Cyber Security Contracts
Cyber Security Contracts
Does your organization want to properly prepare for potential Security Incidents? Then consider taking out an Incident Response Retainer. Is IT Security still new to your organization and want to increase employee awareness? If so, we offer a range of preventive services specifically for SMB entrepreneurs to help you get started with awareness and advice. With the Incident Response Retainer, your organization gets the assurance that our Computer Emergency Response Teams are on standby 24/7/365 to take quick and effective action in the event of an IT Security incident. This contract provides not only that assurance, but also comprehensive preparation for Incident and Forensics activities. We map all relevant processes and technology to minimize impact and damage in the critical first hours of an incident.
Would you like to learn more about our Security Contracts? Then read on the following pages or contact us for an appointment.
With an Incident Response Retainer Contract, your organization can count on immediate and adequate assistance from experts on the NFIR Computer Emergency Response Team. You use this service 24/7 365 days a year when your organization becomes a victim of Cyber Crime or faces other security incident requiring immediate assistance. By building a relationship with your organization’s crisis team and understanding the relevant processes and technology within your organization, quick and appropriate action can be taken. The triage and containment phase will be a lot more efficient because of proper preparation and knowledge about your IT infrastructure and processes.
Frequently asked questions
NFIR is an official CERT but what does that actually mean?
CERT stands for Computer Emergency Response Team. The attribute is awarded by Carnagie Mellon University to companies and teams involved in digital security incidents. In the Netherlands, there are a number of official CERTs of large organisations involved in combating cyber incidents, such as the NCSC, the IBD, the Ministry of Defence, telecom organisations and banks.
What can the Incident Response team do for my organisation in case of an IT Security incident?
The aim of the incident response team is to minimise the impact of the cyber incident as quickly as possible so that the continuity of your organisation is no longer at stake.
What steps does an Incident Response process usually consist of?
- Contact NFIR's Computer Emergency Response Team (088-133 0700).
- The CERT takes action. All necessary equipment is packed and within 3 hours the CERT is on site
- On site, the intake is conducted with all stakeholders to gather all available information about the incident.
- After granting the order, triage on the affected systems will be started.
- As soon as it is clear which systems have been affected or need further investigation, data will be secured according to a digital forensic procedure.
- In the containment phase, the affected systems are restored and security is verified to prevent a recurrence of the incident
- In the post-incident phase, the secured data is further digitally forensically examined. As many answers as possible are given to the research questions and the subject matter of the research. All findings and recommendations will be included in a report that will be delivered at the conclusion of the incident. This report can be used for internal and external purposes (such as supervisors and for legal proceedings).
What are preventive services within the Cyber Security Support Contract?
When it comes to preventive services, think of:
- 1-Yearly phishing email simulation to promote cyber awareness among your employees
- 1-Yearly collective cyber awareness training for the Management or the Executive Board of your organisation
- 1 hour of free IT Security advice per quarter
- Automated weekly vulnerability scan of 2 public IP addresses
What are reactive services within the Cyber Security Support Contract?
When It comes to reactive services, think of:
- Available 24/7 for IT security incidents
- If possible, an Incident Response team is available at your location in The Netherlands within 3 hours (best effort)
- A support contract covers the intake of 1 incident p/y free of charge