Join your nearest Empowering Women training (running in July and September only)

To register, choose from upcoming training dates

Register now

Cyber Breach

Preparing your organisation and your people to respond effectively, swiftly and in an assured way.


Socitm members: Places included in your membership, subject to availability

Non-members: Contact us for further details


Cyber breach response is a form of security awareness.

Your organisation has probably already conducted some type of awareness training. Cyber breach response requires your team to be aware of what is expected of them in the event of a potential security incident, and what actions and decisions need to be made.

Your individual teams or departments may already have plans for disasters, business continuity or technology failures, but are they widely understood? Are they current, and more importantly, have they been enacted and tested?

Participation starts with the senior leadership team and their understanding of what decisions need to be made and when. Operationally, the next level down senior managers are required to accept their roles and responsibilities.

Course details:

Duration: Two half-days (consecutive)

Sectors: Public and private

Career level: Senior managers

Certification: No certification

In-person or virtual: Virtual

Course structure

The aim of the cyber breach response course is to provide drills, table-top exercises and rehearsals for the scenarios that you may face.

Your organisational structure can be unique and it is critical that we consider this when constructing a cyber breach playbook. Our approach is to prepare delegates for their role in their organisation’s breach plans. Differing structures can have an impact on operations and decision-making during a breach.

This course is a blend of lecture with practical exercises where we will share relevant insights and discuss the implications in your context. We use case studies based on real examples and we will draw on the wisdom in the room. You will participate in an interactive simulation of a real cyber breach that will test your responses.

The topics we will link into include

  • Risk Management
  • Understanding your environment
  • Understanding your attackers
  • Communications and stakeholder management
  • Building your playbook
  • Breach response

Example attack scenarios

  • Denial of Service
  • Credential Stuffing
  • Ransomware outbreak
  • Social engineering attack
  • Data leak/loss
  • Website defacement

Benefits for the individual

  • The ability to communicate what your responsibilities are and what actions you should take in the event of a breach.
  • The knowledge to be a part of developing and implementing a plan to effectively respond to a cyber breach.
  • A wider understanding and appreciate of everyone’s role within a breach scenario.
  • You will also help change the culture in your organisation

Benefits for the organisation

  • Valuable templates and sample documentation for your own use, including RACI Matrix template; Playbook examples; Common scenarios; Communications messaging best practice
  • Ability to recognise the importance of making decisions early or even ahead of a breach
  • Building better collaboration between senior leaders is one of the significant outcomes of the cyber breach course
  • Preparing your organisation for a security incident is now mandatory under the NIS Regulation
  • Managers will function more effectively as a unit, in a consistent and repeatable manner

Attendee requirements

The course is open to all roles, from CEO down to IT support staff because so many people need to play a part and everyone needs to understand the plan, whether directly involved or not.

We encourage delegates from digital/ICT managers, network managers, security analysts, corporate communications professionals, HR, Legal and fraud/investigations staff.

We assume participants on the course will:

  • Be in a digital/ICT management and/or leadership role
  • Be motivated and ambitious to succeed as a strategic leader of change
  • Be curious and open to learn
  • Be seeking principles and guidance to act strategically and tactically when required
  • Be willing to contribute to group discussions and undertake a role in the breach simulation

A commitment to the whole course is mandatory. Participants must have good communication skills and be willing to contribute with enthusiasm and energy. Outside of the workshop modules, there will be some requirement to engage in the coaching and mentoring sessions (via phone/skype), as well as collaborating online with others in the group during the course.

The course is designed to minimise travel costs and time away from the office. Course materials, refreshments and lunch are included. Travel and any accommodation required is the participant’s responsibility.

The course attendees will be invited to attend our annual two-day President’s Conference to take part in a graduation ceremony during the evening dinner.

To register, choose from upcoming training dates

Register now


    Preparing your organisation and your people to respond effectively, swiftly and in an assured way.

    What our alumni say

    Slides of Testimonials - Swipe the slide or use the dots to see a new quote.

    Beneficial for the cyber security project I'm working on

    Trainers were very knowledgeable and great at answering questions. Simulation was very useful and listening to the discussion between others was beneficial for the cyber security project I’m working on.

    Cyber Breach course attendee

    I found the cross-organisational exercising was really valuable

    Most of the day 1 material was already familiar to me (not a criticism), but I found the cross-organisational exercising was really valuable.

    Cyber Breach course attendee

    Everyone's views were taken on board

    The exercise on day two highlighted something that could happen and encouraged us to share how we would respond if situation like this arose within our organisation. Everyone’s views were taken on board and that made everyone feel part of the process.

    Cyber Breach course attendee