Have you been breached?
Our 24-hour incident response experts will provide instant advice on how to deal with a breach.
24/7 Cyber Incident Response Hotline
+45 9137 0006 or CIRT@nccgroup.com
In the highly-charged environment of a live attack, it is comforting to have an expert on hand that can respond instantly to the event with a calm, methodical approach. With one of the largest Cyber Incident Response Teams (CIRT) in the world, we are equipped to reduce the likelihood of a breach becoming a greater problem for your organisation.
Benefits of our Cyber Incident Response Services
We provide emergency Incident Response to organisations that have suffered a cyber attack. Contact us on our emergency number, which is available 24/7 365 days a year. For clients wishing extra assurance, we offer an Incident Response Retainer for organisations with demanding needs, or those that are frequently targeted by cyber criminals. Amongst the benefits, a response service level agreement enables CISOs to sleep soundly, knowing there are experts on hand should an incident occur.
Clients who choose to take out a retainer, benefit from:
- Access to a Global Cyber Incident Response team (CIRT) all year round
- Priority access to our privacy practitioners, plus specialists in compliance, privacy legislation and regulations
- 24/7 access to media and PR specialists, along with crisis management personnel
Our incident response is also available as a retained service – giving you preferential rates and peace of mind that your IT security staff will be first in line when they call on external assistance.
How it works
Emergency Incident Response
During an engagement, one of our experienced consultants will be assigned to provide incident management, bringing together your internal staff, relevant third-parties and dedicated technical assistance from our pool of experts.
We work with you to conduct specialist analysis, identify the impact to your business and provide remediation advice.
Through a combination of evidence protection and forensic investigation methods, our consultants can:
- Determine how the incident or breach occurred, by understanding the initial vector of attack and compromise
- Determine the likely capabilities and activity of a threat actor, and the extent of infiltration
We can provide you with knowledge and support to assist in eradicating a threat actor from your environment and in the subsequent effort to bolster your defences.
Where required, our consultants can work under legal privilege on behalf of your legal counsel.
Retained Incident Response
When you choose our Retained Incident Response solution, we will start by guiding you through our on-boarding process. This is our chance to get to know each other. Understanding your processes, environment, personnel and supply chain is key to ensure that an investigation can be instigated swiftly and effectively deal with the incident, incurring the minimum impact to your business.
Retained clients benefit from an included gap analysis, which reviews your incident response readiness. Developing the partnership, so that we can understand your response processes, helps ensure that we adopt your way of working in order to work as seamlessly as possible. As an incident response partner, our goal is to empower your organisation to reduce the likelihood of an incident. The outcomes are presented in an actionable report which allows you to improve your internal response abilities, and thus reduce the chance of it ever occurring.
In addition to the gap analysis, we include first responder training for a group of your personnel. This will help them to identify an incident (as opposed to a service outage), describe what stage it is at, correctly handle data, perform imaging and collect evidence. Recovering from a significant cyber incident can cost millions in unplanned expenditure, and subsequent lawsuits for breaches of contract and liability are increasing. Our First Responder training course provides attendees with the skills to retain evidence and ensure it remains admissible in court, to the standard required by the appropriate authorities for your business.
Once on a retainer, clients benefit from having our global team on standby 24/7, 365 days a year. Depending on the retainer level, we offer an incident response time of as little as 12 hours.