to incidents effectively and in a timely manner?

  3. How can I ensure appropriate communications & responsibilities are in place and understood?

  4. How can I get to a safe & effective resolution enabling a quick return to business-as-usual?

Effective delivery of an incident response plan requires the business to have an incident response team in place with tasks embedded into their core roles. The team responsible for delivering the plan in the face of a cyber-attack needs to represent all areas of the business, not just a technical team.

What else should businesses be doing to protect their cyber security?

Alongside a well-developed incident response plan, organisations can further bolster their cyber defences by ensuring that they have cyber insurance in place. For some businesses this is going to be critical in ensuring a swift return to normal activities.  This policy can cover the costs of network or business interruption, liability, cybercrime, data loss and reputational damage.

The hope for most organisations is that they will never have to enact their incident response plan or make a claim with their cyber insurance provider, but should they become the unwitting victim of a cyber-attack, then cyber insurance kicks in to help them get back up and running with as little long-term damage as possible. Businesses need to be prepared to dust off their IRP to ensure it is still relevant, understood by the business and actionable; a key benefit here is that you are not going to uncover any issues when trying to implement the plan in the real world.

How do I develop a cyber incident response plan?

The two key ways businesses can ensure this happens are;

  • Have supporting ‘how-to’ guides in place. Having common scenarios documented gives teams access to information that provides more context to possible attacks.

  • Businesses should invest time in undertaking regular incident response exercises. This involves identifying likely incident scenarios and building exercises that test your business’s ability to manage them.

This leads on to thinking about the people element of cyber security, and its impact on keeping an incident response plan alive within a business.  When cyber-attacks occur there is real life experience which the learnings from can be built into the future of the plan. Alongside this is the need for teams to be keeping themselves abreast of what is happening within your industry sector regarding cyber security and cyber-attacks.

The 2021 UK Government Cyber Security Breaches Survey shows that the most common response to any cyber-attack is to make technical changes. This could suggest that fully investigating the root cause of incidents, or preventing people causing issues again, is ignored. It is increasingly important to encourage proactive investment in protecting your business, as so often we see organisations only doing this post-attack to protect themselves in the future.  Further to this, during and after an attack there would be a greater understanding of the situation and what is required of everyone in the organisation, so applying these lessons learned to the incident response plan ongoing is a key step.

It’s important to remember that according to the 2021 X-Force Threat Intelligence Index from IBM, human error was a major contributing cause in 95% of all breaches reported in their research, so to continually invest in staff awareness around cyber security can bolster all other efforts in the business ahead of any attack.

Lastly, never forget that Incident Management should have a recovery and learning focus and not be about blame.

Find out more about implementing a robust cyber incident response plan in your business here.

Need help with your insurance?

Whether you need a quote, have a general enquiry, or want to talk it through over the phone, we're here to help.

Make an enquiry – general and locations

Thank you for your enquiry, we will be in touch shortly.

As a leading independent insurance broker and specialist in insurance, risk management, and financial planning products, we are dedicated to finding the right cover to suit your needs.

We’d love to hear about your experience with us so far! Please take a moment to rate us on Google.

Leave a review

Contact details

Search with your postcode or first line of the address
There is a problem with the address you have entered. Please check the address for errors.
If applicable.

There was a problem with some of the information you entered. Please check the form for errors and try again.

A technical error occurred when trying to submit this form. Please call us to let us know.

Speak to us:  01603 218000

Darren Chapman - CyberScale

Darren Chapman - Director & Principal Consultant - CyberScale

CyberScale are a Cyber Security Consultancy and Training provider.  They provide pragmatic IT Security and Data Protection for businesses throughout the UK.  Cybersecurity and data protection can be confusing and hard to keep up with, especially without dedicated staff. CyberScale will translate threats and regulations into what’s relevant to your business, and explain everything in a clear, non-technical way.  Cyber Security is complex so making it simple is key, so you can concentrate on running your business. To find out more, contact CyberScale on 01603 339550 or email [email protected].

Related guides and insights

9 mins
A-Z of cyber security

A-Z of cyber security

In spite of its relevance to us all, cyber security has developed terminology that can be baffling to outsiders. Join us as we explore some commonly used terms.

6 mins
Cyber security

Cyber security audits explained

Cybercrime is one of the biggest threats to businesses across all industries and having appropriate cyber security in place is vital. We take a look at cyber security audits, how they work and why they're important.

12 mins
Cyber security procedures

Cyber security procedures: helping you to reduce the cyber risk to your business

In our second article from CyberScale, we explore how cyber security procedures can help reduce the risk of a successful cyber attack on your business.

The Alan Boswell Group logo
Speak to us:  01603 218000

Make an enquiry – general and locations

Thank you for your enquiry, we will be in touch shortly.

As a leading independent insurance broker and specialist in insurance, risk management, and financial planning products, we are dedicated to finding the right cover to suit your needs.

We’d love to hear about your experience with us so far! Please take a moment to rate us on Google.

Leave a review

Contact details

Search with your postcode or first line of the address
There is a problem with the address you have entered. Please check the address for errors.
If applicable.

There was a problem with some of the information you entered. Please check the form for errors and try again.

A technical error occurred when trying to submit this form. Please call us to let us know.

Find out more about us
  • Alan Boswell Group linkedin
  • Alan Boswell Group facebook
  • Alan Boswell Group instagram
Services
  • Business Insurance
  • Personal Insurance
  • Landlord Insurance
  • Risk Management
  • Business Financial Planning
  • Personal Financial Planning
Company
  • About us
  • Contact us
  • Careers
  • Find people
  • Company news
  • Claims
  • Make a payment
  • Norwich Insurance & Financial Advice
  • Bury St Edmunds Commercial Insurance
  • Peterborough Insurance Brokers
  • Boston Insurance Brokers
  • Grimsby Insurance Brokers
  • Cambridge Insurance & Financial Advice
  • Ipswich Commercial Insurance
  • Legal Information
  • Terms of Business
  • Privacy and Cookie Statement
  • Complaints

©2025 Alan Boswell Group, All rights reserved.

Made by Candour