Our Preventing and Responding to a Data Breach training course gives you the practical expertise to spot, contain, and manage data breaches with confidence.

Attend to gain the skills and knowledge to strengthen your organisation’s breach response strategy, protect sensitive information, and reduce the financial, reputational, legal, and operational fallout that often follows an incident.

Led by an expert trainer, this course provides a clear and accessible overview of the Government’s Cyber Governance Code of Practice (published April last year), and delivers practical guidance on:

Identifying different types of data breaches — both cyber and non-cyber
Acting decisively in the critical first 24 hours
Conducting risk assessments and implementing damage control measures
Meeting legal obligations and navigating ICO reporting requirements
Learning from past incidents to strengthen future resilience

You will also take part in interactive, scenario‑based exercises that allow you to test your decision‑making, practise response planning, and ask questions in a supportive environment.

This is a valuable opportunity to build your organisation’s resilience and reduce the impact of future incidents. Leave the day fully prepared to manage data breaches with clarity and confidence.

Trainers

Simon Blanchard (CIPP/E)

Partner

DPN Associates

Who should attend

This workshop is aimed at public, private and third sector organisations. Relevant and beneficial for board level executives, senior management, data protection and information technology teams, who’ll be at the forefront of any organisation’s response to a data breach.

Board Members & Senior Executives
Data Protection Officers
Legal Counsel & Chief Compliance Officers
Chief Technology Officer & Information Officers
Information Technology & Security teams
Public Relations & Communications Teams

Online Training

Participate in live training online
Group work and practical scenarios
Course materials

The course has really developed my understanding on privacy and data protection, and I feel like I now have open channels to enquire through should I have a question in future.
Lou Abbott-Williams, Eurofins Agroscience Services

The training was helpful and covered a huge amount of information. The trainer was very engaging and I enjoyed hearing from other participants about their experiences and knowledge.
Lisa Weylandt, includem

Interesting, helpful and delivered well by a personable trainer throughout. I definitely improved my knowledge and therefore found the session beneficial.
Sarah Kingham, Recruiting Group

Very informative session on data breaches, with the right balance between delegate experiences, examples, and interaction and trainer led content. There was plenty of practical takeaways that delegates can go away and discuss with colleagues, governance teams, and their organisation for enhanced risk management and information governance.
Chris Burn, CSRB Limited

Course Outcomes

Identify and triage a data breach, ensuring for a swift and appropriate response
Understand how to assess and benchmark risks associated with data security, enabling informed decision-making
Know the principles of the Cyber Governance Code of Practice and recognise its significance for boards and directors in governing cyber security risk
Learn how to prepare for, respond to, and recover from cyber incidents
Learn to assess when a breach should be reported and when to notify those affected
Evaluate whether existing data breach procedures are adequate and effective
Understand best practices for staff training as a critical first line of defence for prevention and detection of cyber threats

Agenda

10:00 - 10:15

Welcome and Introduction

Simon Blanchard (CIPP/E)

Partner, DPN Associates

10:15 - 10:45

Understanding Data Incidents & Breaches

Recognising a personal data breach from a data incident
Types of breach: cyber & non-cyber threats – with helpful examples
Reporting requirements
Trends in breach reporting
Key learning from recent high-profile breaches

10:45 - 11:15

Planning Ahead: Developing a Playbook and Mitigating Risks

Defining key roles and responsibilities
A step-by-step approach to create your data breach procedure (playbook)
Gaining support from the business
Overview of Cyber Governance Code of Practice: Incident planning, response, and recovery
Cyber essentials certification
The role of technology
Running a simulation exercise

11:15 - 11:30

Morning Break

11:30 - 12:00

‘We’ve Had a Data Breach!’: Responding in the First 24/48 Hours

The first responder team
Determining what data has been compromised
Gathering & recording evidence
Containment – isolating a breach and preventing escalation

12:00 - 12:45

Next Steps

Assessing the risks:

Establishing the true circumstances of the breach
Assessing potential harm and damage to those affected
Spotlight on risks to the business (financial, reputational, legal…)
Using a risk matrix

Understanding the legal obligations:

When and how to report a breach to the ICO
When to notify affected individuals
Other legal considerations

Internal & external communications and PR

12:45 - 13:30

Lunch Break

13:30 - 14:15

Group Exercises:

Cyber breach
Non-cyber breach
Processor breach

Participants will evaluate a breach scenario and decide how best to respond. Other groups will be invited to give their feedback.

14:15 - 14:45

Prevention is Better than Cure!

Identifying data threats, risk areas and vulnerabilities across your organisation
Information security risk assessments
Training employees to reduce human error

14:45 - 15:15

Acting on Lessons Learnt

Reinforcing cyber security systems
Recovering loss of information
Rebuilding trust after a breach

15:15 - 15:45

Q&A Followed by Closing Summary (Takeaways)

15:45

Closing Remarks

Simon Blanchard (CIPP/E)

Partner

DPN Associates

CPD

This course is CPD Certified.

Contribute 6 hours towards your Continuing Professional Development (CPD) and receive a certificate of attendance.

In-house Training

This course can also be offered as in-house team training. Find out more about our tailored training solutions by contacting us at [email protected]

In-House Training

Data Protection Essentials Online Training

Monday 19th January 2026

Data and Technology Training Courses

Better Regulation Online Training

Thursday 23rd October 2025

Government and Policy Training Courses

Handling Data Subject Access Requests Online Training

Wednesday 20th May 2026

Data and Technology Training Courses

Preventing and Responding to a Data Breach

Online Training

Course Outcomes

Agenda