Security Incidents
Strategic consulting in the event of security incidents
Despite all protective measures, security incidents in the field of information technology can never be ruled out. Examples of this are numerous and range from a system failure caused by a malware infection to information theft by means of a targeted hacker attack. In such situations, it is crucial to react quickly and correctly. As an experienced partner, SCHUTZWERK will help you to minimize the negative effects of specific security incidents in the best possible way.
An ever-increasing dependence on IT as well as rising crime rates have seen the risk of IT security incidents in companies on the rise from year to year. Their effects can be complex and serious, which means that IT forensic analyses of IT systems alone cannot meet these challenges. Rather, it is important to first recognize the overall context and take immediate measures to minimize damage. Furthermore, the structured handling of security incidents (Incident Response) also involves controlled communication with employees and external partners, as well as with authorities and the media, if necessary.
If a company is acutely confronted with a security incident, it is often difficult to act in a composed and coordinated manner. Usually, this situation is an exception to daily operations and there is often, not surprisingly, a lack of appropriate routine and / or resources. Therefore, the “backing” from an experienced partner such as SCHUTZWERK GmbH is a good choice. With the aim of minimizing the effects of the security incident as best as possible and returning to normal operations as quickly as possible, we offer you the following support:
- Analysis of the fundamental causes of the security incident as well as its potential technical and business process-related impacts
- Analysis of perpetrator motivation (case-dependent) and the possible resulting consequences
- Identification and coordination of possible immediate measures to minimize damage (data backup, deactivation or exclusion of neuralgic IT systems, etc.)
- Identification and coordination of possible immediate measures to further specify and limit the security incident (forensic analyses on individual IT systems or network environments, activation and evaluation of extended system log files, implementation and analyses of multi-level virus scans, etc.)
- Analysis of incident-related, technical and organizational security deficiencies as well as definition of security measures to avoid the same or similar incidents in the future
- Participation in communication with incident-relevant persons or authorities
- Assistance with the formulation of press releases and statements in the event of high-profile security incidents
- Documentation of the incident in connection with all activities carried out
In addition to the aforementioned acute support services, we also help you to set up a process-based incident response management system in order to proactively counter possible security incidents and their effects.