Ransomware incident response workshop

Test your infrastructure, policies and procedures with a realistic simulated incident.


The UK’s National Cyber Security Centre (NCSC) has warned that UK organisations need to plan for when they get hit by a cyber-related incident, not if. Ransomware incidents affecting the sector continue to grow in number and severity, often taking organisations off-line for extended periods, severely impacting business continuity, revenue and reputation.

With our knowledge of the threat landscape affecting Jisc members, we have developed an incident response workshop which will:

  • Bring together your incident response team in a safe environment
  • Test your current incident response capability and readiness
  • Improve staff awareness of roles and responsibilities
  • Inform your communication strategy and policy and process development
  • Provide you with detailed recommendations on how to improve your incident response capability and security posture

Cardiff Metropolitan University: emerging stronger from cyber attack

When Sean Cullinan, head of information services at Cardiff Metropolitan University, realised the university’s systems were under attack, it kickstarted a powerful working relationship with Jisc that transformed security.

Read the member story.

Course structure

The training is split into three parts and run over three days, starting with a scoping session to determine and develop a tailored approach that meets your needs.

The second part is run as a table top exercise, starting with a short simulated incident designed to familiarise your IT team with the format and scenarios. Your existing incident response policies and processes are then reviewed. This is followed by a simulated ransomware attack, aimed at all staff from across your organisation who would be involved in responding to a real incident.

The third part will be a report from Jisc security specialists presenting findings from the live exercise and recommendations including next steps for your organisation.

Contact us

Please contact training@jisc.ac.uk for further details or to join our waiting list.

Tech takes podcast: The impact of ransomware attacks

Simon Hewitt, principal at Dundee and Angus College talks through the devastating effects a ransomware attack had on his college, why it was able to happen, and what they've put in place to deal with attacks in the future.

Listen to the podcast.