Does your organization want to properly prepare for potential Security Incidents? Then consider taking out one of our Security Contracts. Is IT Security still new to your organization and employee awareness is still at a fairly low level? Then it is Cyber Security Support Contracta good choice. We offer SMEs within this contract a number of preventive services that get you started with awareness and advice. For organizations that want a guarantee that our Computer Emergency Response Teams will act quickly and appropriately 24/7/365 in the event of an IT Security incident, we offer the Incident Response Retainer. This contract provides not only the guarantee that you can count on us, but also very important Incident and Forensics preparations. All relevant processes and technology are mapped to minimize impact and damage in the “golden hours” of an incident.
Would you like more information about our Security Contracts? Then read more on the following pages or contact us to make an appointment.
With an Incident Response Retainer Contract, your organization can count on immediate and adequate assistance from experts on the NFIR Computer Emergency Response Team. You use this service 24/7 365 days a year when your organization becomes a victim of Cyber Crime or faces other security incident requiring immediate assistance. By building a relationship with your organization’s crisis team and understanding the relevant processes and technology within your organization, quick and appropriate action can be taken. The triage and containment phase will be a lot more efficient because of proper preparation and knowledge about your IT infrastructure and processes.
For many companies, a cyber crime or IT security incident is lurking in wait without them being aware of it. More and more companies have cybercrime insurance, but it usually only covers consequential damage. Companies especially benefit from good preventive measures and the help of security professionals in the event of a cyber security incident. NFIR offers a Cyber Security Support Contract that meets this exact need. For a small annual fee, we offer a valuable package of preventive and reactive services.
NFIR is an official CERT but what does that actually mean?
CERT stands for Computer Emergency Response Team. The attribute is awarded by Carnagie Mellon University to companies and teams involved in digital security incidents. In the Netherlands, there are a number of official CERTs of large organisations involved in combating cyber incidents, such as the NCSC, the IBD, the Ministry of Defence, telecom organisations and banks.
What can the Incident Response team do for my organisation in case of an IT Security incident?
The aim of the incident response team is to minimise the impact of the cyber incident as quickly as possible so that the continuity of your organisation is no longer at stake.
What steps does an Incident Response process usually consist of?
- Contact NFIR’s Computer Emergency Response Team (088-133 0700).
- The CERT takes action. All necessary equipment is packed and within 3 hours the CERT is on site
- On site, the intake is conducted with all stakeholders to gather all available information about the incident.
- After granting the order, triage on the affected systems will be started.
- As soon as it is clear which systems have been affected or need further investigation, data will be secured according to a digital forensic procedure.
- In the containment phase, the affected systems are restored and security is verified to prevent a recurrence of the incident
- In the post-incident phase, the secured data is further digitally forensically examined. As many answers as possible are given to the research questions and the subject matter of the research. All findings and recommendations will be included in a report that will be delivered at the conclusion of the incident. This report can be used for internal and external purposes (such as supervisors and for legal proceedings).
What are preventive services within the Cyber Security Support Contract?
When it comes to preventive services, think of:
- 1-Yearly phishing email simulation to promote cyber awareness among your employees
- 1-Yearly collective cyber awareness training for the Management or the Executive Board of your organisation
- 1 hour of free IT Security advice per quarter
- Automated weekly vulnerability scan of 2 public IP addresses
What are reactive services within the Cyber Security Support Contract?
When It comes to reactive services, think of:
- Available 24/7 for IT security incidents
- If possible, an Incident Response team is available at your location in The Netherlands within 3 hours (best effort)
- A support contract covers the intake of 1 incident p/y free of charge