Cyber incidents, data breaches and operational disruptions don’t just affect systems - they affect people.

The National Cyber Security Centre (NCSC) has published guidance called “Putting staff welfare at the heart of incident response” to help organisations consider the impact of a cyber incident on the people involved. While the guidance has been available for some time, the increasing prevalence of cyberattacks continues to make it timely.

When things go wrong - whether it’s a cyberattack, system failure or security breach - employees may feel stress, uncertainty, fatigue, guilt, or anxiety. The NCSC’s view is that if welfare is overlooked, it actually undermines the resilience of the whole response effort. A team that’s burnt out or demoralised is less able to think clearly, act decisively, or recover well.

What the NCSC recommends

The guidance lays out five core recommendations for making sure that staff welfare is considered:

• Include all staff in the incident response plan: When planning how you will respond to an incident, identify the staff that will be affected by it. Consider what the potential stresses might be. For instance, what if key staff are absent? Can you call on staff to handle incidents outside normal working hours? Planning can reduce unnecessary stress if an incident happens.
• Build a culture where staff feel safe to speak up: In a stressful incident, people cope with it differently. The guidance encourages a positive, secure culture where staff will feel able to speak up if they are feeling overwhelmed, burnt out, or need help, or if they spot worrying signs in their colleagues. This will help you to handle a problem before it becomes too serious.
• Plan your internal communications: During a live incident, people want clarity. Keep everyone – including staff that are not directly involved – informed about what’s happening.
• Be conscious of staff concerns: Staff are likely to worry about how the incident will impact their own livelihoods, whether because their personal information has been stolen or they will lose their job. Clearly communicating how the business plans to get through the incident can help people focus on what they need to do rather than worrying.
• Practise your response: Practice can help your staff feel better prepared. NCSC offers a free Exercise in a Box that can be used for this purpose.

If you have an incident response plan (or are planning to build one), it’s worth reviewing it through a welfare lens by using NCSC’s guidance.

To review the guidance, see: https://www.ncsc.gov.uk/guidance/putting-staff-welfare-at-the-heart-of-incident-response