top of page

Flexible, expert cyber incident response & resilience support

Protect your organisation with 24/7 incident response and a suite of resilience services, tailored to prepare and defend you at every step.

CyberCare Retainer

The cyber incident response retainer service

NCSC Incident Response Assured provider
CCS_WHITE_Supplier_AW_72dpi.png

Respond to any cyber incident and proactively build resilience

CyberCare Retainer provides everything needed by organisations of all sectors and size, to respond effectively to cyber incidents.

When incidents occur

CyberCare provides a 24/7 hotline, triage of an incident, a full digital investigation and recovery services as well as support for executive and senior management including legal, risk and crisis PR advice, ransom negotiation, sanctions checks, ransom settlement & tracing as well as trauma counselling.

When incidents do not occur

CyberCare provides a range of proactive services as required including risk assessment, forensic preparedness, cyber incident exercising, virtual CISO, staff awareness, attack surface analysis, penetration testing and much more.

The CyberCare Retainer is offered in two packages

With our Standard and Enterprise options, organisations of any size can find the right level of support to meet their specific needs.

Select an option below:

CyberCare Standard: Essential incident response for smaller organisations

CyberCare Standard is designed to provide smaller organisations with highly affordable access to CyberCare’s expert, 24/7 incident response capabilities, with cost-effective onboarding packages and optional additional services.

With the same high-calibre response services as the Enterprise package, CyberCare Standard equips you to swiftly manage and recover from any type of cyber event. With optional access to proactive add-ons like staff training, risk assessments, and incident exercises, this package is ideal for organisations seeking essential response support with the flexibility to scale up their resilience measures as needed.

welcome-pack-blue.png

Welcome Pack

Comprising a compendium of useful Cyber Incident Response materials including a CCE guide, checklists and playbooks for common incidents and first responder lanyards. 

247-response.png

24/7 Incident Response Hotline

Incident hotline manned 24x7x365; details provided to authorised staff. Alternative secure communications (email and/or chat) is provided if communications systems are suspected to be compromised.

paid-addons.png

Optional paid services

Optional paid services, include OpSec Training, CIR Plan Reviews, Cyber Risk Assessments, Attack Surface Scanning, and Board-Level Briefings—strengthening organisational readiness and fortifying defences against threats.

Response and flexibility

With CyberCare Standard, smaller organisations gain the confidence of having top-tier incident response expertise on call, while also having the option to gradually enhance their resilience with tailored services. 

This flexible approach allows your organisation to strengthen its cyber defences at its own pace, ensuring that you are protected both today and as your business grows.

What are CyberCare units and how do they work?

Never waste your investment

Unlike cyber insurance or standard service retainers, CyberCare provides you with an investment that is not wasted if you do not have a need for incident response in a given subscription period.

Our cybersecurity retainer turns your investment into tangible security enhancements; Annual fees count as units, usable for proactive services like staff training or security assessments, ensuring you’re protected today and tomorrow.

Understanding the value of CyberCare units

To provide immediate support during a cyber incident, clients can choose a tailored mix of services. This includes Coordination support, Legal and Compliance advice, Crisis PR guidance, and expertise in Digital Investigations and Threat Actor Engagement. 

Units can be spent as required. There is no onboarding fee, and the costs of the hotline and availability are factored into the overall single annual fee. The CyberCare service comes with an initial number of units and, when needed, can be topped up with further unit blocks to be used per hour, as follows:

 

Virtual CISO: 1 unit
Senior IR Coordinator: 1.5 units
Cyber Security Investigator: 1 unit
Senior Legal Advisor: 1.5 units
Legal Advisor: 1 unit
Forensic/Testing Specialist: 1 unit
Crisis PR Specialist: 1 units
IT Recovery Specialist: 1 unit
Data Mining Specialist: 1 unit
Ransom Negotiator: 1.5 units
Surge Notification Support: 1 unit
Trauma Counsellor (Victims of Crime): 1 unit

CyberCare Units Explained Graphic

The additional value of CyberCare units

Your investment means that CyberCare units that are not needed for responding to cyber incidents are not wasted.

They can be used to drive a host of other valuable proactive cyber activities including:

 

  • Virtual CISO (vCISO) activities; just request our vCISO service proposal

  • Penetration testing and attack surface scanning (including on third-parties)

  • Additional cyber risk assessments or cyber incident exercises

  • Regular Threat Intelligence (TI) reports

  • Staff Awareness campaigns (computer-based training)

  • Fraud Prevention briefings

  • Data protection & privacy and other regulatory advice


Typically, unused units would be used towards the end of a subscription period although as long as the minimum balance is maintained they can be used at any time for any of the assignments above.

CyberCare Additional Value Graphic

We respond to any cyber or fraud incident, globally

The team at STORM have considerable experience across the field.

Learn more about some of the more common incident types we respond to.

Contact the CyberCare team

If you would prefer to speak to the team, give us a call:

UK/Europe: +44-203-693-7480

Africa: +230-434-1277

USA: +1-703-232-9015

Your contact details will only be used in connection with this enquiry. Please read our Privacy Policy.

bottom of page