Cyber Incident & Emergency Breach Response

Right here in your time of need:

The Secure Ideas Incident Response Team (SIRT) can help if you are experiencing a computer breach or emergency.

When your company is experiencing a computer breach or emergency, the Secure Ideas Response Team (SIRT) can help. Created and staffed by professionals with decades of experience through hundreds computer emergencies, security assessments, root cause analysis, network forensics, re-architecture, and design, SIRT will begin the process of helping you within an hour of your call.

Our broad base of experience includes cyber incidents at financial services, manufacturing, medical, chemical, and oil and gas firms. We specialize in response to malware, ransomware, botnet and remote-access Trojan attacks. We have worked extensively on cases of intellectual property theft by criminal gangs and nation-state actors. Our principals have successfully liaised with state and federal law enforcement, and have unique and significant experience in that arena. We have successfully worked with the smallest, and the largest, organizations in the country.

Our services include immediate and short-term recovery re-architecture, and we work with you once we have stabilized your environment to ensure the breach does not re-occur so business can carry on.

When a computer problem is slowing down or stopping your business, we get to work fast. Our proprietary incident response methodology and tools have been developed over hundreds of critical incidents, from small firms to Fortune 50 companies. We get on site, do what is necessary to assess and get network visibility, and rapidly develop a recovery strategy. Leveraging ours and your internal human and technical resources, we will then execute a plan to restore business as quickly and efficiently as possible.

Our goal is to have eyes on your network as soon as possible, so we can determine exactly the kind of attack you are dealing with, and to gain clues as to how to stop it and fix the problem. We look first to your internal team, because they know the layout. We use your tools, and instrumentation, to their maximum effectiveness. Then, using techniques developed through decades of experience, we find the areas where you might not have visibility. When this happens, we bring in our toolbox, fast, to help us gain full understanding of exactly what's happening. Once we've done that, it's a question of stopping the emergency, stanching the flow of data, and getting your critical systems back up, as fast as possible.

Incident response is like firefighting. It's not something you need everyday, but when you need it, you want the best, fast. We train constantly, and fight fires large and small. As we clean up, we'll tell you of other hazards we see, and suggest remediation options.

How will your company respond to a potential breach of your computer security or confidential data leaking? Have you engaged in table-top exercises, tests of your disaster-recovery plan and backups? Secure Ideas can help you create, refine and continually review the plans of how you will keep business running in the event of an information technology emergency or a catastrophic failure or event. We will help you test your assumptions, and arrive at good decisions. Working hand in hand with Secure Ideas consultants, our breach response readiness assessment services can assure continued resilience in the face of adversity.

There are two ways to engage the Secure Ideas Response Team. You can simply call us if you have an emergency, and we will make efforts to accommodate you, depending on resources.

You can also place us on a retainer. With a retainer, in addition to significant discounts on hourly and daily rates, you will also enjoy preferential scheduling, and pre-incident services that save hours during a crisis.

These include:

Pre-assessment & Consultation

A SIRT IR professional will come on-site for a half-day review of your environment, including a detailed inventory questionnaire and consulting on immediately evident gaps in your security posture. If significant gaps are detected, we may recommend a security architecture review or gap analysis, and we have the in-house capability to help in these cases. If you are currently a Secure Ideas Scout customer, this information will be aggregated with our incident-specific network intelligence, to ensure the fastest rection time.

Strategic Counsel services

These are telephone conferences with our IR professionals on ways you can improve security, ask our opinions on any new products or services you are considering, or discuss changes to the network you have made or are considering. All SIRT retainer agreements include two hours of Strategic Counsel.

Quarterly Check-In

All SIRT retainers include quarterly check-ins with our IR partners, who will personally check in with you once a quarter. These calls are informal, and are designed to ensure that we have a regular flow of information about your circumstances - all essential context for us to have to tackle any emergency. The QCI is also a great time to catch up on near-hits: did someone click on a phishing email? Did you lose a laptop? Did you fire a key employee? QCIs generally run about 15 minutes, but there's no stopwatch - if you have questions, we'll get you answers. The point is that we understand you, your environment, your people, and your concerns.

Click the button below to contact our SIRT Account Representative. We look forward to helping ensure your business stays up and running.

Case Studies

A medium-sized services firm experienced a ransomware outbreak, that seized control of a key server, and encrypted thousands of business-critical files. As the firm saw the ransomware spreading, they called us. Our responders were able to arrive on scene that same day, and begin the assessment of the environment. Within hours of arrival, our IR professionals were able to stand up independent network monitoring to view full-packet captures of the network traffic, as well as critical security logs, and network flow data. Working with the customer, we restored full business functions within 24 hours of arrival, and left the customer with more visibility and security awareness than ever before.
A fast-growing, geographically distributed, and heavily-regulated firm with offices in four states experienced an attack by a disgruntled former employee. Working with the customer to rapidly determine the size, seriousness and scope of the attack, we were able to quickly provide a rearchitecture of the network topography, from autonomous nodes to a segmented network with a single Internet ingress/egress point, and provide the strategy and tools for monitoring, management, and security. By changing the network landscape, the company was able to implement greater security while also providing faster speeds, better transparency of security controls (leveraging Single Sign On and other features). Working with other Secure Ideas consultants and specialists we were able to provide one-stop shopping for the customer, with architecture review, gap analysis and continuous vulnerabuility scanning.
A large, international bank required a hands-on security assessment that included review of policies and procedures, tools and technologies as well as a facilities assessment from the standpoint of physical safety and site security. This included cyber security and physical security penetration, and social engineering tests. Using Secure Ideas' unique combination of consultants and specialists with decades of experience in information security, physical plant security, law enforcement, public safety, fire and medical practitioners, we were able to provide the customer with a complete report that encompassed all these domains, plus addressed concerns as diverse as fire hazards and evacuation procedures, physical access, assessment of the building's security guards, cameras and barriers, data center, and information security and information technology fabric. Our report prioritized findings based on criticality and ease of exploitation.

If you have Questions, Just Ask!