Are you experiencing an incident?

Our Computer Incident Response Teams (CIRTs) have responded to hundreds of breaches, intrusions, malware infections, thefts, employee investigations, fraud cases and other incidents. Our highly-certified experts have extensive experience in command, coordination and correction of incidents in nearly every industry throughout North America, from local businesses to Fortune 500 international conglomerates.

Our CIRT teams are available to respond 24x7x365.


What should I expect during a breach?

When one of our experienced, highly-certified CIRT teams lands onsite, they are already debriefed and operationally prepared. They will move to quickly triage the incident, identify root cause, implement a containment strategy and move your business toward recovery.

We will help answer the following questions:

  • How did this happen?
  • How bad is it?
  • What do I need to do to stop it?
  • How do I prevent it from happening again?

Our CIRT teams are prepared for any eventuality, including large-scale breaches, sophisticated malware, intrusions and widespread compromise of corporate assets. Our CIRT teams have helped businesses recover from the worst of the worst.

Our CIRT teams handle the entire process, from beginning to end:

Incident Response Process

Our CIRT teams can operate as an extension of your team or we can completely manage, coordinate and monitor the incident from initial discovery through resolution.

What is included in Incident Response?

Our CIRT teams handle all response efforts, including:

  • Discovery - Effective triage, containment, eradication and recovery utilizing NIST, CERT, DOJ and other established standards.
  • Investigation - Expert computer security and forensics specialists to contain incidents, minimize loss and institute preventative measures
  • Forensics - Forensic investigations, research, evidence collection and preservation and assurance of proper legal chain of custody
  • Coordination - Communications with authorities and Law Enforcement, including the FBI, Secret Service, State Police and Fusion Centers
  • Reporting - Data breach reporting and notifications in compliance with all applicable laws and regulations
  • Legal - Assistance with legal activities, including expert witness and testimony
  • Insurance - Assistance with insurance activities, including review and pursuit of Cybersecurity Insurance claims
  • Communications - Assistance with Public Relations activities, including customer, partner and media relations

What can I do to prepare for a breach or incident?

No one wants to believe that their business is vulnerable to attack, but the statistics are irrefutable - you have experienced, will experience and probably are currently experiencing some kind of incident.

Most businesses today live in a "state of continuous compromise" - this means that they aren't finished responding to their last incident before their next incident starts.

Breach and incident response can be chaotic, emotional and stressful, but you can prepare such that you:

  • Minimize damage to and loss of money
  • Minimize the costs of response
  • Minimize negative impact to reputation
  • Expedite recovery and resumption of normal business operations

Preparation is achieved through effective response planning, testing and training.