Slipstream Cyber joins Atmos incident response panel

Slipstream Cyber has joined the Atmos First Response and Remediation Panel, a group of external specialists Atmos calls on in the early stages of a cyber incident.

Atmos is a legal and advisory firm focused on cyber, privacy and digital risk across Australia and New Zealand. Its panel model combines technical incident response with legal and risk advice during active incidents, when organisations face urgent decisions on containment, communications, regulatory duties and business continuity.

When engaged through Atmos, Slipstream Cyber will provide digital forensics and incident response (DFIR) services. This typically includes capturing evidence, investigating what happened and how an attacker gained access, and taking technical steps to limit further damage. Initial remediation can range from isolating affected systems to supporting service restoration.

The appointment adds another DFIR provider to a fast-growing incident response ecosystem as breach volumes rise and attacks become more disruptive. Many organisations now treat external responders as part of their standing playbooks rather than a last-minute option, particularly in sectors with complex supply chains or strict reporting requirements.

Panel model

Atmos positions the panel as a coordinated first-response team activated during the critical early phase of an incident. In practice, it aligns forensic work with advisory input and provides a repeatable pathway for escalation, triage and engagement, including out-of-hours support.

For corporate clients, the model offers a single route into multiple disciplines. This reflects how incident response has shifted in recent years: ransomware and data theft cases often require simultaneous technical investigation and legal assessment, alongside decisions on stakeholder notifications and engagement with insurers and regulators.

Steve MacDonald, Director at Slipstream Cyber, said the appointment reflects the pressures organisations face in hiring and retaining specialist security talent.

"Cyber incidents are increasing in complexity at the same time many organisations are facing ongoing challenges hiring and retaining specialist security talent. Being included on the Atmos First Response and Remediation Panel allows us to respond quickly with deep technical expertise, helping organisations stabilise incidents and make informed decisions from the outset," MacDonald said.

He added that technical actions need to align with governance and risk decisions as incidents unfold.

"Rapid forensic insight is critical, but it needs to support broader governance, regulatory and risk considerations. Working as part of Atmos' first response framework ensures organisations can access that combined perspective when it matters most," MacDonald said.

Reece Corbett-Wilkins, Head of First Response at Atmos, said organisations want immediate access to responders who can work alongside legal and advisory teams during high-pressure incidents.

"When a cyber incident occurs, organisations need fast access to experienced technical responders who can operate confidently alongside legal and advisory teams. Including Slipstream Cyber on our First Response and Remediation Panel strengthens our ability to support clients through the earliest and most critical stages of an incident, and provides additional scale to manage industry-wide cyber events," Corbett-Wilkins said.

Market context

The appointment comes as Australian security leaders report persistent staffing and skills challenges. ADAPT research cited by the companies points to shortages in key roles and gaps in workforce capability as major execution barriers for chief information security officers. These constraints can intensify during an incident, when sustained specialist effort is needed across investigation, containment and recovery.

This dynamic has helped sustain demand for managed security services, incident response retainers and specialist forensics providers. It also influences how organisations prepare for events that affect multiple companies at once, such as attacks on common suppliers or widely used platforms.

Slipstream and Interactive

Founded in 2017, Slipstream Cyber operates an Australia-based security operations centre. Its services include managed detection and response and penetration testing, alongside incident response work. The company provides 24/7 coverage and serves customers in Australia and internationally.

Interactive acquired Slipstream Cyber Security in early 2023. Since then, Slipstream Cyber has expanded its DFIR work, according to the companies. Interactive is an Australian IT services provider with a portfolio spanning cloud, cyber security, data centres, business continuity, network services, systems maintenance, serviced office and digital workplace services.

Event plans

Alongside the panel announcement, Slipstream Cyber is sponsoring Atmos' inaugural SPHERE event in Sydney. The agenda is aimed at cyber, legal and risk leaders, with discussion expected to cover emerging threats, regulatory change and approaches to organisational cyber resilience.

Atmos and Slipstream Cyber said the panel arrangement provides clients with a structured pathway to combined technical and advisory support when an incident is declared.