The reality is that it is no longer a question of “IF”, but “WHEN” an organisation will be subject to a data or Cyber security breach.

Cyber criminals and hackers are becoming more sophisticated and even the most prepared organisations are not immune from the threat they pose. In many cases, organisations do not realise their security has been breached until long after the event has occurred.

Our Services

Our Cyber incident response service helps clients establish exactly what happened, often helping to recover stolen assets and remediate the security vulnerabilities identified during the response. We have developed bespoke tools to assist and maintain an extensive database of threats and dark web activities to keep clients informed of potential threats and how they may have been affected by them.

The incident response handling process consists of iterative processes that range from identifying the nature of incidents to implementing security measures to limit future attacks.

Incedient Response Why GT.png

We have identified seven key steps to help you resolve any incident:


Is the issue occurring across a global network, or isolated to a single computer? How sensitive is the system concerned? Is there a potential for litigation?


This involves us collecting as much pertinent information as possible and sifting through it to discover the root cause.


We will present our findings in a concise and easy-to-digest manner. We will tailor our recommendations to suit your needs, and give you a thorough analysis of the risks and benefits of each approach.


The ultimate objective is to prevent any further damage. When dealing with sensitive scenarios involving significant risk, containment will need to be more delicate and nuanced. Our priority will always be what is best for your business.


If one virus has got in, there are probably a hundred others that got in the same way. We use penetration testing techniques to recreate the attacks and ensure they can no longer get through.


We will work with your team through a series of tests to make sure the system is functioning perfectly. Even after all checks are passed, we can continue monitoring the system for an extended period afterwards.


Our information security experts will work with your company to implement and manage any necessary changes. This can range from updating corporate policies, to training staff, to the installation of advanced technology, all depending on your needs. We strive to deliver solutions that suit your company culture, while providing the means to make informed decisions.

Office close to you

Office close to you

12-15 Donegall Square West
Northern Ireland

Subscribe to our mailing list

Update your subscriptions for Grant Thornton publications and events.