Post-incident
You should follow your safeguarding procedures to ensure all staff members involved in incident discovery, investigation and reporting undergo some form of debrief and support.
You should also review all actions to check you took the right steps to mitigate the incident. This includes communicating to all stakeholders internal to your setting, such as to the SLT Digital Lead or Senior Leadership. You should also communicate to people outside the organisation, if they were impacted.
Present your incident review report to senior leadership.
After the incident
It is important to remember that everyone should remain vigilant and be aware of possible future attacks. Use your experience in training activities and to review or update your cyber response plan and cyber risk assessment.