How to Build your Cyber Incident Response Plan with Our Free Template

Date: 10 September 2020

Every business needs a fit-for-purpose cyber incident response plan to enable them to rapidly and effectively respond to a cyber-attack. This blog provides ideas on how you can use our downloadable and free cyber incident response plan template to create your own plan.  

Running a business on the Internet and consistently scaling it without a cyber incident response plan in place is like taking a car off-roading without a spare tyre. You’re bound to face insurmountable challenges with nothing to fall back upon.

So, how exactly should you go about creating your own cyber incident response plan? 

First ensure you download our Cyber Incident Response Plan template here. Created by Amar Singh, our founder and CEO,  this free, easy-to-use cyber incident response plan template is pragmatic, free from fluff and easy-to-use.

For a detailed understanding of cyber incident response, you can check out our NCSC-certified Cyber Incident Response Plan course that gives you greater and deeper insights and more valuable tools for building cyber resiliency.       

Download your copy of the cyber incident response plan template here

How to create your own cyber incident response plan with our template? 

We spoke to Amar Singh on his opinion and advice on the best way to create an incident response plan with the template. Here are the key points to keep in mind...

• 1. Structure – Please note that when your proverbial ship is sinking, you’ll need a document that is well-structured, well-organised and easy to read within minutes. It is advisable to leave out stuff like ‘how to prepare’ for an attack as this document should exclusively focus on the response strategy and steps. Don’t over-clutter it. Keep it neat, simple and brief.

   

  2. Effectiveness – While you may be done with building your cyber incident response plan, you have to make sure that it answers the following questions – whom to call in case of a cyber crisis, who can authorise critical actions, who goes to the press and with what statement, which third-party to call for forensics & whom to turn to for legal advice. If your plan answers all these highly critical questions, you have a good chance of responding effectively to a cyber-attack.

   

  3. Stakeholders- As you start creating your cyber incident response plan using our template, one of the primary exercises you’ll realise you need to do is build a well-defined list of key stakeholders whose actions are to be elicited at the time of a crisis. You can classify the stakeholders as The Response Team, The Cyber Incident Management Team, Product & System Owners and Third Parties and Vendors. However, the final classification and responsibility allocation will depend on the unique structure of your individual organisation and the third parties and external teams relevant to the nature and size of your business.

   

  4. Executive Mandate - An essential aspect of building a cyber incident response plan is to outline the Executive Mandate and key principles to be followed. You can have the HR and legal teams of your organisation go through these principles when you’re defining them. The idea of this aspect is to make it clear what is and isn’t acceptable during an incident response procedure. Some of the principles that we feel you must focus on as far as enlisting executive mandate goes include integrity of evidence and forensics, transparency with staff, clients and regulators, using approved and secure channels for crisis communications, privacy and ensuring minimal disruption of business operations.