Post-breach analysis and incident management

The incident response service, along with related forensic IT and evidence preservation services, constitutes a comprehensive support in the scope of incident management, to be provided at the Customer’s request in emergency situations. The Cyber Arms interdisciplinary expert team is able to respond in brief time to the incident report, and to take any steps necessary to mitigate related risk and its further escalation. A multi-angle approach to incidents means that the impact of any detected event is mitigated as much as possible, including any consequences resulting from applicable laws.

The Cyber Arms experts, in cooperation with a crisis response team established at the Customer’s organisation, carry out actions intended to limit the risk of any reoccurrence. Any data critical for the investigation become secured in accordance with the industry standards. Using tools provided by the Customer and our own solutions, we conduct an analysis to detect the source of attack and its potential target. At the same time, we provide recommendations in real time which, once implemented, result in improvement of current security status and prevention of hostile actions within the Customer organisation’s infrastructure.

Cyber Arms supports the Customer through comprehensive incident management which takes into account preparation of internal communication to the Management Board and – in cooperation with a reputable PR agency – external media communication by the crisis response team established by the Customer.

Additionally, experts from the Cyber Arms Legal Department conduct an analysis of potential legal consequences, prepare recommendations of further actions, and support the Customer in converting any data collected to valid trial evidence.

In consortium with a dedicated law firm, Cyber Arms is qualified to represent the Customer before competent law enforcement agencies in case it is necessary. Furthermore, we provide support in the scope of GDPR and any representation before the Data Protection Office.