How it works
Using investigation and recovery techniques honed by years of first response to thousands of cyber incidents.
Typical cyber incidents
Cybercrime is a low-risk activity for criminals. In 2019 the UK convicted only 57 cybercriminals, and despite cybercrime being a 1.5 trillion dollar industry, most other countries have similar conviction rates. As a result, cybercrime and digital fraud is rife in the business community.
Many businesses are unaware of the risk cybercrime poses to their business; they believe incidents are a ‘black swan’ event. The reality is quite the opposite. As incident responders, we see cybercrime’s prevalence first hand. Here are some of our most common incidents and how we help businesses respond.
Malware is software designed to disrupt, damage or corrupt a computer system. The most common malware is Ransomware. Ransomware blocks access to a computer system until a sum of money is paid. Malware can be installed by simply clicking on the wrong link, or by a hacker who has breached your systems. We can determine the extent of a malware/ransomware incident, and as experts in containing malware, we can eradicate the infection and recover key systems.
Hacking is the process of gaining unauthorised access to a computer system. Hackers generally aim to get administrator privileges to crucial systems so they can deploy malicious code. Alternatively, they try to access company communications in Business Email Compromise (BEC) attacks in an attempt to divert payments and as a staging post for phishing attacks. Should this occur, we can help investigate and remediate incidents of unauthorised access.
Cyber breaches & extortion
Cybercriminals regularly use stolen data to extort money from an organisation. If a business is being blackmailed, we help determine the data stolen, the method used to extract information, and the negotiation. We also help with containment and eradication of the breach and the recovery of critical business data.
These are just some examples of the potential cyber risks a business can face. 60% of small businesses end up shutting their doors permanently as a result of being hacked. Cyber incident response typically costs businesses up to £11,000. By joining CyberCare, you can get the same world-class incident response for a single per-incident fee of £295.
Faulty hardware or network failure
System damage can result from a hack, faulty hardware or a network failure. As part of our membership, we assist businesses and any 3rd party service providers, to replace, restore or re-collect lost data. We can also help with encrypted, corrupted, or destroyed data resulting from a system damage incident.
Theft of funds
Cyber fraudsters impersonate employees, clients, or partners to trick businesses out of money. Fraudsters not only target the breached organisation if they have access to communication systems, they will also target customers and partners by issuing fake invoices. If a fraudulent payment occurs, we can provide advice on the recovery of funds.
Denial of service
The purpose of a Denial-of-Service (DoS) attacks is to disrupt a server or network, making it inaccessible to its intended users. This is accomplished by flooding the target with traffic or sending it information that triggers the system to crash. Our specialists can help identify DoS attacks, assist with recovery, and advise on mitigation strategies to prevent further incidents.
Immediate hotline response
How to get help
Our incident reporting process is simple to follow and will guide a business to the fastest remediation. When a cyber incident occurs, members can call our 24/7 incidence response hotline, pay a one time incident fee, and then immediate triage and response will begin.
Call our hotline and provide your subscriber reference
Discuss your reported incident with our specialist
Upon confirmation, our specialist will provide you with call reference information
Complete the incident payment form
Make your ‘per incident’ payment
A specialist will contact you on the number arranged and continue the incident investigation and recovery
Access to cyber/fraud expert advice on the recovery of stolen funds
Assistance determining the severity of the incident
Computer forensic investigation
Support and guidance for existing IT team
Initial technical triage with remote access
Security testing to determine network vulnerabilities
Incident response as a membership benefit
Only available through partnered associations
CyberCare is exclusively available through partnered groups and associations. Please click below to see if you are a member of a group we already support.
If you are an association that would like to protect its members against incident response costs, please get in touch.
Our membership is designed to provide future support for small businesses who are not already suffering from an existing incident. As such, we have the following requirements to become and remain a member.
The CyberCare service starts 30 days from the date of your first subscription fee payment. If you seek support for an existing or active incident within this timeframe, please contact our non-membership support service STORM Guidance Incident Response.
Your business must have less than 20 staff (full-time or part-time)
Your annual turnover must be less than £5 million
Your business must have it’s own IT specialists, either as staff members or provided by an outsourced IT company to perform remediation activities. Your IT staff do not need digital investigations or incident response skills as our specialists provide this capability. We will also support your own IT specialists with advice and guidance.
It is important to note, should there be any business changes resulting in operations falling outside of the above criteria, your subscription will become invalid. However, organisations from partnered associations who do not meet the above criteria will receive a preferential rate from STORM Guidance Incident Response
Practical help managing cyber incidents
We give business groups and their members the best chance to recover from a cyber incident while protecting them against high incident response fees.