There is no such thing as perfect cyber security.
With many determined attackers a security incident is very likely to happen. Whether you are prepared or not, the actions you take in responding to the incident can determine the impact on the business more than the incident itself.
Every day Detica supports its clients by responding to cyber security incidents. We have the business and technical skills to form that essential bridge between the board level decision makers and the analysts. Our full set of capabilities is ready to assist in effectively managing, investigating and remediating an incident.
If you need help recovering from a cyber attack, or think you may be a victim, then please call our cyber response team on +44 (0)1483 817491 or email CyberResponse@baesystemsdetica.com.
Understanding your need
We understand that handling an incident can be stressful. You will start with lots of questions and few facts:
- What is the size and impact of the incident?
- What can we do about it?
- What are we going to tell the external world including the press and shareholders?
- What can we do to protect ourselves in the future?
- Who can we trust to fix this?
You will want to quickly get visibility of the incident to help you answer these questions. And, simultaneously, you will want to manage the stakeholders and operate an effective communications plan.
If the incident is still active you also will want to contain the damage without exacerbating the long term impact. To close out the incident you need clear and actionable remediation steps that will get you back to business.
What makes us different?
Our expert incident responders use our own tools to focus the investigation on uncovering the critical facts needed to gain control. If you have fallen victim to a targeted attack our Detica technology can be rapidly deployed in support of incident response to give unparalleled visibility of malicious behaviour.
If a breach of your security has made headlines or attracted the attention of regulators then our responders can help calm nerves by managing internal and external stakeholders.
Our threat intelligence service gives us further insight into attack groups and their behaviours, methods and tools. We track various attack groups and the intelligence gathered can assist with investigations into advanced attacks.
We can provide a distinct service. We can supply both business and technical analysts and provide a bridge between the technology and your business. We are already a trusted partner to solve cyber incidents for the most secure Government agencies.
Our proven approach
Having the right approach is critical and we've extensive experience of successfully remediating and recovering systems from the most complex kinds of cyber attack. The five key stages are:
- Confirm – get a baseline of what’s known on day zero and move to safely protect critical assets and information
- Capture – data acquisition from priority assets to give deep visibility of the attack components
- Expose – use advanced analytics and forensics to mine terabytes of data to find malicious software and remote access channels
- Remediate – plan a safe set of actions to safely inhibit the attack and minimise business impact
- Resume – continue using behavioural analytics to spot any retaliation from the attacker