These first five steps are fundamental to establishing an incident management capability. They are the initial areas for an organisation to focus on when commencing this process.
Taking these first steps will enable a foundational ability to identify, respond and recover from cyber security incidents.
Incident Management: Be Resilient, Be Prepared [PDF, 3.1 MB]
This resource accompanies the NCSC’s advice on enhancing organisational cyber security governance.