Incident Response Management

IT security incidents can never be completely excluded. Therefore, it is important to create an incident response plan, describing how responsible persons have to react to possible cybercrime incidents.

Our Offer

A timely response to the incident is necessary to contain the damage, as the loss of sensitive data or damage to reputation can threaten the company's existence. The graphic shows our Security Incident Response process, which is also described below.

We offer remote and on-site support in investigating security incidents to reduce their impact on your business. We can also provide advice and assistance in closing the security gap.

The cycle of the incident investigation:

Preparation

The team must be informed about possible incidents in existing processes. Furthermore, the prevention procedures to be followed in the event of damage must be known to all stakeholders.

Identification

Thorough analysis of the security incident and classification of the threat. Determine whether there is a security incident or a false report.

Containment

Define short and long term strategy for mitigating the incident to prevent further escalation. Take all steps to mitigate damage and isolate existing systems if necessary.

Eradication

Clean up attacker artifacts on the compromised system. Remove all affected systems from the production system.

Remediation

Safely return the affected system to normal after ensuring that no further threats exist.

Insights gained

Document the chain of events in an extensive investigation. Add learning points and improvements to existing security governance to improve future responses.

Curious? Convinced? Interested?

Arrange a non-binding initial meeting with one of our sales representatives. Use the following link to select an appointment:

 Arrange a meeting