Incident Response Retainer

Who can you call in a crisis?

Served by an expert, multidisciplinary team, our Incident Response Retainer means we’re on hand to respond at short notice to actual or suspected incidents and cyber attacks affecting your organisation.

We give you and your clients the reassurance that you’ll have technical help within 15 minutes 24 hours a day, and a Incident Response Lead within 30 minutes of reporting an incident.

Speak to our experts about how we can help


  • Rapid response - SLA of technical help within 15 minutes, and a virtual CISO within 30 minutes of reporting an incident
  • Expert assistance - from a multidisciplinary security operations centre (SOC) to efficiently triage and eliminate the threat
  • Customised response - we’ll develop a plan which is pragmatic and proportionate to your needs and resources
Wayne Stinton, the Head of Information Technology at National Portrait Gallery Testimonial
"“For any small company with limited IT resources, navigating the world of security is a challenge. Knowing that we have Communicate in our corner has avoided many a sleepless night, they’ve become an integral part of our processes, and having such skilled and helpful support on-hand is hugely reassuring.”"

Wayne Stinton, the Head of Information Technology at National Portrait Gallery

Quick support you can trust

With an Incident Response Retainer, we provide management and technical expertise to support executive, business and technical leaders from initial incident discovery through containment, eradication, resuming business as usual activities and conducting post-incident reviews.

Our service is also designed to support regulatory or contractual requirements from the Security Policy Framework (SPF), PCI DSS (Payment Card Industry), NIS2 and ISO 27001, as well as integrating with the information risk policy and management guidance from the Cabinet Office and CESG, including Forensic Readiness Planning.

Understand how we can help you in a crisis - book a free consultation


  • Violation of an explicit or implied Security Policy
  • Attempts to gain unauthorised access
  • Unwanted denial of resources
  • Unauthorised use
  • Changes without the owner’s knowledge, instruction or consent

Manage and respond to high consequence events

We assist with technical and forensic analysis of incidents, as well as assessing incident and support containment / minimisation of damage.

Manage the incident at the stakeholder level and future prevention

We support internal communications and reporting, as well as provide assessment,  development, table-top exercises and training.

Speak to a consultant to learn more


Speak to our engineers and experts.