Workshop 1.5 | Taking Agency in an Uncertain World: Developing a Cyber-Resilience Toolkit for Research Libraries
Date: Wednesday, 1 July 2026, 16:00-18:00
Location: R90
Speakers:
William Nixon, Research Libraries UK, United Kingdom
Nancy Graham, London School of Economics (LSE), United Kingdom
Jane Harvell, University of Sussex, United Kingdom
Ian Gifford, University of Manchester, United Kingdom
Kirsty Lingstadt, University of York, United Kingdom
Organised by Research Libraries UK
In today’s interconnected digital research landscape, cyber incidents are now a clear and present risk for research libraries (it may not be “if” but “when”). In recent years, public libraries, national libraries and universities have all experienced incidents. Cyber-resilience is critical for research libraries which provide access to rich and unique collections, support open scholarship, and provide essential research infrastructure.
This dynamic and engaging workshop will provide an opportunity for colleagues to explore their cyber-readiness through an overview of the cyber-resilience toolkit developed by Research Libraries UK. Through breakout sessions and group discussions the workshop will provide background and strategic context for the toolkit. It will also support attendees in developing an action plan and next steps in how they would respond to a cyber-incident through a four-stage lifecycle. The workshop recognises that this is not just a technical challenge, but a strategic, cultural and organisational one which can be explored collaboratively.
This cyber-resilience workshop aligns with the “Research Data and Knowledge Security” theme of LIBER 2026.
Cyber-resilience lifecycle
The Cyber-Resilience lifecycle we will share covers these four stages which also be the basis for the breakout groups:
- Readiness: Establishing measures to reduce vulnerabilities and prepare for incidents, ensuring regular staff training, and developing an up-to-date incident response plan.
- Response: Acting swiftly and decisively when an incident occurs. Library directors should ensure clear decision-making plans are in place, with designated leads and communication strategies to maintain service continuity and to co-ordinate with the institutional response.
- Recovery: Restoring systems and services while maintaining trust with stakeholders. Recovery planning includes the prioritisation of core library services, secure restoration of access to collections and services (digital and physical) and collaboration with institutional IT teams.
- Review: Lessons learning from incidents to strengthen future resilience both for the institution itself and across the sector. Post-incident reviews should be conducted to identify gaps, update policies.
Workshop Objectives
- Provide a strategic context for the importance of a Research Library focus on cyber-resilience, and how it complements institutional activities
- Introduce the RLUK Cyber-Resilience toolkit which provides a leadership framework, based around a four-part cyber-incident lifecycle of Readiness, Response, Recovery, and Review
- Demonstrate the practical benefits for Library leadership in engaging with staff to prepare for cyber-incident; and the importance of staff wellbeing
- Provide a roadmap for peer European research libraries to start developing and collaborating on their own cyber-resilience leadership framework
- Explore how we can work together collectively, sharing resources, templates and training to improve our cyber-resilience
Key Outcomes
- A shared understanding of the strategic need for a Research Library cyber-incident leadership framework, and the implications for the leadership team and staff across the library
- An action plan and next steps for attendees to take forward (individually and collaboratively) to improve their own cyber-resilience
- A collective range of resources and next steps which could be shared to improve the sectors cyber-resilience
Workshop Structure
- Cyber-incident icebreaker: Colleagues, including the workshop leaders will be invited to share their cyber-incident experiences [in confidence]
- Why a Leadership Framework for Cyber for Research Libraries? Led by the Director of an RLUK library highlighting the unique challenges for research libraries
- Our RLUK Toolkit Journey: Background and lessons learned in developing our toolkit including its launch, feedback, impact and our next steps
- Cyber-Incident Scenario Breakout Groups: The breakout sessions will be organised around the same cyber-incident scenario with each group exploring one of the four stages: Readiness, Response, Recovery and Review.
- Collective discussions and next steps: opportunities for collaboration