Last Review: 28 June, 2022, Halkyn Consulting Ltd, 2017,

Security Incident Response

Detect, Contain, Investigate, Recover

Determined and persistent hackers can eventually break down even the best security controls. Every month the news details another big name which has been hacked and huge amounts of data exposed to criminals. Don’t let this happen to you. Our expert incident responders and forensic investigators can help you build your own incident response team, assess its effectiveness and support you when you need it the most. We can help you detect the attack, learn how it happened and prevent it in the future. See our testimonials.

Security Incident Response Services

Contain the breach, minimise the harm

Security breaches are an inevitable, if unfortunate, fact for every organisation. The difference between being able to survive the breach to continue your business and being overwhelmed into bankruptcy can often hinge on how effective your incident response processes are. You need to know that your processes will detect attacks, limit the impact and enable you to recover as quickly and effectively as possible. Anything else could mean even a trivial "hack" could be catastrophic.

Incident response is a critical business function made up of multiple steps — typically Confirm, Contain, Investigate, Recover, Lessons Learned. You can run them all in-house, outsource it all or find a balance between the two. Whatever option you go for, it is essential that your processes are functional, practiced and trusted by all participants.

Incident Response

All our services are driven by your needs and we are always willing to tailor what we offer around your requirements. At a very high level, we offer the following categories of incident response services:

  • Incident Response. If you have an ongoing security breach, our specialists can help you quickly identify the source and contain the attackers. Quick containment can make all the difference.
  • Incident Investigation. Our forensic specialists and incident handlers can help you find out how you were attacked, what they managed to do to you and what you need to do to prevent it happening in the future.
  • Capability Review. We will visit the location of your choice and carry out an assessment of your existing Incident Response capabilities (in-house or outsourced). Examples of this service include reviewing processes, identifying gaps, checking team members' skills & competencies, verifying evidence and assessing process maturity.
  • Incident Response Team Creation. If you don't have an existing incident response team, we can work with you (and your suppliers as necessary) to create, resource and develop a capability to deal with the real-world threats your organisation faces.
  • Red Team Testing. Once you know you have a good incident response team, test it! Our security specialists will run your incident responders through a series of scenarios designed to ensure that they are working at the best of their abilities and giving you the assurance you need around this critical service.

All our security testing is carried out with your knowledge and prior agreement. We will never conduct a security assessment without your explicit permission and our assessments will never go beyond the agreed scope. Contact us to find out more about how our team can support and improve your incident response capabilities.