Emergency Incident Response
Hop on a free triage call with one of our incident response experts and we'll work to get your data and peace of mind back.
During a business email compromise, attackers obtained our accounts payable account credentials. Over a few days, they intercepted an outgoing payment of $500,000. FRSecure led an investigation, and they were able to identify the compromised accounts, locate the fraudulent emails, and provide us with the necessary information to get our funds back in full. We’re delighted with the positive outcome, and FRSecure’s work was instrumental in achieving it.
© FRSecure 2024
Preparation
Define and prepare the Cyber Security Incident Response Team (CSIRT), communication lines, services necessary, and tools.
Identification
Confirm the existence of an incident—determine the scope, impact, damage caused, preserve evidence, and conduct forensic analysis.
Containment
Isolate affected systems for forensic analysis, regaining control of the situation and limiting damage based on severity, damage, and legal considerations.
Eradication
Remove and address all components and symptoms of the incident. Validate to ensure the incident does not reoccur.
Recovery
Restore data and systems to a healthy working state—allowing normal business operations to be returned.
Lessons Learned
Analyze the systems that were impacted by the incident. Provide info about how the attack occurred, and develop a plan to prevent it from happening again.
FRSecure's Incident Response Approach
FRSecure has a deep bench with more than 300 years of combined experience working in information security and 30 different kinds of certifications. When it comes to handling security incidents, you have the benefit of experience in your corner. We'll handle critical incidents (likely breach), serious incidents (possible breach), moderate events, and normal support operations for non-incidents.
1
2
3
4
5
6