Leaders in Incident Response

Solace Cyber, a division of Solace Global, aids companies across the UK in recovering from ransomware attacks and data breaches. Serving as representatives for International Loss Adjustors and Cyber Insurance companies, we extend our coverage to over 30,000 commercial businesses in the UK through various channels. Our track record includes hundreds of successful response recoveries, providing Digital Forensic Incident Response services, 24x7x365.

Urgent Business Recovery

Solace Cyber will dispatch an incident response team, with vital equipment, same day. Quickly helping you understand the attacks’ nature, working with your teams to remediate your breach, and getting your business back, faster.

Approved Standards

Solace Cyber is a recognised Assured Service Provider by the National Cyber Security Centre (NCSC), and are ISO accredited for 27001.

Experiencing Ransomware or Cyber Breach?

Response time is everything when you are under attack. If you have been breached or have an urgent matter, contact us immediately.

Choosing Solace Ransomware Recovery

During a ransomware attack, there are three key points you need for an effective and meaningful recovery:
  1. Quick response times - Solace Cybers' security operation centre is manned 24 hours a day, meaning there are teams available to respond to your call at all times. Once engaged, we will send an incident response team equipped with the necessary tools to your location, ready to start work the same day you called. 

  2. Rapid systems recovery - We work with your teams for the decryption or recovery of your valuable business data, getting you back up and running quickly, reducing the impact of the attack. 

  3. Digital forensics - Digital Forensics - Our teams are equipped to navigate environments appropriately, utilising digital forensic analysis to uncover solutions, supplying experts to testify as needed and supporting requirements for evidence in whichever scenario it is required.

Our team are experts in their field, providing you with a recovery response that will analyse, contain and eradicate a cybersecurity threat quickly.

Our Process

The teams at Solace are experts at resolving ransomware attacks and have developed a fast and efficient process to deal with any incident.
Step 1


Solace Cyber Incident Response despatches the nearest team the same day. The onboarding initiation processes begins immediately, including stakeholder introductions, updates to call schedules, Incident Response Data Capture with creation, finalising the agreement, and the deployment of initial Incident Response Action plans.

Step 2


DFIR (Digital Forensic Incident Response) teams conduct thorough examinations of breaches, identifying vulnerabilities, attack vectors, data loss, and system impacts, such as Ransomware, BEC, Data Loss (PII/ICO) or DDoS. Solace completes thorough forensic investigations to understand attacker tactics, informing future mitigation strategies.

Step 3


Onsite & remote teams take immediate actions to limit damage and prevent the incident from spreading. This includes affected system isolation, elimination of malicious elements, and implementation of protective measures, including Solace proprietary technologies, to prevent further harm.

Step 4


Solace Cyber’s Incident Response team eliminates the root cause of the incident and restores affected systems to a secure state. Focus is on vulnerability identification and repair, removal of malware and ensuring no remnants of the incident persist within the network.

Step 5


Incident Response teams deliver full restoration of affected systems and services to normal operation. Our engineers implement backups where possible, repair or replace compromised infrastructure, ensuring data is accessible and systems are fully functional.

Step 6

Post Incident

Solace completes a thorough examination of the Digital Forensic Incident Response and recovery efforts. Through risk mitigation, betterment action and a full offboarding process, Solace collaborates with the and client together to assess the effectiveness of the actions taken. This involves identifying areas of improvement, and reviewing the lessons learned.


Solace’s Digital Forensic and Incident Response teams maintain consistent communication throughout. Dedicated Incident Managers and technical engineering leads provide updates during the Cyber Incident Response journey, utilising risk registers and working within change management processes, all from Triage though to Post Incident delivering successful business recovery.

Solace Cybers’ support continues beyond the recovery process. Once your business is back up and running, we work with you to transform your cyber security through a threat-informed approach utilising our nine step approach Solace Global - Cyber 9 Step Process

Ransomware & Ransomware Groups

The ransomware landscape is dynamic, with new ransomware groups emerging regularly. Cybercriminals constantly evolve their tactics and techniques, including the creation of new ransomware variants and groups to carry out attacks. Each type of ransomware operates uniquely, requiring a customised solution. Solace Cyber specialise in addressing all variants, and the following are some frequently encountered examples for which we can provide assistance.

  • cloak

  • CoinVault

  • Coverton

  • CryptoLocker

  • CryptoWall

  • CrySiS

  • CTB Locker

  • Dharma

  • DMA Locker

  • Eking (Phobos)

  • everest

  • GandCrab

  • GlobeImposter 2.0

  • HIVE

  • knight

  • LeChiffre

  • Lockbit3

  • Locky

  • losttrust

  • Makop

  • medusa

  • monti

  • noescape

  • Odin

  • Phobos

  • Play

  • qilin

  • QNPCrypt

  • Quantum

  • ragroup

  • Rakhni

  • Rannoh

  • rhysida

  • Ryuk

  • snatch

  • Sodinokibi / REvil

  • TeslaCrypt

  • trigona

  • WanaCryptor

  • WannaCry

  • Wildfire

Benefits of using Solace Ransomware Recovery

Aside from our quick response and recovery time, there are many other benefits of using our ransomware recovery service. 

  1. Experts and experience - Our teams are specialists in ransomware response and recovery and have helped hundreds of businesses with successful incident response recoveries. 

  2. Complementary risk mitigation technologies and 24/7 Security Operation Centre (SOC) services - During the recovery process, Solace deploys proprietary protection technologies whilst monitoring and responding to all risks via our in-house 24-hr manned security operation centre, ensuring someone is available to deal with any situation, at all times. 

  3. Highly accredited - Solace Ransomware Recovery is a recognised Assured Service Provider by the NCSC and are ISO accredited. 

 If you are facing a digital security breach, call us now on 01202 308818.

Frequently asked questions

Contact Us

Under Attack?

If you think you are under a ransomware attack, don’t hesitate to get in touch with us to start the recovery process.

Complete the form to request a complimentary consultation with our specialists and get a plan of action in place immediately.

If you need assistance right away, we would recommend calling us on 01202 308818.

Request a callback

Solace Cyber, part of Solace Global, helps companies across the UK recover from ransomware attacks and data breaches.

Intelligence & Reports
Case Studies

Solace Cyber Limited is registered in England & Wales no. 14028838

Solace Global

Twin Sails House,
W Quay Rd,
Poole, BH15 1JF
United Kingdom


01202 308818

Please note that calls may be recorded for security and training purposes.