Incident Response

In IT security, incident response includes the area responsible for responding to cyber incidents, basically, a computer emergency team. Often these are external service providers.

Incident Response encompasses three main tasks, the scope of which varies greatly from provider to provider:

1. Analysis

An incident response team helps with the assessment of an incident and decides, along with those affected, which measures will be effective. These include, for example:

  • Reconstruction of events
  • Assessment of the extent of damage
  • Coming up with concrete recommendations for action

2. Data recovery

In addition, incident response personnel help to resume operations as quickly as possible by attempting to salvage affected devices/services and data on them. Depending on the incident, a full salvage or recovery is not always guaranteed. The previous analysis ensures the necessary care to prevent re-infections.

  • Measures against cyber incidents
  • Locate hidden copies of the data
  • Proper loading of backup copies
  • Judicial proof of evidence

3. Documentation and followup

A final report summarizes key findings and recommendations on how to effectively protect the business in the future.

  • Multi-page report that includes a chronicle of events, possible causes and recommendations for action.
  • Prerequisite to comply with reporting requirements and insurance requirements.

Any questions?
We are here for you.

Arrange a free consultation with our IT security experts. We look forward to meeting you.

+49 030/95 999 80 80 (Mon - Fri 09:00am - 6:00pm)