Free incident notification tool

Something happened. Who do you tell?

As a supplier, you may have tight contractual or legal obligations to notify your customer, the ICO, or the NCSC when a security incident occurs. Knowing which apply — and by when — is genuinely hard when you're in the middle of it.

Describe what happened and we'll tell you exactly who needs to know, when the clock runs out, and give you a pre-filled notification draft ready to send.

Report an incident now Sign in to view past incidents

The tool covers all four notification routes

ICO

Information Commissioner's Office

72 hours from discovery

Customer

Your CNI / enterprise customers

Typically 24–72 hours (check your contract)

NCSC

National Cyber Security Centre

As soon as practical — no statutory deadline

Action Fraud

As soon as practical

The wizard takes around two minutes. Your incident report is saved so you can return to it later.