Cyber security incidents, particularly serious cyber security attacks, such as those posed by advanced persistent threats (APTs), are now in the media every day. These incidents can seriously debilitate organisations of all types and sizes, including government and international bodies. The response to these incidents must be fast and conducted by experts who understand how to identify, investigate, contain and eradicate the problem.
PGI’s team of CREST-certified Incident Responders can evaluate the situation and undertake the most appropriate actions to enable fast recovery from the incident and help prevent reoccurrence.
If you are currently experiencing a security incident and need immediate assistance, our highly trained and CREST-certified Incident Response team is ready to help. Contact us now via +44 845 600 4403
How PGI can help you respond effectively to an incident
Engaging with PGI means you will gain access to a team of experienced personnel who understand how to carry out sophisticated cyber security incident investigations quickly and effectively, without increasing headcount.
Our team can help you:
- Identify suspected cyber security incidents.
- Establish the objectives of investigation and clean-up operations.
- Analyse all available information related to the potential cyber security incident.
- Determine what has actually happened and how.
- Identify what systems, networks and information assets have been compromised.
- Determine what information has been disclosed, stolen, deleted or corrupted.
- To attribute the attack and understand the motivation.
- Determine the potential business impact of the cyber security incident.
- Conduct digital forensic investigations to aid in law enforcement investigation or prosecution.
About PGI’s Incident Response methodology
Our experienced team of cyber incident responders adhere to the tried and tested CREST methodology:
Step 1: Identify cyber security incident Read more Read less
Our team conduct a full assessment to identify a breach and confirm that an incident has taken place. We will analyse your systems and network to determine:
- Identification of a data breach and detection of malware
- Confirmation of the extent of the breach and degree of damage
- Digital forensic services to generate an accurate sequence of events
Step 2: Define objectives and investigate situation Read more Read less
The next stage is to define what the objectives are for the response activities and investigate the situation to find out:
- Who the attackers were and their motivations.
- The extent of the attack and what did the attackers are achieve.
- When the attack occurred.
Step 3: Take appropriate action Read more Read less
Once we understand what we’re dealing with, we’ll get to work quickly to contain the data breach and prevent it from spreading further, minimising damage to your business and reputation.
Our team will then use a variety of professional approaches to resolve the problem in a safe and controlled manner, minimising data loss, preventing spread, and reducing your downtime.
Step 4: Recover systems, data and connectivity Read more Read less
Finally, we will work to restore systems to normal operation, confirm that the systems are functioning normally and remediate vulnerabilities to prevent similar incidents occurring.
What PGI’s CREST-certified status means
As a CREST-certified supplier of cyber security incident response services, we have been successfully assessed against CREST’s criteria, which means we:
- Use staff who act in a professional, ethical manner
- Provide a reliable, effective and proven cyber security incident response service
- Are up-to-date with the latest cyber threats, adversaries, techniques and countermeasures
- Respond to cyber security incidents in a fast, effective manner
- Provide advice on how to reduce the likelihood of a similar incident from taking place
- Create a trusted framework within which the investigation can take place
- Help our clients achieve compliance with legal, regulatory, corporate or government standards, managing both business constraints and risks
- Protect client information and systems both during and after the event
- Keep the investigation itself confidential (whereas many organisations are happy to for others to know that they have commissioned a cyber security incident response service)
- Adhere to processes and procedures that have been subject to independent vetting.