Rest assured

EMERGENCY RESPONSE CONSULTING

Available 24/7, round the clock.
Get in touch

In the event of a breach, contact us immediately on one of these emergency numbers. They are available 24/7.

You will receive immediate support and be guided through a step-by-step approach. Let us guide you.

DK
Denmark: +45 31 35 95 69
DE
Germany: +49 30 46 69 00 74
CH
Switzerland: +41 62 399 00 05
UK
UK: +44 330 027 0458
SE
Sweden: +46 10 337 1430
IT specialists discussing work process
Trust our experts

Our team is second to none

  • We have a dedicated team for emergency response
  • We investigate and solve hundreds of cases every year
  • Our work is incredibly diverse, from small organizations to global enterprises
  • All our incident responders have at least 6 years of specialized experience
  • Our capabilities have been independently assessed and validated
  • We are members of FIRST, the global forum for incident response and security teams, read more here
  • We are NCSC Assured in Incident Response, read more here

NCSC-CIR-and-FIRST

 

200

+

cases addressed every year

100

%

cases resolved successfully

<

3

weeks resolution time for 75% of our cases

Footprints in the sand leading towards the ocean at sunrise or sunset, with a serene beach and gentle waves.
Avoid common mistakes

Your first step is to get in touch with us – the experts

The moment your organization is hit by an incident, you need the ability to take key decisions quickly and get the situation under control.

Common mistakes organizations make: 

  • Taking the entire network offline.
  • Formatting computers that are visibly affected
  • Communicating first impressions internally and externally
  • Trusting already-deployed security products for data about the breach
  • Failing to investigate an incident

Taking the right decisions will pave the way toward rapid and robust recovery.

Taking the wrong decisions will invariably lead to more work, more costs and, likely, a failed clean-up job.

Solitary lighthouse standing on a rocky island, surrounded by a misty ocean.
Guided Response Process

Follow our tried and tested process

Our Emergency Response process is based on the SANS Institute model, though adapted based on our experience.

Our intervention ensures our customers are guided expertly through a structured process, including these activities:

  • Management of the case process
  • Guidance on containment
  • Advice and direction, e.g., on back-ups and data restoration
  • Incident investigation, i.e., what, when, how and who
  • Data theft investigation, including nature of it and volume
  • Documentation, including management and technical
  • Advice on other actions to take
  • 3rd party liaison: legal advisors, insurance provider, PR agency, law enforcement, hosting company, IT service company, other.

Ensure you get the right insights

Our Emergency Response Consultants will work unrelentingly to answer four key questions. These are the questions that you need to have answered to ensure you address the root cause of the breach.

Turquoise question mark icon enclosed in a circle with a transparent background.
How
How did the breach take place?
The answer to this is not necessarily obvious and when identified incorrectly, repeat breaches tend to happen.
Turquoise search icon with a magnifying glass centered in a square frame, on a transparent background.
What
What data or information was exfiltrated?
This is crucial to establish to ensure you manage your risk exposure and engage with the appropriate stakeholders.
Turquoise clock icon with a circular outline and minimalist hour and minute hands, on a transparent background.
When
When did the incident start and how long did it last? Experience tells us companies are often unaware of the presence of attackers for many weeks or even months. It is imperative to trace the incident right back to its earliest root.
User icon with a turquoise outline and a transparent background
Who
Who was the attacker and where were they from?
There can be important lessons and insights regarding your risk exposure based on understanding the nature of the attacker.
Benefit from our investment into tooling

Chronos our proprietary emergency response platform.

We developed Chronos to make our incident response process faster, without compromising on quality, breadth or depth.

Chronos is a powerful data collection, analysis and investigations platform that allows us to do more with less resources and in less time.

This means you get results faster and without the same expense as people-intensive methodologies.

 

What our customers say

 

”CSIS’s incident response capability – the people and the technology used – is best-in-class. The team’s depth of technical knowledge, work ethos and collaborative nature are commendable, as is their ability to take the lead. I consider them a trust partner.”

“The CSIS team delivered exceptional value while supporting us in working through a sensitive and complex cyber investigation. Their people, proprietary tools and impressive process competencies enabled us to work at an unparalleled pace. We expect to work with world-class partners and CSIS definitely lived up to that expectation.”

”We contacted CSIS at a critical time for the company because we were experiencing a severe security incident. They responded immediately and their intervention was fast, decisive, and effective. Thanks to CSIS, we were able to understand the nature of the issue and resolve it. Since then, we have engaged them on a retainer basis to ensure our resilience is constantly optimized.”

Guarantee our availability

Incident-ready security teams are higher in demand than ever.

To guarantee our availability when you need it most, ensure you have an Emergency Response Retainer in place.

You will also learn more about our methodology and ways of working.

SEE US IN ACTION

Request a call

Rest Assured.

We are the leader in actionable and intelligence-driven detection and response services.