Incident Response

We can help you by developing and implementing robust incident response programmes, with proactive and reactive capabilities. Proactive measures will include ensuring your team is prepared and has the right skills to detect and contain incidents. When reacting to cyber incidents, it is essential that response activities and your team’s respective roles and responsibilities are clearly defined, and deployment protocols are managed so as to minimise impact and restore normal operations rapidly.

We can support your organisation with the following areas:

• Proactive – Polices, procedures, plans, playbooks, including:
  • Cyber incident response and recovery
  • Business continuity and resiliency
  • Disaster recovery
  • Tabletop exercises – scenario testing
  • Threat intelligence programmes
  • Solution identification and implementation
    • Managed detection and response
    • Log analysis
    • Endpoint visibility
    • Managed containment

• Reactive – Response activities include:
  • Response plan coordination
  • Data collection and recovery
  • Root cause analysis
  • Forensic analysis of technical compromise
  • Control remediation evaluation and implementation support

• Investigations
  • Cryptocurrency and digital assets
  • Fraud
  • Intellectual property theft

• Expert witness and testimony