7 general steps that can be implemented in the case of a cyber security incident:

1. Establishing an IR team: Your incident response plan starts with putting together a group of experts. The team should include these positions:

- Technical Lead: responsible for technical analysis and resolution of incidents.

- Legal and Compliance Lead: responsible for ensuring that incident response activities comply with legal and regulatory requirements.

- Communications Lead: responsible for communication with internal and external stakeholders.

It is also recommended to call external IT support.

2. Conduct threat analysis: Your IR team should look for various clues (for example unusual traffic or requests) in order to analyse potential threats. This means understanding what kinds of attacks your organisation might face and how they could harm you.

3. Outline quick response guidance: In the heat of the moment, your team needs a playbook to follow. This guidance tells them what to do as soon as they spot trouble. It's like having an emergency checklist, so everyone knows exactly what steps to take.

4. Develop procedures for external communication: When an incident happens, you might need to talk to the police, customers, or other organisations. You need clear procedures for who talks to whom and what to say. Think of this step as setting up a secure channel for communication to get help and share information.

5. Train employees: Your employees need to be educated on security practices. They should know how to spot suspicious activity and understand their role in the incident response plan.

6. Test IR plan: Your IR plan should be tested regularly through drills and simulations. This helps your team refine their skills and identify any weaknesses in your plan.

7. Learn: After each incident or test, take time to learn from the experience. What worked well? What could be improved? Continuous improvement is the key to staying ahead of cyber threats.

So, adequately responding to an incident involves assembling a capable team, understanding potential threats, preparing for quick action, and constantly sharpening your skills to keep your organisation safe from digital threats.