Operational Security
& Incident Response
Cyber incident response, regulatory notification support, and operational security advisory for London businesses. Based in Covent Garden — we attend on site for sensitive engagements and operate remote-first for routine work.
Active Incident Response
Cyber incident in progress — containment, eradication, recovery. Engagement within working hours; out-of-hours by retainer.
Regulatory Notification Support
UK GDPR Article 33 (72-hour ICO), NIS2 Article 23 (24-hour early warning), sector regulator coordination, evidence preservation.
Post-Incident Hardening
Root-cause analysis, control gap closure, evidence-pack assembly for insurer, regulator, and customer-facing disclosure.
Pre-Incident Readiness
Incident response plan authoring, tabletop exercises, retainer arrangements that activate when minutes matter.
Active Incident — What to Do in the First Hour
- Preserve evidence. Do not power off affected systems unless safety requires it. Isolate from the network where possible.
- Identify scope. Which systems, which users, which data categories. A quick rough scope guides the 72-hour notification clock.
- Notify counsel. Legal privilege over forensic findings matters. Engage solicitors before external technical providers where possible.
- Engage response support. Contact us via the incident desk form or use the retainer hotline if one is in place. We can be on the bridge within working hours.
- Track the regulatory clock. UK GDPR Article 33: 72 hours to ICO if personal data affected. NIS2 Article 23: 24-hour early warning if you are an essential or important entity within scope.
About SummitBridge Horizon
SummitBridge Horizon Ltd is a UK-incorporated cybersecurity firm (Companies House 16419201) based at 71-75 Shelton Street, Covent Garden, London WC2H 9JQ. We are registered with the UK Information Commissioner's Office (ICO registration ZC112810).
We support London-based businesses with cyber incident response, regulatory notification, and operational security uplift. Engagements range from SME-scale ransomware recovery to mid-market data-breach coordination across UK and EU jurisdictions.
Our team operates under written engagement letters with named partners, evidence-preservation protocols suitable for regulator review, and retention guarantees consistent with UK GDPR Article 5 and the SRA Code for solicitor engagement.
NIS2 Readiness Assessment
Gap analysis against NIS2 Article 21 measures and incident-notification readiness — priority fixes mapped before an audit.
IT Auditing London
Pre-audit and certification readiness for NIS2, ISO 27001, Cyber Essentials Plus, and GDPR.
Cyber Insurance Readiness
Pre-underwriting risk assessment and post-incident insurer coordination support.
Incident in Progress?
Use the incident desk form with a one-line description and a callback number. Working-hours response is within 30 minutes. Out-of-hours is supported on retainer.
Contact incident deskSummitBridge Horizon Ltd · Companies House 16419201 · ICO ZC112810 · 71-75 Shelton Street, Covent Garden, London WC2H 9JQ