Select Page


To best survive a cyber-attack, have a response plan. Better still have a response plan that is tested and validated to match the needs of your organisation. Gaining corporate agreement and buy-in to have a data breach response plan is just the start.

Organizations also need to ensure that it’s actionable and that they regularly practice and refine it. Without testing, your people will likely lack the knowledge and confidence to successfully manage an incident.

Nettitude have witnessed numerous plans that fall down at the first rehearsal as they are not truly embedded into the working practices of their employees. Incident response processes that live as a document and not in the mind provide a false sense of security. With the risk of a cyber-attack increasing – how confident are you that your organisation’s cyber incident response plan would be effective?

Why Consider Incident Response Testing?

Your plan will be tested, sooner or later, during a real breach. Many organisations only discover the flaws in their incident response plans when they are trying to deal with an incident. If your incident response plan fails, there is a real risk of systemic failure in the investigation resulting in a chaotic and costly response.
A comprehensive incident testing programme can expose gaps in even the most seemingly robust of cyber incident response plans and provides valuable insight into whether the incident response plan actually delivers its stated aims back to your organisation.
True cyber resilience can only be achieved through ongoing testing of your capability to detect and respond to security incidents.
There is of course more than one type of attack. Nettitude recommends your testing should simulate a combination of the following:

  • External attack and data theft;
  • Malicious insider or compromised user;
  • Loss of employees or customer personally identifiable information;
  • Physical loss of data or asset;
  • Ransomware event or distributed denial-of-service disruption;
  • Attack against the organisation’s intellectual property or C-suite executives.

Even organisations with incident response plans in place are finding that the time to resolve incidents is increasing. This is largely due to organisations not testing their incident response plans, then finding that they can’t adequately address all the aspects of a genuine security incident.

How Does Cyber Incident Response Testing Help You?

Delivered as either a table top or simulated exercise, Nettitude’s expert consultants will guide your team through incident response plan development, allowing you to determine how thorough your plan really is, and what improvements could be made.

We will assess how your organisation will:


  • Identify the most relevant types of incidents
  • Engage external service providers and business continuity processes
  • Comply with Crisis management protocol
  • Operate without invalidating your Cyber Insurance
  • Enact the most appropriate containment strategies
  • Communicate internally whilst maintaining confidentiality
  • Notify stakeholders & regulators
  • Comply with breach-reporting rules
  • Handle the pressure an incident creates

Nettitude’s Computer Emergency Response Team (NCERT) have witnessed, first hand, how a poorly configured untested Incident Response plan can actually exacerbate the impact of a breach. With the right response, you can mitigate the reputational and operational costs of a breach.

A poorly executed response will only add to your reputational and operational costs.

Why Incident Response Testing from Nettitude?

Nettitude IR Response Testing exercises are designed to assess your response to both commodity and advanced (targeted) attacks. Advanced threats will often have different indicators, tactics and containment requirements, rather than typical incident response methodologies. Nettitude’s real-world experience in responding to these more sophisticated attacks allows us to present scenarios that reflect the actual techniques used by advanced threat actors. While fictional, the scenarios used in the exercise are based upon actual events or past experiences. As in actual events there may be “unknowns” and it may be necessary to make some assumptions or inject likely variances. The delivering Incident Response Consultant will facilitate and document findings resulting from the exercise.

At the conclusion of every test you will receive a detailed report covering:

  • Exercise objectives.
  • Scenario and response synopsis.
  • General exercise performance evaluation.
  • Issues identified, potential organizational impact, lessons learned, assigned tasks.
  • Incident response plan recommendations

Nettitude’s IR Response Testing is suited for IT and operational security employees, or those responsible for owning and executing the incident response process.

Need help starting your plan? Why not use our IR Maturity Assessment service to assess your readiness first?

Frequently Asked Questions about Data Privacy Security

What is an incident response policy?

An Incident response plan or policy is a process you create before you experience a cyberattack. This is so that your team has a procedure to follow when you do experience a data breach. Nettitude follows the CREST Cybersecurity Incident Response process which is broken down into 3 phases: preparation, response, and follow up. Having a breach plan gives you the confidence to quickly nullify any threat to your data privacy security.

Why is data privacy security important?

Although it has always been important, the implications and need for higher security are coming into play now that technology is indispensable to everyday life. Using apps, browsing websites, and shopping online are all examples of how your data will be stored and managed online. For organisations today, the threat of cyber theft is a pertinent one. Having comprehensive data privacy plans in place can reduce and mitigate the risks of such events.

Does Nettitude practice sustainability?

As a company with a global footprint, sustainability is an area of importance to us. We are a registered ‘Investor in People’ organisation. Taking a cue from ISO 14001, we have strong sustainability practices put in place. Our organisation also hires fairly and equally, across gender and race. By working with us, you can rest assured that we implement data privacy security measures with ethics at the core of our mission.

Get a free quote

speak to our experts