The Incident Response Trajectory

Are you facing unexpected events in your IT environment, such as workstations being blocked, security breach, no longer being able to access your data, a possible data breach or a cybersecurity attack? At your request, NFIR will take immediate action with an incident response team.

I have an incident,
what am I supposed to do?


Download the incident response process steps here

so you know what to expect in the event of an IT security incident.

1. Call NFIR

NFIR can be reached 24/7 at 
088 133 0700.

First a telephone intake. Based on this a CERT* is put together.

2. Team comes into action

Suitcases are assembled
with international good
inspected equipment and
CERT leaves for the customer.

3. Intake on location

Intake on location
carried out, in which NFIR all
available information to
trent the incident collected.

4. Securing data

Data becomes safe
posed for further digital
forensics.

5. Triage

Affected devices and/or
systems are mapped
and plan of action
will be drawn up.

6. Containment

The affected devices and/or systems
be restored and security
is verified so that the normal
work as soon as possible
can be resumed.

7. Post-incident

After resolving the incident, digital forensic
research are being carried out. The incident response
trajectory is always concluded with an investigation report,
in which advice to reduce the likelihood of such an incident
in the future are included.

Preventive measures

After the incident, NFIR
services such as penetration testing and
offer security monitoring.

* CERT

CERT stands for Computer Emergency
Response Team. The feature becomes
by Carnagie Mellon University
awarded to companies and teams that
dedicate oneself to digital security
incidents.

POB license

Due to the POB(Private Investigation Bureau) license issued by the Minister of Justice and Security, NFIR is allowed to carry out its work. In addition, the permit covers the processing of special personal data, which we (may) come into contact with when performing our services.

Permission Chief of Police

To determine whether employees
allowed to work for a detective agency, the Chief Constable’s department
tasks a screening carried out on
the reliability of all NFIR
employees. All NFIR employees
have such permission.

Security incident? Get acquainted with incident response

Our incident response team is available 24/7 to identify and resolve any cyber incident

Scroll to Top