Cyber security incident response and recovery

From forensic and hands-on technical support to legal and communications expertise, we’ll give you the practical advice and operational expertise you need in a crisis

Respond to, prepare for and recover from cyber security incidents with confidence

In the heat of an incident, our on-demand technical response team, backed by project management, communication and legal experts, is by your side. Our team can help uncover the root cause of an incident, identify the lessons learned, and then support in planning the rebuild and recovery.

Organisations should also consider that effective response and recovery are also about preparedness and resilience. So, even if you’re not in the midst of an incident, we can help you spot gaps in your current response capabilities and the cyber security threat scenarios you need to prepare for.

Our cyber security incident response and recovery services

Incident response and recovery

Our incident response and recovery team has a broad range of capabilities to be able to provide support across the prepare, respond and recover phases of a cyber crisis or incident. We can also provide on-demand support from our specialist cyber incident response team to prepare and manage your broader organisational response to a cyber crisis.

Find out more

Cyber security threat hunting and detection engineering

Our service helps you identify evidence of malicious activity within your IT estate. The most sophisticated threat actors dedicate their time to finding ways of evading detection from traditional defence mechanisms, such as antivirus; we are focused on identifying the cyber attacks that these first lines of defence may have missed.

Find out more

Ransomware readiness and recovery

Our specialist teams bring experience and insights from the front-lines of assisting hundreds of clients respond and recover from real ransomware attacks. This is used to deliver realistic exercises and reviews focused on the cyber security capabilities and technology design decisions which make a real difference in a ransomware scenario.

Find out more

Crisis management

Get “crisis ready” so your organisation is equipped to prepare for, respond to and recover from today’s increasingly frequent and destructive cyber attacks. Take proactive steps to develop and rehearse your response capability and build the resilience to withstand or absorb disruption and respond quickly to minimise the impacts of a cyber crisis.

Find out more

Security operations and engineering

Our multidisciplinary team provides a unique blend of technical expertise and management experience to help you assess your security operations capabilities, prioritise and develop a roadmap, and scope and plan major technology change and transformation. We advise on all aspects of cyber security operations and provide engineering and implementation support.

Find out more

Why choose us?

Recognised as a cyber security leader

Named a Leader in the IDC MarketScape: Worldwide Systems Integrators/Consultancies for Cybersecurity

Read more

Named as a Leader in the IDC MarketScape: Worldwide Cyber Security Risk Management Services 2023 Vendor Assessment

Read more

Identified as a Pacesetter in the ALM Intelligence Pacesetter Research, Cyber Security Consulting 2022

Read more

Certified by industry bodies

Joining forces to transform businesses securely

We’re empowering our clients to meet the demands of digital society through high trust cyber security services. By combining our expertise with our Alliance partners' technology most suited to their needs, we’re helping organisations solve their most critical business issues securely and embrace change with confidence.

Logos: AWS, Google, Cyberark Okta, Microsoft, Paloalto, SailPOint, Tanium, Armis, Saviynt

{{filterContent.facetedTitle}}

{{contentList.dataService.numberHits}} {{contentList.dataService.numberHits == 1 ? 'result' : 'results'}}
{{contentList.loadingText}}
Follow us

Contact us

James Rashleigh

James Rashleigh

Cyber Security Partner and Cyber Business Leader, PwC United Kingdom

Tel: +44 (0)7808 028337

Kris  McConkey

Kris McConkey

Cyber Threat Operations Lead Partner, PwC United Kingdom

Tel: +44 (0)7725 707360

Hide