The minutes, hours and days following a breach often determine the severity and the outcome of the breach. It is imperative that you work with a cybersecurity firm that truly understands all aspects of breach response. Many state and federal laws dictate how a breach must be handled. All evidence and data must be carefully preserved. Systems may need to be shut down and brought back online systematically in order to prevent further attacks or loss of data. Determining how the threat actors breached the system and analysis of forensics data are required to help the business fully understand their overall risk and proper course of action.
Upon notification of a breach, Black Talon Security can put "boots on the ground" to provide command and control of the situation. We will coordinate efforts between legal, IT, and insurance companies...ultimately taking you through very controlled and thorough processes to help maximize the best outcome for the business.
As part of our incident response, we will work with you on the following items:
Identification of the malware/attack and threat actors
Identification of entry point
Identification of impacted devices, applications and critical business systems
Recovery of the devices, applications, and critical business systems
Help your business fully recover from the attack
Ransomware negotiation, file decryption and forensic investigations is also part of our overall breach response.