Accidents, crimes, and incidents happen no matter how prepared we are. If you have been the victim of these events, we can help. Call us immediately at (410) 541-6605 or email 911@DesignerSecurity.com.
If you detect compromise, unusual, or suspicious activity on your computer:
- DO NOT turn off your computer
- DO NOT delete any file or email
- SEEK HELP immediately
1. Identification
First, we must first triage and assess the situation. When you call or email, we want to know:
- Who discovered or reported the incident?
- When was the incident discovered or reported?
- Where was the incident discovered or located?
- What impact does the incident have on business operations?
- What is the extent of the incident with the network and applications?
2. Containment and Eradication
Second, we must contain the problem and prevent further damage.
- Can the incident be isolated?
- Are the affected systems isolated from non-affected systems?
- Have backups been created to protect critical data?
- Have copies of infected machines been made for forensic analysis?
- Have all malware and other threats been removed from the infected systems?
3. Recovery
Third, we will help you return the business to operation.
- Where will responders pull recovery and backups from?
- How will infected systems be deployed back into production?
- When will infected systems be deployed back into production?
- What operations will be restored during the recovery phase?
- What testing and verification should be done on infected systems?
- Have responders included documentation on how the recovery was completed?
DO NOT DELAY. The longer you wait the more damage and loss may occur. Call us immediately at (410) 541-6605 or email 911@DesignerSecurity.com.
If you are the victim of a serious cyber incident, we will help you complete the steps recommended by HHS:
|