Blog release: Global IT outage – next steps → 

CyberCX has New Zealand’s largest and most advanced independent investgation and response practice. Our dedicated local team of specialists are ready to help your organisation conduct forensic investigations and respond to cyber incidents.

We have led the cyber breach response for some of the most sensitive, complex and high-profile incidents in Aotearoa across the private sector, central and local government. But we also help to secure our communities by working with organisations of all sizes, across all sectors, and at all stages of their cyber security maturity.



The largest and most advanced investigation and response team in Aotearoa


Screenshot of a ATT&CK framework on a dashboard used for digital forensics.

Sovereign capability across New Zealand, Australia and beyond

With over 35 dedicated staff across the region (including the largest dedicated team in New Zealand), we offer a truly sovereign capability ready to quickly deploy when needed. Our unique approach leverages our world class local facilities with the scale and depth of an international provider.

Man looking at data on an unseen screen with a world map in the background.

Unmatched insight into the regional threat landscape

We perform detailed forensic investigation and response on over 300 serious incidents every year. Our scale and expertise gives us an intimate understanding of the threat actors targeting our region, which helps us quickly focus our investigations for the most effective outcomes.

FInger on top of a keyboard.

Broad and deep technical expertise

We are a highly specialised and internationally recognised New Zealand based team of technical experts. Our team members are not generalists. Each brings deep expertise which combine to cover all areas of digital forensic investigations, threat hunting and cyber breach response.

Man talking on a phone using a set of headphones.

Complete incident response

Gain the confidence of support from internationally recognised experts with local insight who understand that responding to a critical incident requires more than technical expertise, and who provides truly end to end capability across cyber incident coordination, crisis communications, digital forensic investigations, cyber incident response, ransomware recovery and complete system restoration.


Our Solutions

New Zealand’s most comprehensive cyber breach response and recovery support. We offer comprehensive support to confidently respond to and recover from a cyber breach, from initial detection to full operational restoration, plus resilience against future attacks. Our services include:

Fully integrated response and recovery services

Restoration of systems and networks

Proactive compromise assessments

Deep forensic analysis to reconstruct threat actor activities

Ongoing security monitoring post-breach

Eradication / eviction of attackers from the environment

Security testing and remediation

Independent risk assessments for customer assurance

Ready to get started?

Prepare, respond and recover from cyber incidents with Australia’s largest and most advanced Digital Forensic and Investigation Response team.


Retainer services built for partnership, not profit

We provide an industry-leading retainer developed to foster a true partnership with our clients. We’re more than just a phone number to call as a last resort.


Talk to an expert

Two men sitting in a conference room, looking into data on a laptop.

Before a breach


  • Pre-agreed contract – to streamline engagement when incidents occur.
  • Onboarding workshop – our investigators learn about your environment and agree how breaches will be responded to.
  • Regular cyber intelligence updates – to keep you appraised of the local threat landscape.
  • Proactive threat hunting – to proactively identify evidence of breaches and exercise breach response capabilities to prepare for a real incident.
  • Cost-effective – low base retainer fees provide unlimited 24×7 triage response advice, with additional services and fees only if required.
When a breach happens


  • Fast triage response – standard four hours (with option to upgrade).
  • Uncapped access to triage response advice when high-risk situations occur – call us whenever, and as often as you need, without paying any additional fees (unless you need additional services beyond initial triage and advice).
  • Discount on any additional response services – pay for additional services only if needed, with a significant discount.


Digital Forensics and Incident Response 2023 Year In Review

Using data from a sample of over 100 serious incidents we responded to in 2023, this report highlights insights into incident trends in 2023 including an in-depth look into the most common incident categories – Cyber Extortion and Business Email Compromises.



Our technical capabilities include:

Deep forensic analysis of compromised systems

Live network threat hunting

Enterprise-wide evidence collection and forensic analysis

Advanced endpoint monitoring

Memory collection and forensic analysis

Malware reverse engineering

Two digital forensic investigators working in a room with several desktop computers.

Digital Forensic Investigations

For us, “forensics” isn’t just a marketing term. Our team’s work is deeply rooted in our core digital forensics expertise, and all our work is performed using appropriate tools and methods that allow the work and findings to be relied upon in legal, regulatory and other proceedings if required. Our team includes some of New Zealand’s leading digital forensic investigators who have performed thousands of investigations and presented expert evidence in legal proceedings.


Our digital forensic expertise includes a broad range of incidents, including:

Company investigations

Data theft investigations

Commercial litigation

Regulatory investigations

Criminal proceedings

Expert opinion evidence

Preservation of evidence

Electronic discovery


Why CyberCX digital forensics, threat hunting and cyber incident response?

In addition to our scale, recognised expertise and significant operational experience our customers benefit from the following.

Intelligence led

We integrate tightly with the CyberCX Cyber Intelligence team and work alongside CyberCX Security Operations Centres to proactively hunt for new threats across our managed client networks and to seamlessly respond to high-risk detections. We can quickly identify new attack campaigns and affected organisations (sometimes even before they know something is wrong).

Forensic rigour

Our work is performed using appropriate forensic techniques, allowing evidence and findings to be relied upon in legal and other proceedings if required. We work closely with our clients’ legal advisors to understand the implications of forensic findings and assist in meeting the client’s legal obligations.

Information-sharing partnerships

We are a highly networked, collaborative team. We actively foster information-sharing across governments and industry sectors, reflecting CyberCX’s mission to secure our communities, and giving us access to high-value threat information.

Collaboration with cyber insurers

We have a strong practical understanding of cyber insurance needs and work closely with insurers to ensure our work is properly defined against policy requirements, making any subsequent claim process as smooth as possible.


Download the Best Practice Guide

Our Best Practice Guides offer clear, practical advice to improve organisations’ cyber security posture and resilience. We design these guides to be accessible for CEOs, boards, CISOs and professionals of all backgrounds.



Cover of CyberCX's Ransomware and Cyber Extortion guide.

New Zealand’s trusted
cyber security and cloud partner

People icon

Expertise at scale

More than 1,400 cyber security and cloud professionals delivering solutions to our customers.

Globe icon

Eyes on glass 24/7

Continuous monitoring of your network across our 9 advanced security operations centres globally.

Headset icon

Help when you need it

The region’s largest team of incident responders handle over 250 cyber breaches per year.

Shield with tick icon

Assessing your needs

Industry-leading experts conduct more than 500 baseline security assessments per year.

Star icon

Providing credible assurance

Our exceptional team of ethical hackers conducts over 3,000 penetration tests per year.

Education icon

Training the next generation

The CyberCX Academy is training 500 cyber professionals over the next three years.

Ready to get started?

Find out how CyberCX can help your organisation manage risk, respond to incidents and build cyber resilience.