Do you have the resources to anticipate cyber-threats and drop everything when they strike?
Cyber incident response and recovery
In an increasingly interconnected and technology-enabled world, it’s no longer a question of whether you’ll experience a cybersecurity incident, but when. Recent high-profile breaches show that you can get hit by an attack when you least expect it. It’s crucial to be prepared and able to respond effectively − whatever your industry, location or organisation size.
Are you prepared?
With data protection regulations punishing failures to promptly respond to breaches, cyber-insurers demanding proof of adequate preparedness, and plenty of evidence showing that responses often fail because of a lack of expertise and planning, the time to act is now. You might want to ask yourself some questions:
- Are you ready to respond to a cybersecurity incident?
- Do you have plans to respond to and recover from the most likely scenarios?
- Have you rehearsed your response to a security incident at all levels, including executive and board level?
- Have you imagined your worst-case cybersecurity incident?
- Does your board have the necessary expertise?
- Do you have experts on call and ready to respond to an incident?
- Would you be able to contain and limit the impact of a breach?
If the answer to any of these is ‘no’, we can work with your organisation to help.
51% of Swiss executives expect a surge in reportable ransomware incidents in 2023.
Source: PwC, 2023 Global Digital Trust Insights
Only 40% say they thoroughly understand their third-party cyber and privacy risks.
Source: PwC, 2022 Global Digital Trust Insights
What is cyber incident response?
Cyber incident response is the reaction and associated measures to an IT security incident. In order for your company to be able to act directly in an acute case, you need an incident response readiness. It prepares you for a cyber emergency and helps you to react faster and more effectively in such case.
The benefits of a systematic cyber incident response and recovery plan
How we help you prepare, respond and recover
Our incident response and recovery team has a broad range of capabilities to be able to provide support across the prepare, respond and recover phases of a cyber crisis or incident.
Incident Response Retainer
When the incident occurs, it is too late for negotiations. After all, onboarding an incident response team without an existing retainer takes valuable time in an emergency. That's why we offer you an Incident Response Retainer with competitive fees and contractually defined response times in advance. You get access to a professional team of experts who already know your IT landscape and are involved in your action plans. This allows us to respond more effectively and help you rebuild your systems.
Our services:
- Workshops in which our IT experts get to know your IT landscape, identify vulnerabilities, and are integrated into existing emergency protocols.
- 24/7 on-call service.
- Unused contingent of agreed hours can be allocated to other incident response services.
- Support both remotely and on-site.
Incident Response Readiness
We help your company prepare for a cyber attack in order to control and limit damage in the event of an incidence.
Our services:
- Develop technical and management guidelines for the crisis with action plans for different incident types, assigned roles, and defined workflows.
- In our first responder trainings, we prepare your IT staff to make critical decisions in the first 48 hours to contain the incident and secure critical information.
- We help you develop your crisis management plan and develop incident response guidelines to minimise the impact on ongoing business.
- In crisis simulations, we check whether the relevant employees at all hierarchical levels are capable of putting the elaborated plans and guidelines into practice.
- We ensure your forensic readiness. This means that the appropriate data is available to investigate an incident thoroughly and define a containment strategy.
Post Incident Review
We support you in the aftermath of a cyber attack – from identification of the security breach to evaluation of the incident response activities to stakeholder communication and possible disputes regarding your cyber insurance.
Our services:
- With a root cause analysis, we investigate how the incident occurred. We examine the IT infrastructure and conduct interviews with the IT stakeholders.
- In the incident response and management review, we help you understand whether the incident was responded to appropriately from an IT and management perspective.
- In the "lessons learned" phase, we support you in gaining deep understanding of the incident and adapting your security concepts.
- We advise you on legal issues and support you in the event of claims for damages from your insurance company.
