The applications, infrastructures, or more generally the organization’s technological systems require constant maintenance, updates, and monitoring in order to avoid discontinuity in the services offered or even following an intrusion. Even when all systems are adequately protected, there is still the risk of being exposed to zero-day attacks, and therefore even the most careful organization can be subject to successful attacks. It is, therefore, necessary to know the various attack vectors, the possible consequences and the effective countermeasures to be taken in an emergency situation. Often, even knowing how to choose the best product from the most security-conscious vendor can make the difference, in addition to having guidelines for writing secure code to reduce the number of vulnerabilities introduced during the development of proprietary applications. In this context, we offer ongoing advice and assistance in solving the various cybersecurity issues, either by phone or email or by visiting the organizational structure where necessary for the duration of the assignment.
In particular, the following activities are envisaged:
1. Support in analyzing the attack or intrusion in progress, also helping in outlining a mitigation strategy against the threat. This activity generally consists of the analysis of the systems involved, network traffic, the vector used for the intrusion, the verification of known attacks, exploits, or payloads used for the intrusion, as well as the actions needed to resolve the problem, such as isolation of machines within the network, patching or restoring machines and exclusion of the attacker from the corporate network;
2. Evaluation of third party products (firewall, SIEM, file integrity monitoring…) to be inserted in the infrastructure or already inserted;
3. Support in the design and implementation of new products, applications, or services, maintaining a high level of security and according to the principles of Data Protection by Design and by Default, pursuant to Art. 25 GDPR, as well as in accordance with Recital 78.
Each activity carried out will be accompanied by a report or minutes, in such a way as to facilitate the re-use of the information obtained and/or processed during the assignment and to be able to support the same business processes in the future, taking into account the incidents that have occurred and the assessments already made.