Last Review: 24 September, 2017, Halkyn Consulting Ltd, 2017, http://www.halkynconsulting.co.uk/a/

Cyber Security - Emergency Response Service

Like insurance but better

No matter how good you are, or how good your security is, sometimes attackers will get in. How you deal with a breach can often be the difference between your business recovering to thrive or going bankrupt. World class incident response needs the right people, processes and technology in place but this can be expensive and if you don’t have many incidents things fall out of practice. Our service allows you to take advantage of our tools and skills but only when you absolutely need it. See our testimonials.

Emergency Response Service

The benefit to your business

Cyber security breaches happen to every organisation from the NSA to small businesses. Handling a breach well can save you countless amounts of time and money - even avoid regulatory fines if personal data is involved. Getting it wrong can, unfortunately, cost your business.

The problem for most organisations is that having a dedicated incident response team available 24 hours a day and maintaining the level of skills and interest needed to be a good incident handler is simply prohibitively expensive. We offer a better solution.

Our cyber security emergency response service is built around your needs. For a fixed annual price you have access to highly trained incident responders to use when ever you want. If you don’t have any incidents during the year, unlike insurance you haven't wasted your money as you can use the contracted hours for other services such as vulnerability assessments, table top exercises, security architecture reviews and much more. If you do run out of the contract hours as an Emergency Response Customer, we offer a 50% discount on our normal incident response rates.

Our Engagement Process

All our engagements are tailored to your specific needs to ensure you get maximum value out of our service. This is an example of some of the more common activities to give an overview of what is available.

On-boarding

The first part of our engagement with you is to work with your business to ensure we are best placed to support you. This normally involves our consultants visiting your offices to get an understanding of what critical processes exist and to make sure our security tools are properly configured to assist you. Depending on your requirements, we can run vulnerability assessments and help with the configuration of logging & monitoring tools to maximise the chances of detecting malicious behaviour. If it suits your needs, we can even deploy new firewalls, intrusion detection systems and other tooling to make your network more secure.

We can provide training to your staff about what the security tools do and how to go about their business in a more cyber security aware manner. This significantly reduces the risks of them falling prey to phishing attacks or other forms of social engineering.

At the end of the on-boarding we will give you a security assessment report from any tooling we have deployed (which can cover vulnerabilities or indicators of compromise) and ensure you have accurate contact details to engage us as needed.

Surveillance Monitoring

During time we are working together, we will run a health check on your network every 3 months. The specifics will vary depending on your needs but often include a vulnerability scan, discovery scan or patch assessment. This allows us to ensure our records on your network are current and helps provide you with early warning of any problems.

Incident Response

In the event you have a security incident you want us to support, just call us. Our incident response team will be able to begin initial triage remotely and we will work with you to establish the best course of action from that point forward. Our response steps can include remote access live response or, if needed, we can deploy consultants to your location to take physical images of any devices.

Other Activities

If you don’t have an incident you need our support with, you haven't wasted your money.

You can use your contracted hours for a wide range of activities which can be discussed in detail during the on-boarding. Some examples include network penetration testing, security architecture reviews, Cyber Essentials certification, policy creation & review, awareness training sessions, red team exercises and much more. The key point is that you will get great value for money whatever happens.