For the resolution of security incidents, we will provide a team, instruments, and know-how. Just because you do not have a security operation center in place nor a group of operators and analysists, does not mean that you cannot properly respond to a security incident.
This is plain and simple – the most advantageous use of incident management is precisely when you detect that something out of the ordinary is occurring and when you suspect it’s an incident.
We can proceed in two ways. If you have your own security operation system, we can simply fill in the blanks where your competencies are lacking (for example, application security, ICS/SCADA, or specific protocols). If you do not have your own security operation center, we can provide you with assistance during resolution of the incident, from start to finish.
At the start, we will appoint an incident leader; next, we will determine whether it’s an actual incident as well as how serious it is; then, we will agree on the next steps. We will determine whether additional applications and systems were compromised or if data was leaked, and we will provide your lawyers with technical support.
We cannot erase the incident, but we will minimalize the damage and neutralize its impact.