Cyber
Incident
Response
Cyber breaches happen quickly and can ruin a business.
​
With a team of professional incident response (IR) specialists on deck, you can rest assured your business is backed with the expertise you need to bounce back from a breach.
US$3.86M
average total cost of a data breach
US$1.3M
average breach savings with an incident response team and plan in place
Blackpanda uniquely manages post-breach losses by offering retained and on-demand incident response services from multidisciplinary regional responders, addressing the greatest pain points of a cyber security breach.
​
Our proprietary risk analysis and cyber security incident response software allows us to respond more quickly and efficiently, with support from our next generation voice stress analysis technology, to both eradicate malware and root out internal human threats.
Blackpanda maintains highly trained teams of cybersecurity and digital forensics experts throughout APAC, with on-site and remote responders, activating more quickly and with the cultural understanding necessary to manage crises.
Our incident response specialists address clients’ vulnerabilities across physical, social, and cyber threat domains to identify the true source of a breach, incorporating proprietary incident response software and next-gen voice stress analysis tools to detect and combat insider threat.
Our team consists of an elite cadre of special risk and security experts from international special forces, intelligence, forensics, and federal law enforcement backgrounds. Operational excellence is at the core of everything we are and do.
Incident Response
Process Overview
The Blackpanda DFIR team is comprised of a skilled set of practitioners who are highly experienced and well-trained in crisis management. The team follows procedures developed by Blackpanda, based on a combination of industry best practices (SANS, NIST, ISO) and the requirements of our specific tools and capabilities.
PREPARE
Upon Suspicion of Incident, Client Shall:
-
Contact Blackpanda 24/7
notification center -
Submit to Blackpanda the incident data-ingestion form
-
Continue to monitor incident for developments
IDENTIFY
Blackpanda Will, Within 4 Hours:
-
Acknowledge notification and respond
Within 4–24 Hours:
-
Determine validity and severity of event
-
Deploy Pandarecon to suspected compromised endpoints
-
Begin data collection
Within 48 Hours:
-
Conduct preliminary analysis
-
Define scope and assign roles
-
Communicate plan of action
-
Begin containment & remediation
CONTAIN, ERADICATE & RECOVER
Beyond 48 Hours:
-
Contain/Quarantine the incident
-
Conduct root cause analysis
-
Confirm/Deny data exfiltration
-
Extended remediation
-
Recover lost data (if possible)
-
Assist in restoring business operations to normal
-
Submit initial assessment report
LESSONS LEARNED
Final Report Covering:
-
Cause of breach
-
Methodology used
-
Remediating actions
-
Recommendations for further improvement of security posture
Cyber Insurance & IR Services Coverage
Blackpanda Incident Response services may also be included as part of a comprehensive cyber insurance policy.
As named responders on a policy, all Blackpanda response fees may be covered, in addition to first- and third-party losses such as business interruption as well as regulatory fines and fees.
Interested in finding incident response services that drive both your business and cyber security goals? We can help.