It is impossible to prevent serious security incidents 100% of the time. Which makes it even more important to act quickly and stop any attacks. Complex IT infrastructures and a shortage of IT security specialists make it difficult to create an in-house cyber security incident response team (CSIRT), which can compromise cyber defence.
Professional CSIRT services at predictable costs
Experienced incident response specialists
Support for legal action and reporting obligations
When dealing with a successful cyber attack, business continuity is paramount. You have to guarantee an appropriate incident response whatever your cost pressures or shortage of skills. Outsourcing IT security services could be an option worth considering.
Immediate assistance for security incidents
CSIRT Rapid Response provides professional support for security incidents. Call the emergency number below to access round-the-clock support from our IT security experts.
Calls are free. Call outs are charged at a flat rate plus costs. This offer is exclusively available to companies in Switzerland.
Rapid, professional management of cyber attacks
Access incident response as a professional service from a Swiss Cyber Defence Centre and protect your infrastructure and data from the serious consequences of a successful cyber attack. With our CSIRT as a Service, you are prepared for emergencies and can rely on a professional incident response team for your cyber defence.
Immediate assistance in the event of a security incident, with no service contract
Use the services of a professional CSIRT when you need it and only pay the actual costs incurred, making Rapid Response suitable for occasional use.
Calls are free. Call outs are charged at a flat rate plus costs. This offer is exclusively available to companies in Switzerland.
CSIRT as a Service (CSIRTaaS) involves a prior onboarding process and contract, while Rapid Response is provided as needed, with no contract necessary.
CSIRT as a Service & Rapid Response factsheet
CSIRT as a Service and Rapid Response are a modular extension of the analytical functions of Security Analytics and SOC as a Service.
There is a multi-stage response to incidents. This is generally based on the NIST Incident Management process:
You can find detailed information on this in the CSIRT white paper.
To manage IT security incidents effectively, the Security Operation Center (SOC) and the CSIRT need to work hand in glove. While the SOC monitors infrastructure and applications in order to spot security incidents at an early stage (security monitoring, security analytics and security alert handling), the Cyber Security Incident Response Team (CSIRT) is the rapid reaction force, the IT firefighters. This team deals with complex security incidents and initiates threat protection and security incident eradication measures. Together, the two teams make it possible to launch an early response to cyber attacks and to limit any damage.
The shortage of specialist staff and the complex, demanding work of a CSIRT make it sensible to consider outsourcing this service. Service providers can guarantee 24/7, end-to-end management of security incidents. Service providers that have cyber security experts with a wealth of experience in dealing with security incidents can guarantee an efficient response to such incidents.
The type of communication depends on the nature of the incident and the company, and is determined at the start of each incident. If the customer’s infrastructure is compromised, it is advisable to switch to private devices and e-mail accounts, and to do the same with the telephone. Apart from that, the customer’s preferences determine whether communication takes place via e-mail, Microsoft Teams or SwissTrustRoom.
Firstly, the company is connected to our 24/7 Operation Control Center. The main details are recorded and an assessment is carried out to determine whether it is a confirmed cyber security incident. The CSIRT is then informed and calls the company back as quickly as possible.
CSIRT
In this whitepaper, find out how a CSIRT strengthens your cyber defence and discover the alternatives to building your own team.
Still looking for answers? Our security experts will be happy to advise you.