Your CIRM will use the information provided by you during First Contact to produce a triage report. This report will determine the approach required for the next phase. If you wish to proceed with Thales managing your incident response then we will continue into Critical 48.
Our Critical 48 is a defined, fixed price service for the two day period after confirmation of a cyber incident. Based on the triage report, your dedicated CIRM and the cyber incident response team will work with you to investigate the full extent of the incident while providing advice and regular updates on progress.
We will have one of our incident response team to your site within 24 hours to help you. If we can resolve the incident within 48 hours, we will. If not, our report will outline the most appropriate course of action required to get you back to business as usual.
When investigating an incident, we follow the process outlined below:
During any incident, reporting and communications are of utmost importance. In recognition of this, we will offer advice on how best to manage your wider stakeholders appropriately. Our aim is to enable you, at all times, to make an informed decision about the best course of action for your business. We are aware that in certain circumstances, normal communications channels may be unavailable or inappropriate. We can help by recommending and providing alternative voice and data channels with the appropriate security controls.
Beyond Critical 48
Early resolution may not always be possible so we don’t just leave it there. We can help you get back to business as usual and beyond.
Once we have agreed the most appropriate course of action for your business, we can begin to address the priority actions needed to return you to business as usual. We will bring in relevant technology solutions and expertise from our business and our partners to see you through the remediation process.
When resolution has been achieved, we will produce a final report on the incident, which will include a set of recommendations for strengthening your cyber protection.