Cyber Incident Response.

Service Overview

There is no guarantee that your IT network, website, PCs, Laptops, mobile phones and information asset are all secure and sound. Your business is globally connected (yes, it's "World Wide Web"), your closed networks are hardly patched and updated.

Available IT security products and services are geared toward preventing attacks and accidents. However, when actual attacks and damage occur, they do not offer much help. Intentional attacks made by humans, can only be removed and recovered by humans, not software and appliances.

Data breaches can be costly—in detection, escalation, notification, post response and lost revenue—with a significant negative impact to your data, business continuity and reputation. Many organizations don't typically have the expertise on staff to quickly and effectively manage security incidents and resolve them.

I can provide a services-methodology designed to help you manage incident response across multiple stages including prevention, intelligence gathering, containment, eradication, recovery and compliance. The Emergency Response Services from me can:

‐ Help reduce risks and exposure to cyber threats through a proactive and preventive approach
‐ Provide access to key resources that can enable faster recovery and help reduce business impact from incidents
‐ Enable a broader view and deeper understanding of incidents using intelligence data and analytics

Advice

At cyber incident occurrence, or even if there's any doubt, please call or e-mail me. I will grasp the situation quickly, and immediately provide essential emergency advice i.e. to secure logs, as well as to shut down the network. I will then visit you for on-site investigation if the site is in the metropolitan area.

At the site, the very first task is to sign a confidentiality pledge on the incident. Then, interviews and log analysis follow. Because online crimes are becoming increasingly sophisticated every day, it is difficult for the site administrators to fully grasp the situation right away. Questions you may want to ask: Was it actually an attack? Or merely an error? Is personal information accessible? Is any of the information assets stolen? As a first step, it is very important to accurately understand what is happening to properly handle the emergency situation.

As soon as assessment is done, necessary measures are taken, such as partial shutdown of services.
Lastly, I advise a correspondence plan for the future. This enables you to disclose the situation, as well as to set up an adequate improvement program.
Then I will be proposing to you the best options that fit your situation.
One thing you should definitely avoid is disclosing the incident without fully grasping the picture, or releasing non-accurate information repeatedly.

How i came to develop this service?

Internet is one of the major infrastructures of our society. With high sense of moral and mission, I regard this service as a social contribution. I also offer security support as part of my activities.

About

I'm a computer guy with a strong focus on LAMP (Linux, Apache, MySQL, PHP), InfoSec and Sys. Admin. I'm passionate about properly designed, written and secured applications. Read More

Social Links

Updates

2018-04-25 - Privacy policy updated. Read more