CSIRT as a Service and Rapid Response

CSIRT Services – professional incident response

It is impossible to prevent serious security incidents 100% of the time. Which makes it even more important to act quickly and stop any attacks. Complex IT infrastructures and a shortage of IT security specialists make it difficult to create an in-house cyber security incident response team (CSIRT), which can compromise cyber defence.

CSIRT Services: cyber defence as a service

Fast response and business continuity are paramount in an acute attack. However, the impact of a cyber attack is often felt beyond the incident itself. Any data breaches must be reported and communicated to customers. An evidence-gathering forensic investigation may also be required to press charges against the attackers, yet not all companies have the necessary expertise and specialists to set up their own incident response team. CSIRT as a Service can help here.

Your benefits

Professional CSIRT services at predictable costs

Experienced incident response specialists

Support for legal action and reporting obligations

When is it the right solution?

When dealing with a successful cyber attack, business continuity is paramount. You have to guarantee an appropriate incident response whatever your cost pressures or shortage of skills. Outsourcing IT security services could be an option worth considering.

It might not make financial sense for you to establish an in-house CSIRT team working around the clock to cover the entire incident response process. But you still need to meet the defined security standard and safeguard business continuity in the event of a cyber attack. At the same time, hybrid and multi-cloud approaches are making infrastructures increasingly complex and increasing the need for effective cyber defence.

Immediate assistance for security incidents

CSIRT Rapid Response provides professional support for security incidents. Call the emergency number below to access round-the-clock support from our IT security experts.

Calls are free. Call outs are charged at a flat rate plus costs. This offer is exclusively available to companies in Switzerland.

Why Swisscom?

  • Experience: We successfully protect our own infrastructures and those of our customers.
  • Based in Switzerland: we provide all our services from a Cyber Defence Centre in Switzerland.
  • Industry perspective: You benefit from our sector-specific insights in any incident response.

CSIRT as a Service

Rapid, professional management of cyber attacks

Access incident response as a professional service from a Swiss Cyber Defence Centre and protect your infrastructure and data from the serious consequences of a successful cyber attack. With our CSIRT as a Service, you are prepared for emergencies and can rely on a professional incident response team for your cyber defence.

CSIRT Rapid Response

Immediate assistance in the event of a security incident, with no service contract

Use the services of a professional CSIRT when you need it and only pay the actual costs incurred, making Rapid Response suitable for occasional use.

Calls are free. Call outs are charged at a flat rate plus costs. This offer is exclusively available to companies in Switzerland.

Services in detail

CSIRT as a Service (CSIRTaaS) involves a prior onboarding process and contract, while Rapid Response is provided as needed, with no contract necessary.

CSIRT as a Service

  • 24/7 end-to-end management of security incidents in line with the process defined by Swisscom
  • Remote or on-site assistance
  • Final report documenting the incident and measures taken
  • In-depth analysis and evidence gathering (forensic) for legal proceedings (optional)
  • Guaranteed response based on SLA
  • Short response times thanks to previous onboarding process
  • Costs: Monthly plus per-use billing based on time and materials  

CSIRT Rapid Response

CSIRT as a Service & Rapid Response factsheet

CSIRT as a part of our TDR portfolio

CSIRT as a Service and Rapid Response are a modular extension of the analytical functions of Security Analytics and SOC as a Service.

CSIRT as a component

FAQs: Cyber attacks on Enterprise customers

How does a Cyber Security Incident Response team (CSIRT) respond to incidents?

There is a multi-stage response to incidents. This is generally based on the NIST Incident Management process:

  • Identification: Establish an overview of the security incident, determine objective
  • Assessment: Analyse incident and recommend emergency measures
  • Containment: Secure evidence, classify attack vector, contain the attack
  • Eradication: Eradicate the security incident and clean up the systems
  • Recovery: Recover normal state, test and monitor system behaviour
  • Lessons learned: Debriefing, report and recommended measures

You can find detailed information on this in the CSIRT white paper.

Why is the interaction between the SOC and CSIRT important?

Why should a company consider outsourcing its CSIRT service?

How do CSIRT and CISO/security officers communicate with each other during a cyber security incident?

If a company calls the CSIRT Rapid Response emergency numbers, what happens before the team is deployed?

Find out more


CSIRT: Professional incident response

In this whitepaper, find out how a CSIRT strengthens your cyber defence and discover the alternatives to building your own team.


How does a Security Operation Center work?

Still looking for answers? Our security experts will be happy to advise you.