Incident Response

We never want a cyber-attack to happen to your organisation, but chances are it will. In fact, according to the Government’s Cyber Security Breaches Survey 2018, 43% of businesses experienced cyber security breaches or an attack over the previous 12 months. This is only expected to increase year-on-year.

And with a recent report by the Institute of Directors (IoD) and Barclay’s revealing that 56% of businesses wouldn’t actually be able to survive a cyber-attack, it’s crucial that you have a comprehensive response strategy in place.

What happens…

If you are attacked, we’ll be ready for your call. One of our consultants will be assigned specifically to your case and will be able to provide full incident management, bringing together your internal staff, Board of Directors and all relevant third parties including public relations and compliance teams.

How does Incident Response work?

Your assigned Incident Response Consultant will work with you to isolate, contain and then remediate the threat and then fully review the breach to identify the following:

• How did the incident occur?
• Understand the capabilities and motives of the cyber-criminal
• Provide remediation advice to remove the threat and upgrade your cyber defence

What is classed as a cyber-incident?

With so many cyber-attacks and incidents taking place, it can be hard to understand what is classed as a cyber-incident. We class any of the following as a cyber-incident, which will be covered with our Incident Response service: website attack, data compromise, phishing email, malware infection, ransomware, insider threat and targeted attacks.

What’s included in our Incident Response service?

• SLA-backed response (2 hour or 4 hour)
• Identification of compromised resources
• Isolation of the threat
• Evidence gathering
• Uncovering the source of the attack
• Reverse malware engineering
• Help with PR and compliance
• Elimination of the threat
• Fully documented review

Our consultants are highly experienced at incident response and work with other incident response teams across the globe as well as threat intelligence teams from Unit 12, the National Cyber Security Centre and Kaspersky Labs threat intelligence team to provide the very best and latest intelligence on threats and cyber-actors.

Incident Response Tabletop Exercise

In addition to our normal IR service, we also offer IR preparation sessions whereby our Cyber Consultants will host a round table event and present you with a series of scenarios and then engage in a discussion with your IT and senior management teams to consider both strategic and tactical approaches you might take in each case. These are a great way to design, and test, your organisation's cyber crisis management processes, and your ability to respond to attacks.

We are CREST accredited!

CREST is a not-for-profit accreditation body that represents and supports the technical information security market. It provides internationally recognised accreditations for organisations and individuals providing a host of cyber security services, including Incident Response.

By being accredited it provides an independent, verifiable third-party assessment of our Incident Response methods giving us confidence that our procedures are of the highest standard. This then provides us with greater credibility within the cyber security industry.

Individuals within the security industry recommend businesses looking for Incident Response services should always search for CREST accredited bodies to ensure the services are carried out by skilled professionals. 

Get in touch with CyberGuard to discuss your cyber security needs

Speak to one of our cyber experts to understand how we can improve your cyber security