Practice area

Investigations & Incident Response

Investigations & Incident Response

Provides rapid assistance for security breaches, containing the incident to allow effective remediation and recovery

Need immediate assistance?

Call our incident response hotline

+44 (0)1256 300920

Prepare & Respond

Cyber security incidents are on the rise. A 2014 survey suggested eight in every 10 large UK companies had been breached, with almost 60 per cent expecting attacks to worsen. When breaches happen, it’s the ability to identify and contain them rapidly and effectively that most directly influences busines cost and impact for your business.

MWR has assembled a highly experienced specialist incident response team, equipped with industry-leading tools and intelligence to handle any cyber security incident, large or small. Supported by our 24/7 Incident Response Hotline, you will never again be without the expert support you need in an emergency. 

“We help companies drive rapidly-moving Cyber Security investigations towards successful outcomes.

Significant experience in forensic investigation and incident response allows us to deliver dramatic improvements in the on-ground situation and enable effective decision making.”

Paul Pratley, Head of Investigations & Incident Response, MWR

Core Solutions


Our Cyber Incident Responders and Investigators are specifically trained in Intrusion Forensics, with the skills to identify unauthorized access.


Our Incident Response Retainer ensures 24/7 hotline access to our Cyber Incident Responders and Investigators to provide rapid help in an emergency.

Readiness Planning

Our experts can assist you to identify weaknesses in your systems, policies and procedures to maximize your preparedness for the next incident.

Playbook Exercises

In conjunction with Readiness Planning, we can construct scenario exercises for your staff, allowing them to hone their response capabilities before they are needed.

Our thinking on Investigations & Incident Response


2016 Verizon DBIR Contributor Insights


State-Sponsored Cyber Attacks


Why Classic Incident Handling Fails


APT changed the rules


Catch me if you can



As members of CHECK we are measured against high standards set by CESG for the services we provide to Her Majesty's Government.
We are certified in the ISO 9001 quality management system (QMS) in the UK, ensuring reliable delivery of our products and services.
We are certified to comply with ISO 14001 in the UK, an internationally accepted standard that outlines how to put an effective environmental management system in place.
MWR is certified to comply with ISO 27001 to help ensure our client information is managed securely.
As an Approved Scanning Vendor MWR are approved by PCI SSC to conduct external vulnerability scanning services to PCI DSS Requirement 11.2.2.
We are members of the Council of Registered Ethical Security Testers (CREST), an organisation serving the needs of the information security sector.
MWR is a supplier to the Crown Commercial Service (CCS), which provides commercial and procurement services to the UK public sector.
MWR is a Qualified Security Assessor, meaning we have been qualified by PCI to validate other organisation's adherence to PCI DSS.