Incident Response
Affected by a cyber incident? Our incident responders help your organization quickly and efficiently, ensuring that business continuity is impacted as little as possible.
A cyber incident, what now?
Business continuity comes first. A cyber incident can occur at any time, even when all necessary cybersecurity measures are in place. Such a cyber attack can completely disrupt your business. The most important thing in the event of an attack is safeguarding business continuity.
The Incident Responders of the T-CERT help you quickly and efficiently, enabling you to resume operations as soon as possible and limit the damage.
When should you call T-CERT?
You should call the T-CERT hotline if you suspect that hackers are active in your environment. This includes the encryption of systems by ransomware, or a new critical vulnerability that is being actively exploited. It is also possible that abnormal behavior has been detected on a system or on a user.
An urgent deployment of our Incident Response team is not always required. T-CERT also performs Compromise Assessments. This involves digital forensic investigations to identify traces of (historical) hacking activity by uncovering indicators of malicious activity.
Our incident responders help you with:
Incident Response
When you call our 24/7 hotline, our specialists will ask a number of questions to quickly get a clear understanding of the situation. After that, we coordinate a number of things, such as budget and confidentiality. Next, you grant us access to the necessary data and systems so that we can start our digital forensics investigation. In addition, in this phase, we bring the right people together to form a crisis team.
Threat Intelligence
In order to properly assess how a hacker operates, we analyze the data to determine what is going on. For example, we analyse types of malware such as infostealers and ransomware. We use this information to improve our services and to determine the strategy in the event of an incident. Every day, our researchers search the deep and dark web for possible threats to, or information about, our customers.
Forensic Readiness
It's not so much a question of whether your organization is affected by a cyber incident, but rather when. When that happens, it is important to understand how the incident occurred and what its impact is. Which data was accessed, did the attacker establish a backdoor, or were we able to intervene in time? During forensic readiness, we prepare your organisation to answer these questions.
A snapshot
Cyber incidents have a major impact. Think of reputational damage and disruption of business continuity. In such situations, it's reassuring to have our T-CERT specialists ready to assist you. They help you determine what is actually going on.
Is a cybercriminal active? Then, based on the data, our specialists determine, for example, how they gained access, which malware is being used and which systems have been affected.
If ransomware is involved, we will determine the steps to take together and look at options for data recovery. Based on the analysis, we gain insight and control over the situation.
Next, we remove the attacker from the systems in one or more steps. Of course, we ensure that sufficient measures are taken to prevent the attacker from returning. Once we have finished the cleanup, we map out the total scope of the incident: What exactly happened? Is there data theft or something similar involved?
You will receive a full report of the incident. This includes a technical timeline detailing all we encountered and the impact. It is supplemented with conclusions and recommendations to improve cybersecurity and reduce the risk of a new attack.
Schedule a meeting with our experts
Schedule a meeting with our experts today to discuss the various options. We are happy to think along with you.
Trusted by leading organizations in the Netherlands
Nice to meet you, we are Tesorion
Tesorion is a Dutch multidisciplinary cybersecurity company that offers continuous monitoring and detection of cyber threats as well as incident response. With over 100 experts, we do everything we can to protect your organization 24/7 against cyber attacks and data leaks.
