Cyber Resilience for Business Managers

Considering risks in ‘peacetime’ and planning how you might respond to a Cyber Incident in advance of it happening will help you keep your business going.

There are a number of key areas that can help.

  • Being aware of the risk
  • Pre-planning and making decisions in advance
  • Developing a Cyber Incident Response Plan consisting of:
    • A Business Continuity Plan
    • A Communications Plan
    • An IT Disaster Recovery Plan

Answer the questions and record your answers to create the bulk of your Cyber Incident Response Plan.  Ideally, you should then test this (as you would a Fire evacuation plan) and make amendments as necessary.

Sources of further information and guidance are also included as well as links to template document cover sheets for to other actions you can take to make your business more cyber resilient.

At present, the document is offered as a working draft.

draft v0.2 MS Word version , pdf version

Template covers for your Plan draft v0.1


This document was in part co-created at the Northumbrian Water Innovation Festival 2022 during a one-day ‘daily dash’ co-ordinated by CyberNorth and UKC3.  Some content is based on a similar initiative for schools in North Tyneside and from the North East Cyber Incident Response Plan developed by Local Resilience Forum emergency planners. It also borrows from Lessons Learned from significant cyber incidents in the last few years. 

The document prompts the reader to consider questions they may not have previously thought about; it should also be useful to those familiar with business cyber resilience, acting as a checklist and reminder of things to consider.

Provide feedback on the draft documents.