Incident Response
Get support by calling your local hotlines
The key to mitigating the impact of any cybersecurity incident is the reaction time between detection and response. Many companies lack the infrastructure needed to react in a quick and secure manner. Orange Cyberdefense’s Emergency Cyber Security Incident Response service allows any company to react to malicious cyber threats quickly and effectively.
If you are not a customer of our CSIRT retainer services, we will still try help you. Please note: this is a global hotline and all calls will be handled in English.
UK: +44 203 936 4556
DE: +49 82 18 08 30 470
NL: +31 18 47 88 111
BE: +32 38 08 21 92
DK: +45 35 15 06 37
NO: +47 23 96 63 20
SE: +46 40 66 88 188
ZA: +27 12 27 20 000
24x7 availability
You can call our hotline any time, even if you are not an existing customer.
First consult is free
We’ll assign an incident manager to assess your case and if appropriate, suggest the next steps.
Fast isolation
Rapid isolation of threats to limit the impact of a security breach.
International knowledge
Over 20 dedicated responders active across Europe and a wider CERT team of over 80 people across the globe.
Rapid callback
Retainer customers receive a call back within a set time period as per SLA.
Complete incident report
Receive a full incident report and post-incident debrief of all findings.
European presence
Retainer customers receive competitive SLAs for dispatching Incident Responders to site.
Tech independent
We’ll use the data you make available to us, as well as drawing on our comprehensive CSIRT toolkit where needed.
Your support in case of emergency
In case of an incident, it’s very important to stay calm and take immediate and efficient action. Time is of the essence, so do not hesitate to call our emergency hotline. An experienced Computer Security Incident Response Team (CSIRT) can help you. During your first call, the incident response team will discuss the situation with you in order to get an indication of the problem and its validity and impact. The CSIRT specialist will consult with you on the first steps and recommendations and if it is a case we can help with, we will propose a plan, time schedule and price indication to enable you to move quickly and to manage the incident effectively.
The most common things the CSIRT gets called out for:
O365/Cloud Service Breaches
With more and more infrastructure getting moved into the cloud, the CSIRT has seen a big increase in breaches related to cloud services. The cause of these breaches ranges from simple credential stuffing and phishing attacks, right through to far more advanced and targeted attacks. Orange Cyberdefense’s aim when dealing with any cloud service-based incident; work out the root cause of the attack, and advise our clients so the same attack is not possible in the future. Where possible the CSIRT will also try and improve any general security issues to help strengthen your overall cloud security posture.
Ransomware outbreaks
In the last 12 months, the CSIRT has seen two types of ransomware; the first is the more traditional. A non-targeted phishing link is clicked on by a user, that then (via numerous attack vectors) infects the user’s system with ransomware. Typically this attack method doesn’t use self-propagating strains and is easy to contain and eradicate. The second type is far more dangerous. The CSIRT has seen attackers gain a foothold on a network, then use a variety of network attack tools to get higher and higher network privileges. Once the attackers have a good hold on the network, they deploy and activate very well written ransomware. These attacks typically affect the majority of a client’s IT estate, including the deletion of backups. The experience of the CSIRT dictates that the later attacks are hard to recover from and can cost millions to get out of.
Remember: current clients are served first in case of major campaigns going on, so we cannot guarantee it will be possible to assist you unless you have a retainer contract. If you want premium service, including SLA-defined response times and immediate deployment of response teams, consider subscribing to the incident response retainer!
Don’t wait for an emergency!
Not in a current incident? Our Incident Response Retainer packages get preference over other cases, price advantages and proactive consultancy. With an Incident Response Retainer you are always sure to be the first one in line in times of need.
