The first 48 hours of incidents response is the most critical. We will explain few important steps that need to be taken to mitigate the impact on service availability, information systems integrity and data confidentiality. The cyber resilience is also covered by the individual national regulations and directives, so let's take a closer look at it and explain why principles of Network Detection and Response shall be a crucial part of technical measures implementation for regulated entities.