Incident Response

We develop and implement response programmes that are robust, with proactive and reactive capabilities. Proactive measures will include ensuring your team is prepared and has the right skills to detect and contain incidents. When reacting to cyber incidents, it is essential that response activities and your team’s respective roles and responsibilities are clearly defined, and deployment protocols are managed so as to minimise impact and restore normal operations rapidly.

• Proactive – Polices, procedures, plans, playbooks, including:
  • Cyber incident response and recovery
  • Business continuity and resiliency
  • Disaster recovery
  • Tabletop exercises – scenario testing
  • Threat intelligence programmes
  • Solution identification and implementation
    • Managed detection and response
    • Log analysis
    • Endpoint visibility
    • Managed containment

• Reactive – Response activities include:
  • Response plan coordination
  • Data recovery
  • Root cause analysis
  • Forensic analysis of technical compromise
  • Control remediation evaluation and implementation support

• Investigations
  • Cryptocurrency and digital assets
  • Fraud
  • Intellectual property theft

• Expert witness and testimony