Responding to a cyber attack

Created:  14 Oct 2015
Updated:  19 Feb 2016
There is no such thing as 100% security and your organisation will probably experience some form of cyber attack at some time. So, who do you contact if your organisation has been attacked?

There are three routes to dealing with a cyber incident:

  • Networks of national significance should contact a Cyber Incident Response (CIR) provider.
  • Industry, academia and both private and public sector organisations should contact a CREST approved provider.
  • GovCertUK is the Computer Emergency Response Team (CERT) for UK Government, which includes 24/7 support for public sector organisations.

Providers in all these schemes are likely to:

  • Determine the extent of the incident
  • Work to ensure the immediate impact is managed
  • Provide recommendations to remediate the compromise and increase security across the network
  • Produce an incident report to describe the scope of the problem, the technical impact, mitigation activities and an assessment of business impact
  • Give an Impact Assessment – where the incident affects partners or customers

Was this information helpful?

We need your feedback to improve this content.

Yes No