soc pic.jpg

Cyber Crisis Management

Under Attack?

Cyber crisis management is not something that organisations engage in every day. But when a cyber incident does occur, it is critical that the organization engages in the right activities, at the right time, even while under intense pressure to resolve the crisis.

During a cyber event, we help you manage your incident response as follows:

Konfidas Crisis Management suite

  1. End-to-end crisis management service

  2. Technical Containment and Hardening Actions - to prevent the crisis from deteriorating.  

  3. Technical Forensics - investigating the source of the attack and what led to the event.

  4. Security Tools Implementation-  to perform hunting activities and prevent further expansion of the attack scope. 

  5. Supporting C-Level Management - in dealing with the crisis and the dilemmas it raises

  6. Reputation Risk Management - overseeing the  organization's response to media, partners and clients.   

 

“Last April, my company was attacked with a large scale ransomware. The attacker entered our network, encrypted dozens of our computers, and demanded a substantial amount of money to restore our control over them. We were forced to immediately pause all activities at our headquarters and some of the sites. My experience as a CEO was of deep uncertainty: you don’t know how much damage had already been done, and what will be the attacker's next step. Our insurance company recommended Konfidas for managing the crisis. The Konfidas team led the containment and recovery process to perfection. Within a few days we were back to full functioning, not having to pay the ransom that the attacker demanded. The damages that were caused to our company were minimalistic considering the facts. Following this event we have decided to continue our collaboration with Konfidas, and conduct a full cyber survey, to prevent future attacks.”

CEO, leading Israeli company, employing hundreds of workers

“About a month ago, I received an alert from Microsoft notifying me of suspicious activities in an employee’s mailbox account”, says the Chief Information Security Officer of a leading healthcare startup. ״From a first investigation, we found that several penetration attempts had been made, from different IP addresses worldwide - some of them had failed but some prevailed - meaning someone has repeatedly tried and finally succeeded in penetrating a business mailbox account.  Our insurance company suggested that we turn to Konfidas to assist with managing the cyber crisis. The Konfidas team quickly dived in, right into the deep waters. They concluded a forensic investigation and guided us with immediate necessary actions, such as making sure that the attacker had not penetrated additional business accounts, locating and closing security gaps and hardening the work environment as soon as possible. The Konfidas team managed the crisis end-to-end, quickly and in a highly professional manner. The gap was located and closed before the attacker managed to cause any damage. 

Chief Information Security Officer, leading healthcare startup operating worldwide