612,000 UK businesses and 61,000 UK charities have identified a cyber breach or attack in the past year. *

Attend our timely Preventing and Responding to a Data Breach training course to gain the expertise needed to identify and tackle data breaches robustly and effectively.

This course is designed to equip you with the knowledge and tools needed to strengthen your organisation’s breach response strategy and reduce exposure to financial, reputational, legal, and operational risks.

Led by our expert trainer, you will receive a comprehensive overview of the Government’s Cyber Governance Code of Practice, published in April this year, along with key insights into:

Identifying different types of data breaches — both cyber and non-cyber
Taking decisive action within the first 24 hours
Conducting risk assessments and implementing damage control measures
Ensuring compliance with legal obligations and ICO reporting procedures
Learning from past incidents to improve future responses

Engage in a series of interactive exercises based on realistic scenarios, giving you the opportunity to ask questions, evaluate risks, plan responses, and test your skills in a supportive environment, ensuring you are prepared to handle data breaches effectively. Don’t miss this opportunity to enhance your organisation’s resilience.

* Cyber security breaches survey 2025

Trainers

Simon Blanchard (CIPP/E)

Partner

DPN Associates

Who should attend

This workshop is aimed at public, private and third sector organisations. Relevant and beneficial for board level executives, senior management, data protection and information technology teams, who’ll be at the forefront of any organisation’s response to a data breach.

Board Members & Senior Executives
Data Protection Officers
Legal Counsel & Chief Compliance Officers
Chief Technology Officer & Information Officers
Information Technology & Security teams
Public Relations & Communications Teams

Online Training

Participate in live training online
Group work and practical scenarios
Course materials

The course has really developed my understanding on privacy and data protection, and I feel like I now have open channels to enquire through should I have a question in future.
Lou Abbott-Williams, Eurofins Agroscience Services

The training was helpful and covered a huge amount of information. The trainer was very engaging and I enjoyed hearing from other participants about their experiences and knowledge.
Lisa Weylandt, includem

Interesting, helpful and delivered well by a personable trainer throughout. I definitely improved my knowledge and therefore found the session beneficial.
Sarah Kingham, Recruiting Group

Very informative session on data breaches, with the right balance between delegate experiences, examples, and interaction and trainer led content. There was plenty of practical takeaways that delegates can go away and discuss with colleagues, governance teams, and their organisation for enhanced risk management and information governance.
Chris Burn, CSRB Limited

Course Outcomes

Identify and triage a data breach, ensuring for a swift and appropriate response
Understand how to assess and benchmark risks associated with data security, enabling informed decision-making
Know the principles of the Cyber Governance Code of Practice and recognise its significance for boards and directors in governing cyber security risk
Learn how to prepare for, respond to, and recover from cyber incidents
Learn to assess when a breach should be reported and when to notify those affected
Evaluate whether existing data breach procedures are adequate and effective
Understand best practices for staff training as a critical first line of defence for prevention and detection of cyber threats

Agenda

10:00 - 10:15

Welcome and Introduction

Simon Blanchard (CIPP/E)

Partner, DPN Associates

10:15 - 10:45

Understanding Data Incidents & Breaches

Recognising a personal data breach from a data incident
Types of breach: cyber & non-cyber threats – with helpful examples
Reporting requirements
Trends in breach reporting
Key learning from recent high-profile breaches

10:45 - 11:15

Planning Ahead: Developing a Playbook and Mitigating Risks

Defining key roles and responsibilities
A step-by-step approach to create your data breach procedure (playbook)
Gaining support from the business
Overview of Cyber Governance Code of Practice: Incident planning, response, and recovery
Cyber essentials certification
The role of technology
Running a simulation exercise

11:15 - 11:30

Morning Break

11:30 - 12:00

‘We’ve Had a Data Breach!’: Responding in the First 24/48 Hours

The first responder team
Determining what data has been compromised
Gathering & recording evidence
Containment – isolating a breach and preventing escalation

12:00 - 12:45

Next Steps

Assessing the risks:

Establishing the true circumstances of the breach
Assessing potential harm and damage to those affected
Spotlight on risks to the business (financial, reputational, legal…)
Using a risk matrix

Understanding the legal obligations:

When and how to report a breach to the ICO
When to notify affected individuals
Other legal considerations

Internal & external communications and PR

12:45 - 13:30

Lunch Break

13:30 - 14:15

Group Exercises:

Cyber breach
Non-cyber breach
Processor breach

Participants will evaluate a breach scenario and decide how best to respond. Other groups will be invited to give their feedback.

14:15 - 14:45

Prevention is Better than Cure!

Identifying data threats, risk areas and vulnerabilities across your organisation
Information security risk assessments
Training employees to reduce human error

14:45 - 15:15

Acting on Lessons Learnt

Reinforcing cyber security systems
Recovering loss of information
Rebuilding trust after a breach

15:15 - 15:45

Q&A Followed by Closing Summary (Takeaways)

15:45

Closing Remarks

Simon Blanchard (CIPP/E)

Partner

DPN Associates

CPD

This course is CPD Certified.

Contribute 6 hours towards your Continuing Professional Development (CPD) and receive a certificate of attendance.

In-house Training

This course can also be offered as in-house team training. Find out more about our tailored training solutions by contacting us at learning@westminsterinsight.com

In-House Training

Data Protection Essentials Online Training

Monday 19th January 2026

Data and Technology Training Courses

Better Regulation Online Training

Thursday 23rd October 2025

Government and Policy Training Courses

Handling Data Subject Access Requests Online Training

Thursday 13th November 2025

Data and Technology Training Courses

Preventing and Responding to a Data Breach

Online Training

Course Outcomes

Agenda