Incident Response

Glossary

In IT security, incident response includes the area responsible for responding to cyber incidents, basically, a computer emergency team. Often these are external service providers.

Incident Response encompasses three main tasks, the scope of which varies greatly from provider to provider:

1. Analysis

An incident response team helps with the assessment of an incident and decides, along with those affected, which measures will be effective. These include, for example:

  • Reconstruction of events
  • Assessment of the extent of damage
  • Coming up with concrete recommendations for action

2. Data recovery

In addition, incident response personnel help to resume operations as quickly as possible by attempting to salvage affected devices/services and data on them. Depending on the incident, a full salvage or recovery is not always guaranteed. The previous analysis ensures the necessary care to prevent re-infections.

  • Measures against cyber incidents
  • Locate hidden copies of the data
  • Proper loading of backup copies
  • Judicial proof of evidence

3. Documentation and followup

A final report summarizes key findings and recommendations on how to effectively protect the business in the future.

  • Multi-page report that includes a chronicle of events, possible causes and recommendations for action.
  • Prerequisite to comply with reporting requirements and insurance requirements.

Related articles

  • Advanced Persistent Threat

    Means “sophisticated, persistent threa” and refers to particularly elaborate cyber attacks. Advanced persistent threats are mostly targeted and can cause massive damage, on the one hand via data destruction (sabotage), while on the other hand, by spying on particularly valuable data, such as state secrets or product innovations (espionage).

    mehr lesen
  • Data Backup

    Is an alternative term for “backup” and refers to the process of creating backup copies of existing data. -> for more information, see the “Backup” keyword.

    mehr lesen

Are you curious?

Test us for 30 days free of charge and without obligation.

We empower your employees to actively contribute to your company’s cybersecurity.

See for yourself how easily and quickly Perseus can be integrated into your corporate structure.

Test now for free

Do you have any questions about our services?

Do not hesitate to call: + 49 30 95 999 8080

  • Free trial period
  • Without obligation
  • Video training for cyber security and data protection with exam and certificate
  • Try our phishing simulation
  • IT security check, malware scanner, data security check and more
  • Ends automatically after 30 days