Cyber response plan: guidance and template

Learn what your cyber response plan needs to include and what to prepare, so you can be ready for any cyber incident. Download our template to create a plan that helps you stay calm and respond quickly and effectively.

Last reviewed on 16 April 2026

School types: All•School phases: All•Ref: 52520

Contents

What is it?
There's no statutory requirement to have a plan, but it's a good idea
Set up an incident response team
Make sure you have robust backup systems in place
Organise your communication channels
Download our template plan
Adapt our template in line with your school's context
Develop your plan alongside a culture of cyber awareness
Test your plan regularly
Example scenarios for staff CPD activities
Take a look at template examples
Next steps

What is it?

A cyber response plan sets out the actions you'll take to make sure your school can still operate efficiently in the event of a:

Criminal or malicious cyber attack
Non-malicious incident, such as accidental deletion, service outage or a system failure

A good plan should outline clear, practical steps to help you identify, contain and recover from a cyber incident, including:

Stopping any further damage
Preserving evidence, if the incident involves criminal activity
Fixing the problem and getting operations back to normal as quickly as possible

There's no statutory requirement to have a plan, but it's a good idea

Your school should create a risk management process and cyber response plan, according to the DfE's non-statutory cyber security guidance on meeting the DfE's digital and technology standards.

If you have an insurance policy that covers cyber incidents, check with your provider to find out your requirements for cyber

What is it?

There's no statutory requirement to have a plan, but it's a good idea

Want to continue reading?