Incident Response

Stop an Attack in its Tracks With Evros

When a cyber-attack impacts operations, incident response starts with a smart contingency plan and a proactive rapid response. Evros will be there to support your company throughout your breach.

Arrange My Incident Response Consultation

How Will Your Company Respond During An Attack?

Smart contingency processes and effective rapid response will minimise damage to your mission-critical systems during an attack. In the event of a data breach, virus, or other incident that compromises company data and devices, we deliver a full range of expert Cyber Incident Response services to enable you to act rapidly and effectively.

Preparation Is Key

One of the key drivers behind a successful incident response is preparation. Evros experts can help you prepare to face any incident that may strike your business. We combine our technical skills with strategic guidance to make sure an organisation makes the right decision at the right time to limit the impact of these attacks. Preparation can include prioritising systems and functions, creating incident response run books & implementing controls and monitoring – all of these can help reduce the time to identification and response of a cyber-security incident. Evros can also direct your staff through workshops and desktop incident response drills for effective incident response.

What Happens During An Incident:

Our response actions are tailored to help clients respond to and recover from an incident, while managing regulatory requirements and reputational damage. Evros’ investigation includes host and network-based analysis for a comprehensive, holistic assessment of the environment. Our Cyber incident response is based on CREST best practices, which provides a proven method of attack investigation from an initial meeting to full recovery, including:

Technology Deployment & Initial Leads Investigation

Deploy the technology most appropriate for a fast and comprehensive incident response. We simultaneously investigate initial client-provided leads to start building Indicators of Compromise (IOCs) that will identify attacker activity while sweeping the environment for all indicators of malicious activity.

Crisis Management Planning

While a team of experts are immediately engaging in technical investigation, we will also work with executives, legal representation and senior security personnel to develop a crisis management plan.

Incident Scoping

Monitor real-time attacker activity and search for forensic evidence of past attacker activity to determine the scope of the incident.

Analysis

Analyse actions taken by the attacker to determine the source of the breach, the timeline of activity and identify the extent of the compromise. This can include:

• Network traffic analysis
• Log analysis
• Malware analysis
• Forensic analysis

Damage Assessment

Identify impacted systems, facilities, applications and information exposure.

Remediation

Develop a customised remediation strategy based on the actions of the attacker and the needs of the business in order to eliminate the attacker’s access and prevent or limit the damage from the attack.

Our Incident Follow-up Deliverables

Evros will produce a comprehensive technical response & investigative report following an incident response engagement, including:

  • Executive Summary: High level summary explaining the timing and investigative process, major findings and containment/eradication activities.
  • Investigative Report: Details on the attack timeline and critical path (how the attacker operated in the environment). Reports include a list of affected computers, locations, user accounts and identified information that was stolen or at risk.
  • Remediation Report: Details of containment/recovery measures taken, including strategic recommendations to enhance the organisation’s security posture.

Rapid Response Service Offerings

When an incident occurs, time is of the essence. The actions taken during those first few hours can be critical to mitigating business impact. We offer a retained 24/7  Emergency Incident Response service which responds rapidly and effectively to an incident.

Do You Know How Secure Your Organisation Really Is?

Speak with the Evros Security Team