Global Site
Argentina Aruba Barbados Bolivia Brazil Canada Cayman Islands Chile Colombia Costa Rica Curacao El Salvador Guatemala Honduras Mexico Paraguay Peru Puerto Rico Saint Martin Suriname United States Uruguay Venezuela
Australia Cambodia China Hawaii Hong Kong India Indonesia Japan Macau Malaysia Maldives Mongolia Myanmar Nepal New Zealand Pakistan Philippines Singapore South Korea Sri Lanka Taiwan Thailand Vietnam
Albania Andorra Armenia Austria Azerbaijan Belgium Bulgaria Croatia Cyprus Czech Republic Denmark Estonia Finland France Georgia Germany Greece Hungary Ireland Italy Kazakhstan Kosovo Latvia Lithuania Luxembourg Malta Moldova Netherlands Norway Poland Portugal Romania Serbia Slovakia Slovenia Spain Sweden Switzerland Tajikistan Turkey Ukraine United Kingdom Uzbekistan
Algeria Angola Bahrain Egypt Ghana Israel Jordan Kenya Kuwait Lebanon Liberia Mauritius Morocco Mozambique Nigeria Oman Qatar Saudi Arabia Senegal Sierra Leone South Africa Tanzania Togo Tunisia Uganda United Arab Emirates Yemen
Contact us
home Insights
lady looking at laptop

Cyber resilience

Daniel Sibthorpe
08/09/2025
lady looking at laptop
What to ask before and after a cyber incident

In today’s threat landscape, cyber resilience is no longer a luxury, it’s a necessity.

Organisations must be prepared not only to defend against cyber threats but also to respond swiftly and effectively when incidents occur. The following questions, adapted from our in-depth guidance, can help senior leaders engage meaningfully with their IT teams to assess and improve their cyber resilience.

Be proactive, not reactive

Cyber resilience begins with preparation. Ask your IT team the following questions.

  • Do we have an up-to-date incident response plan? 
    Ensure the plan includes clearly defined roles, responsibilities, and key contacts.
  • Have we assessed our key third-party suppliers?
     Use recognised cyber frameworks (e.g., NIST, ISO 27001) to evaluate supplier risk.
  • Have we recently tested our incident response procedures?
     Regular simulations and tabletop exercises are essential to validate readiness.
  • What proactive threat intelligence do we perform?
     Understand how your organisation gathers and uses threat intelligence to anticipate risks.
  • What communication channels are in place?
     Confirm that internal and external communication protocols are established for crisis scenarios.
  • Are we monitoring for unusual activity?
     Continuous monitoring of both internal and external networks is vital for early detection.
  • What is our cyber security strategy?
     Collaborate with IT to establish a realistic and proportionate strategy to improve resilience in the immediate, medium and long-term.

When a cyber incident occurs

Preparation must translate into action when an incident strikes. Ask:

  • Have we identified our key systems?
     Know which systems are critical and how quickly they can be restored.
  • What are our backup processes?
     Clarify how backups are performed, where they are stored, and how quickly they can be accessed.
  • What have we done to triage the incident?
     Determine the nature of the incident (e.g. ransomware, phishing, insider threat, data breach), how and when it was first detected and whether the incident is ongoing or has it been contained.
  • Has any sensitive or personal data been compromised?
     Understand what types of data could have been compromised, e.g. customer, employee or financial.
  • If yes, have we contacted relevant regulators?
     If data has been compromised, liaise with your legal advisors to determine whether reporting to relevant regulators is necessary, e.g. the Information Commissioner’s Office (ICO).

Strengthening your cyber resilience strategy

These questions are not just for IT — they’re for leadership. Cyber resilience is a shared responsibility across the organisation. By fostering open dialogue and accountability, you can build a culture that prioritises security and preparedness.

Need support?

Crowe offers expert guidance in cyber security, forensic services, and counter fraud. Contact us for a free, no-obligation conversation about your organisation’s cyber resilience. 

Contact us

Tim Robinson
Tim Robinson
Partner, Cyber Security and Counter Fraud
+44 (0)20 7842 7164

Insights

UK Cyber Security Breaches Survey 2025
Cyber threats persist across UK sectors—phishing dominates, ransomware rises, and resilience gaps leave organisations exposed.
Cyber and Physical Security Convergence
Security convergence integrates cyber and physical security to tackle modern threats, enhancing efficiency and reducing vulnerabilities.
Build your resilience to the threat of cybercrime
Cybercrime is the problem of our age and is made worse as the nature of the problem changes and develops with an ever-increasing speed.

Related services

Cyber security Forensic Services