Most businesses don't find out they've been breached until the damage is done. When you suspect an incident — ransomware, data breach, suspicious activity, or something you can't explain — call Aursec. We contain, investigate, and recover.
Don’t wait. Early containment limits damage significantly — every minute matters.
You don’t need to be certain it’s an incident. If something doesn’t feel right, call us. Early action limits damage significantly.
Files locked, ransom note on screen, or systems suddenly inaccessible. Do not pay — call us first.
Act ImmediatelyLogins from unusual locations, accounts you don’t recognise, or admin access you didn’t grant.
InvestigateCustomer or staff data exposed, sent to the wrong person, or accessed without authorisation.
72hr ICO DeadlineA staff member clicked a link, entered credentials on a fake site, or your email account is sending messages you didn’t write.
Common Entry PointUnexpected slowdowns, software you don’t recognise, settings that have changed, or security tools that have been disabled.
InvestigateYou don’t need to know what’s happened to call us. If something is off, early action is always better than waiting.
Call Us AnywayEvery incident is different. Our response follows a proven structure that limits damage, preserves evidence, and gets you back to business as quickly as possible.
You call or email us. We ask the right questions to understand what’s happening, what systems are affected, and what you’ve done so far. Available when you need us.
We assess the scope and severity of the incident. You’ll know within hours what you’re dealing with, what the risks are, and what needs to happen next.
We isolate affected systems to stop the incident spreading. This may involve disconnecting devices, revoking access credentials, or taking systems offline temporarily.
We identify the root cause, remove the threat, and restore normal operations as safely and quickly as possible. Evidence is preserved throughout.
We help you meet your 72-hour ICO notification obligation if personal data is involved. Then we fix the gaps that allowed the incident to happen — so it doesn’t happen again.
Under UK GDPR, if personal data has been compromised you must notify the ICO within 72 hours of becoming aware. Miss that deadline and you risk enforcement action on top of the incident itself.
If personal data is involved, we help you prepare an accurate, defensible notification to the ICO within the legal timeframe.
72hr DeadlineWhere the breach is likely to result in high risk to individuals, you may need to notify them directly. We advise on when and how.
UK GDPRAll incidents must be documented regardless of whether they’re reportable. We ensure your records are complete and defensible.
Required by LawClients on our managed security retainer have incident response built in. Faster triage, priority response, and the context of already knowing your environment. No scrambling to explain your setup in the middle of a crisis.
Could not be happier with the services provided by Aursec in supporting the IT of my Business. From initial engagement, Aursec worked with me to understand my requirements and ensured an efficient rollout of my Company’s IT solution. They took the stress out of achieving CyberEssentials Plus certification and now are fully embedded with my organisation as a partner to deliver long term IT Service Support. Aursec would be a great option for any size business but are particularly valuable for smaller businesses that require that additional hands-on knowledge and experience.
If you’re dealing with an active incident call us directly on 07761 239707. For general enquiries or to discuss incident response planning, use the form below.