Skip to main content

Cyber Incident Response Services

Incident Response

CND provides rapid, expert support to contain and resolve cyber incidents. Our Incident Response team offers 24/7 assistance for triage, investigation, containment, and recovery, ensuring minimal business disruption.
Services include forensic analysis, malware eradication, and system restoration, backed by structured mobilisation processes. Whether retained or ad-hoc, we deliver secure coordination with stakeholders and actionable post-incident reports to strengthen resilience. With decades of experience across defence, government, and private sectors, CND ensures swift, professional response when it matters most.

More Info

Incident Response Plans

A robust cyber security Incident Response Plan, tailored to your organisation is a mandatory requirement for many information security management systems and for good reason, it enables an organisation to not only respond to an incident immediately but also ensures that controls are in place to support the response.

Our consultants are highly qualified with decades of incident handling experience and have created many Incident Response Plans for our clients which have on occasion proved invaluable when a breach occurred.

The service is completely flexible and will be adjusted according to your needs, our consultants will also work with you to exercise the incident response plans.

Forensic Readiness Review

After a security breach, logs are gathered to understand what has happened and as evidence to prosecute the attacker(s). All too often the logs gathered by default are inadequate, lacking in detail, or missing altogether. Our service ensures that you are prepared for the worst.

Our Forensic Readiness Review ensures that an organisation is collecting sufficient logs and storing them in a forensically sound manner. This is to enable them to facilitate a thorough investigation of an incident and, if necessary, prosecute the attackers in a court of law.

By default, most organisations do collect some logs from their network devices and various operating systems. However, most don't manage them or consider the "audit policy" which defines which events are recorded.

We start by conducting a Forensic Readiness Review workshop where we exercise some breach use cases to test the effectiveness of the available logs. A gap analysis is performed and, where necessary, changes are suggested to increase forensic readiness.

Cyber Incident Exercising

Strengthen your organisation’s cyber resilience with CND’s Exercise in a Box, and Tabletop Exercises Incident Response services. Choose standard packages or bespoke scenarios tailored to your risks.

Standard Off-the-Shelf Packages

Quick-start cyber exercising with pre-defined modules for common attack scenarios. Our standard packages are designed for organisations that want a proven, ready-to-go solution:

  • Exercise in a Box Essentials
    • Covers phishing, ransomware, and insider threat scenarios.
    • Includes facilitator, pre-brief, and post-exercise report.
  • Tabletop Core
    • Executive-level decision-making rehearsal.
    • Injects for legal, communications, and technical teams.
Bespoke Packages with Benign Triggers

Tailored exercises and IR plans using realistic, non-disruptive triggers to test readiness.
For organisations with unique environments or compliance needs, we offer custom packages:

  • Custom Tabletop Scenarios
    • Sector-specific injects (e.g., OT networks, supply chain compromise).
    • Benign triggers such as simulated alerts, fake phishing emails, or mock vendor notifications.