The Incident Response Retainer Service (IR Retainer) helps organizations manage major cyber incidents by providing specialized external incident response capabilities. In an emergency, our incident response specialists work with you to quickly control the cyber incident and determine its cause. Why is this important?
While most organizations have dedicated cybersecurity personnel, incident response requires specialized skills that are not needed daily. As a result, many organizations lack these skills, which the IR Retainer can provide on demand.
baseVISION’s IR Retainer is available 24/7, providing assistance within the defined response time. On-site assistance in Switzerland is also available upon request.
An effective response to cyberattacks involves analyzing and understanding the causes of cyber incidents. The valuable insights gained from such incidents help to define response processes and procedures that improve the customer’s security posture and rapid response capabilities.
Based on a thorough analysis, decisions for containment and eradication can be made. These important steps lay the foundation for safe recovery back to normal operation.
Getting to know your enviroment helps us responding quicker and more precisely. Therefore, an onboarding workshop will be conducted.
Your Forensic Readiness matters! Our CRIST will advise you on how to make your enviroment ready to do forensics and enable efficient incident response.
Our CSIRT is avaiable 24/7 and will assst you within the defines response time. The retainer guarantees you quick access in the event of a cybersecurity incident.
Remote response capabilities provide the fastest response time. Depending on the agreement and incident our CSIRT may assist you at your site.
baseVISION’s Computer Security Incident Response Team (CSIRT) will support you in the event of a cyber incident. They will guide you on crisis management decisions and are available as technical contacts.
Based on your capabilities and requirements, our CSIRT team can lead and manage the incident according to a predefined, structured plan. This involves close collaboration with you and other departments to recover from the cyber incident as quickly and sustainably as possible. The following picture shows roles and responsibilities in handling a cyber incident:
This picture assumes that an internal or external Security Operation Center (SOC) service is in place. Without a SOC, the customer typically handles cyber incidents and escalates issues to our incident response specialists.
Through this IR Retainer Service, we establish a proactive partnership with you to ensure the necessary resources are available within the defined response time when a cyber incident occurs. This readiness eliminates the need for you to seek for expertise during a crisis, reducing downtime and resource misallocation. By leveraging the expertise of the retainer, internal teams can focus on their core responsibilities instead of diverting their efforts to unfamiliar or complex incident management tasks.
Interested? Don’t hesitate to contact us. We look forward to hearing from you.
Thomas Reichmuth
Head of SOC
Our newsletter regularly informs you of attractive offers, events and news.