Image by Pedro Lastra
ARCAS INCIDENT RESPONSE

Respond. Assess. Act. Report.

While every incident is different, we organize our activity into four categories to maximize efficiency, and our team is engaged 24/7 until the issue is resolved.

Respond

First, we’ll work to understand the scope and potential impact of the threat, taking immediate action to prevent or minimize the impact of obvious malicious activity.

Assess

After we've triaged the immediate threat, we’ll analyze your environment for further malicious activity and actions, and work to understand your current technology environment and security posture. Arcas Risk will assign team members according to the assessment and then prioritize and coordinate the response in a customized Incident Response & Remediation plan.

 

 Your plan will include:

  • Timeline of activity by team member

  • Documentation of all compromised accounts, machines, and systems so we can contain and

    neutralize impact

  • Steps to recover data and bring the environment back online if possible, or rebuild if needed

  • Ensuring no mistakes that could add risk occur

    Arcas Risk provides growing businesses with the level of security, risk and compliance services previously only available to the Fortune 100.

Act

Arcas will deploy the latest tools and resources to identify and stop malicious activity, using a data-driven approach to understand exactly what your attacker is doing and the scope of compromise. And we won't stop until we’re confident and you’re comfortable that we’ve identified the extent of the threat and eliminated it.

Report

Our IR team will keep you constantly informed through regularly scheduled status updates. Your IR Response & Remediation Plan will outline each step of the response. And when the event is resolved, you’ll receive an executive summary and forensic reports detailing how the incident occurred and outlining recommended steps to prevent a similar attack.

Arcas Risk can help you determine the appropriate response in the event of a ransomware attack. We’ll oversee and support the negotiation process, determine the demands of the malicious actors, negotiate the price of the ransom, and retrieve decryption keys. We can also help you acquire and distribute cryptocurrency, and help with the decryption of systems.