Be honest – is your incident response plan printed, filed, and forgotten in a bottom drawer somewhere? Or did you neglect to print it? 

You’re not alone. Many businesses draft a response plan because they’re told they should… and then never look at it again. But a cybersecurity plan that’s out of date, or lost, is almost as risky as having no plan at all. 

Cyber threats change – so should your plan 

Every 6 to 12 months, you should review your incident response plan. Why? 

Because your business changes. You might have: 

  • Onboarded or offboarded staff 
  • Started using (or stopped using) software or cloud tools 
  • Changed your bank accounts or payment systems 
  • Updated your IT infrastructure or passwords 
  • Taken out cyber insurance – or let it lapse 

All of these can affect your response in the event of a breach, ransomware attack, or data loss. If you haven’t updated your plan, you may waste precious time during a crisis trying to find contact details, locate logins, or figure out who’s responsible for what. 

Print it. Store it. Share it. 

Print off your incident response plan and cyber insurance documents.
In an attack, you may not be able to access your computer systems. Having physical copies means you can still act. 

Check your cyber insurance details.
Is the contact number still valid? Do you know exactly what you’re covered for – and what might trigger a claim? 

Make sure your IT provider is listed.
When the worst happens, they’ll be your first call. 

Know your legal obligations.
Do you understand when you need to notify the ICO (Information Commissioner’s Office)? A delayed or incorrect response could land you in hot water. 

If it’s overwhelming – start small 

No one expects you to overhaul everything in a day. But reviewing one area at a time – software access, insurance, staff responsibilities – adds up. Each review strengthens your defence and shortens your response time in an emergency. 

And remember: you don’t need to do it alone. 

We’re here to help 

You’re responsible for running your business – we’re here to look after your IT. If you’re not sure what would happen if you lost access to your systems tomorrow, or you don’t know the first step in a breach situation, now’s the time to find out. 

Let’s have a conversation about what you’ve got in place, where the gaps might be, and how we can help make your response plan more practical, more personal, and more effective. 

Book a quick Technology Business Review today – because prevention is powerful, but preparation is essential. 

Back to posts