CERT Service
Computer Emergency Response Team
In the current environment, with a hack or exploit being covered in the press everyday, are you ready for your turn? For many of our customers peace of mind is sought by knowing that they can call on experts when they need to, anytime. Access directly into experienced Information Security consultants could be the difference between surviving an attack or suffering. This becomes especially important if, as is proposed, a company has to report a breach within 24 hours. The CNS CERT Service is an incident response process, it fulfils the requirements required by many standards.
The Solution
The CNS Computer Emergency Response Team Service provides a security expert to respond and assist with incident response and emergency advice. The service has two capabilities:
-
Incident Response
– Will provide an expert when the Customer has a related incident which can be, but is not limited to, suspected virus outbreak, forensic incident, breach response (forensics and testing), request for disclosure form a third party or spoof website taken down or computer/ equipment seize and search.
-
Emergency Advisory Service
– Will provide an expert to conduct phishing analysis, review suspected DDoS or DoS attack, review Advanced Persistent Threat (APT) response and offer compliance and regulatory advice.
All initial phone calls will be ticketed by the CNS Service Desk who will assign an individual to respond
within the agreed time. The Customer will be assigned a dedicated guardian within CNS who will act as
the final escalation contact and at the start of the contract a bespoke incident response process and plan will be created.
Threat Alerting Service -
The CNS CERT Services also ties in with our CPNI and USCERT alerting service. CNS compares alerts received and correlates them against the Customer known IT estate or company profile to gauge relevancy. If deemed relevant and, depending on the severity of the alert, CNS will proactively manage the flow of information by updating the Customer, offering advice and comments on a suitable response.
Threat Vectors
Breach Response
Incident Response
Phishing Attacks investigation
Fraudulent/ Spoof Website Take down
DOS Investigation
Forensic Investigation
Computer Seize and Search
Virus out-break investigation
Malware Investigation
Breach Investigation and disclosure
3rd Party Disclosure
Advance Persistent Threat Investigation
Data Discovery
Compliance and Regulatory advice:
EU Data Directive
Data Protection Act
PCI DSS
ISO
FSA
HMG Security Police Framework (CLAS)
Caldicot Principle/ Code of Connection
IGSoC
CPNI
NIST
CIS
SANS
ISF
SOX