Peer practices: Cyber incident response plan


"There are only two types of companies: those that have been hacked, and those that will be", starts the well-known quote by Robert Mueller. He continued, however: "Even that is merging into one category: those that have been hacked and will be hacked again".


This threat impacts all Beltug members. We are therefore delighted to share an example of a cyber incident response plan from one of our members. The anonymised document provides inspiration for managing contemporary cyber threats and incidents, in order to reduce the scope, impact and severity of cyber incidents.


The 5-step approach includes:


  • Step 1: Detection, Analysis and Classification
  • Step 2: Notification and Documentation
  • Step 3: Containment and Eradication
  • Step 4: Recovery
  • Step 5: Lessons Learned (for continuous improvement of the plan)



Do you want to share your own response plan to cyber incidents with your fellow Beltug members? Please contact Levi. You can also email Levi for a Word version of this document.


Cyber incident response planning is a priority for Beltug members, and is therefore included in our working plan. Take a look at our Agenda and our Library for more information on this topic!



Dear visitor,

Access to more information about this topic and/or to download the paper is easy and fast, but exclusively for Beltug members (just login to get access).

Beltug gathers a lot of information. Here you find the advantages of Beltug membership

The Beltug Team

Click here to login

>>> Back to overview