Cyber Security Incident Response


7Safe is a CREST registered Cyber Security Incident Response provider

Need Expert Cyber Incident Response Advice?

Have you had a cyber breach? Act fast and speak to the 7Safe experts. Or are you looking to put preventative measures in place? Call us in confidence on +44 (0)1763 285 510 or contact us via the below.

Email Us Enquiry Form


CSIR Phase 3 - ​Follow Up

Phase one of our model comprises of the stages below:

Follow Up:  Step 1 – Investigate Incident More Thoroughly

7Safe will perform a full and thorough cyber forensic investigation including malware reverse engineering, host and network intrusion analysis where appropriate to determine the extent of the incident or to meet any specified client objectives. This may also include the investigation into possible suspects, data egressed or motivation

Follow up: Step 2 – Report Incident to Relevant Stakeholders

7Safe will create reports that provide a full description of the incident, recovery, investigation, findings and recommendations.

Reports will be produced in a format and style tailored to the intended audience and to ease understanding of complex topics where necessary.

Where necessary, due to the nature of the business, recommendations for the direct reporting to relevant authorities will be included.

Be assured of the quality of our Cyber Incident Responders

Steve Shepherd MBE, 7Safe’s Cyber Incident Response Lead, recommends that the person who takes charge of an incident should understand technology, processes and more importantly, be able to rely on the people involved in mitigating the incident.

At 7Safe, we’ve met hundreds of cyber consultants, security and IT managers. Many were not fully-prepared or did not understand the range of available actions to take in a cyber-attack, especially where the risk to organisational data was considerable. What seems like a perfectly reasonable course of action can sometimes play into the attacker’s hands.  You are not likely to be their first victim so preparation through skills training is vitally important.”

Speak to our expert team today on +44 (0)1763 285 510 or submit an email via below. Email Us


Follow Up: Step 3 - Conduct a Post Incident Review

7Safe will conduct a post incident review to determine what actions, if any, could improve the effectiveness of the company’s internal mechanisms or the investigation that took place. These will be referenced internally or discussed with the client as appropriate ensuring that any lessons to learn are documented. 

Follow Up: Step 4 – Communicate & Build on Lessons Learnt

7Safe will develop recommendations, highlight areas for concern and required improvement during the course and at completion of an incident response engagement.

Main points will be highlighted in the final report and further detail can be provided during client debrief.

The goals of building on lessons learnt are to:

  • Prevent a similar attack from happening in the future
  • Highlight any immediate areas of concern that could contribute to the success of future incidents
  • Identify any gaps or areas of general improvement

Let us pass on our expertise to your team

An important part of our incident response service is training your staff on how to respond to future cyber attacks. To start the process just call us today on +44 (0)1763 285 510 to talk to our trained advisors or send an email.

Email Us

Follow Up: Step 5 – Update Key Information, Controls & Processes

Following on from the lessons learnt, 7Safe can assist with the implementation of recommendations to assist with remediation, cyber security policy, education and training.

Follow Up: Step 6 – Perform Trend Analysis

7Safe maintains a repository of incidents, IIOC (Indicators of Compromise) investigation techniques and artefacts of note to aid in the future diagnosis and remediation of attacks. This knowledge can be shared with outside bodies but no client data or identifying artefacts of any kind are stored or shared in this repository.

7Safe may perform trend analysis on collected data to identify common factors, evaluate patterns and trends and understand the associated costs of cyber incidents.