Even with security measures in place, security incidents in information technologies can never be ruled out. This is illustrated by numerous examples, starting from system failures caused by malware infections through to information theft via targeted hacker attacks. In these situations it is vital to react quickly and appropriately. SCHUTZWERK is an experienced partner and can help you minimize the negative effects of actual security incidents in the best possible way.
An ever-increasing dependence on IT as well as rising crime rates have seen the risk of IT security incidents in companies on the rise from year to year. The consequences can be complex and profound and IT-forensic analyses on IT systems alone can thus not meet these challenges. Rather, it is initially vital to understand the broader context and to immediately implement measures for damage limitation. Furthermore, the structured handling of security incidents (Incident Response) also involves controlled communication with employees and external partners as well as potentially also with public authorities and the media.
Frequently, a calm and coordinated response is difficult when a company is confronted with an acute security incidence. Usually, this situation is an exception to daily operations and, not surprisingly, the respective routine and/or ressources are thus found lacking. An experienced partner such as SCHUTZWERK GmbH can provide you with the necessary support.
- Analysis of the underlying causes of the security incidence as well as its potential technical and business process-related impact
- Analysis of perpetrator motivation (case-dependent) and the potentially resulting consequences
- Identification und coordination of possible immediate measures for damage minimisation (data backup, deactivation or exclusion of neuralgic IT systems, etc.)
- Identification und coordination of possible immediate measures to specify and contain the security incidence further (forensic analyses on individual IT systems or network environments, activation and evaluation of exptended system logfiles, implementation and analyses of multi-tiered virus scans, etc.)
- Analysis of incident-related, technical and organisational security defects and definition of security measures for future prevention of the same or similar incidents
- Assistance with the communication with incident-relevant people or authorities
- Assistance with the creation of press releases and statements for public security incidents
- Documentation of the incident in connection with all implemented activities
In addition to the urgent support services mentioned above, we also help you set up a process-based Incident Response Management to proactively tackle potential security incidents and their effects.