What To Do When You’ve Been Attacked
Moving from Chaos to Control
An incident is any event that could lead to loss of, or disruption to, an organization’s operations, services, or functions.
If an Incident Response (IR) plan, properly trained personnel, and specific policies and procedures are not in place, an incident can quickly escalate into an emergency, crisis, or a disaster.
IR is the process of limiting the potential disruption caused by such an event, followed by a return to business as usual.
CyberDefenses is capable of handling incidents remotely or “on the ground” – depending on the urgency and severity of the situation. Our five-step process methodically gets control of the incident, and ultimately restores order and normal business operations.
- Identification: Full review of log files, error messages, alerts, trouble tickets to determine incident scope and damage
- Containment: Invoke isolations, take downs, failovers and backups to prevent further spread of the attack
- Eradication: Removals, restorations, scans and patches required to eliminate the presence of attacker malware and control
- Recover: Test, monitor and validate the restoration of clean operating systems, applications, access controls, etc. are functioning properly
- Harden: Development and implementation of new policies, procedures, training and monitoring required to prevent a repeat attack
Contact CyberDefenses today to learn how we can help your company’s cyber security needs.