Skip to main content

Our Incident Response services facilitates the prompt containment and restoration of your environment in the event of an incident. Incident Response encompasses prevention, detection, response and recovery. We adhere to the global framework, NIST 800-61.

Why Incident Response? 

Almost every organisation relies heavily on digital infrastructure, and the consequences of disruptive cyber-attacks can be severe, often affecting every corner of the business. A service such as incident response is vital. It not only assists organisations with containing and managing cyber threats, but it fosters an environment of good cyber posture across the entire business. Adopting an incident response service is not only a sensible choice, but also a necessary investment to protect business operations in an era dominated by digital dangers. 

What We Do 


Your organisation will go through a detailed onboarding process where we complete a full review of current practices with our expert recommendations on improvements and next steps.  Or, depending on the service model that is right for your business, we gather vital information and equip your organisation with the appropriate monitoring. 

Detection & Analysis  

  • With our 24/7 SOC service, we detect threats by proactively monitoring of your environment. 
  • Then, we analyse the threat and potential impact to your organisation including any containment actions required.  
  • Our experts will then meet with key stakeholders of the organisation and work with them to communicate the threat and the next steps.  

Containment, Eradication and Recovery  

  • Our experts contain the threat and work closely with forensic partners to retain necessary evidence. Ensuring your legal and insurance obligations are fulfilled.  
  • We work closely with your organisation to ensure any important information is communicated throughout the organisation and to stakeholders regarding any impacts.  
  • An eradication plan is developed by experts which includes prioritisation and planning of recovery.  
  • The experts will then get to work swiftly to recover based on your organisation needs.  

Post-Incident Activity  

After an incident, our teams and experts will communicate a full report to the business including; 

  • An evidence handover. 
  • A risk management and report. 
  • We will conduct a review and recommend improvements. 

The Benefits 

  • From end to end, Waterstons will partner with your organisation to quickly respond to cyber threats.
  • Operate knowing Waterstons is on your side to swiftly act when an unexpected breach happens. 
  • Your comprehensive Incident Response plan will cover any communications across your organisation, including comprehensive reporting which can be sent to legal and insurance teams. 
  • Reduce your risk of financial and reputational damages. 
  • Create consumer trust and create an organisation with a competitive advantage. 

Request an info pack on Incident Response


We will only use the information you provide in this form to contact you in regards to your enquiry to us. For more information, please read our privacy policy.