With today’s ever-evolving cyber threat, even the most well-prepared organisations may experience a cyber breach. However, a rapid, active response to incidences can have positive outcomes for organisational reputation and resilience. We assist our clients with crisis management, technical, legal & regulatory, communications, and reputation management and support. We work with you to quickly contain and mitigate attacks whilst providing advice on future prevention.
Slipstream’s Cyber Incident Response Team (CIRT) can be a critical extension of your team. By engaging ahead of time, the often time-sensitive contracting and procurement processes can be in place ahead of time, allowing for a swift and seamless response. Our retainer onboarding process ensures we have detailed domain and organisational information so our team can quickly respond should your organisation become the victim of a cyber-attack.
With our extensive real-world experience responding to incidents across all business sizes and sectors, and a wide range of attack vectors, Slipstream is ideally placed to help customers develop policy and response plans. Our engaging tabletop exercises simulate real world scenarios and tests an organisation’s crisis and technical responses.
Knowing how to spot an incident and what to do when it happens can significantly minimise the collateral damage of a cyber-attack. Alongside general staff cyber awareness, we ensure members of the operations or technical teams can take the appropriate first steps to identify and contain an attack whilst the professional incident handlers are activated. Our First Responder training is delivered by practitioners in a practical and pragmatic way.
As part of our end-to-end Cyber Incident and Breach Response service, Slipstream has built a dedicated discovery process for data breach scenarios from the ground up. We have worked with Australia’s leading privacy and data breach law firms to tune our service to current regulatory requirements.
The team delivers prompt, accurate and cost-effective discovery of critical and notifiable data sets.
Our team of skilled Digital Forensics examiners are responsible for the remote and on-site acquisition and examination of digital evidence and our robust procedures ensure fidelity, balance, thoroughness, chain of custody and other requirements of the Australian Federal Court’s Code of Conduct for Expert Witnesses.
A leading global technologies company was the victim of ransomware in 2021. Infrastructure was impacted nationally, with all data encrypted. Business impact was extreme, with some critical infrastructure providers (who are reliant on the client) impacted; business as usual was not possible. Client infrastructure was diverse and geographically dispersed, the result of inorganic growth.
Upon engagement, Slipstream DFIR resources were on site within 24 hours with enterprise-grade detection and response capabilities deployed. Senior DFIR and executive advisors provided the client with guidance at both a technical and crisis management level.
On-site and remote data acquisition was required, including significant support to the client who did not have the requisite skills or staff to manage the incident (a third-party IT provider was also contracted to assist with restoration activities). Incident management and project management was a large component of the initial phase. Containment activities were significant due to the presence of web shells, remote access trojans and the widespread nature of the incident, hampered by the absence of an asset register or understanding of the breadth and depth of the network. Senior Incident Managers and Responders were critical during the 2–3-week containment phase, which involved regular on-site meetings, business continuity planning and execution and emergence management and response.
Think this service suits your business? We work with a multitude of different idustries across the board, so get in touch with us if you think you’re in the right area and would like to talk to one of our team about becoming cyber secure.