EN
it es fr

Incident Response

The moment you suffer a cyber attack is when you most need quick, professional and comprehensive help. This is why ReeVo provides the Security Threat Orchestration Response and Monitoring (STORM) service for Incident Response activities.

Learn more
incident-response

Overview

During an attack, in a high-stress situation, in addition to blocking the threat, ascertaining the extent of the damage, and concerns about how to speed up the restart of IT operations, the victim is also called upon to respond to countless seemingly collateral issues, such as impacts to the business, image fallout for the company, consequences for the extended value chain, or communication tasks to be fulfilled.

Our best specialists act, according to NIST standards, for the containment of the security incident and the subsequent steps necessary for resolution, continuing to follow you automatically up to more than 30 days after resolution.

This is the typical workflow that we put in place immediately on the IT side:

1. Preparation

  • Allocation of a dedicated Incident Manager
  • Allocation of 24x7 Incident Response team
  • Allocation of 24x7 SOC team
  • Allocation of Malware Analysis team to identify decryption keys (where possible)

2. Detection & analysis

  • Identification of Indicators of Compromise (IOC) and Attack (IOA) through forensic analysis
  • Ransomware family identification
  • Deployment of MDR, SIEM, SOAR, CTI, VA tools for anomaly detection
  • Data Breach analysis, detection of exfiltrated data published on Clear/Dark/Deep Web
  • Vulnerability Assessment for vulnerability detection

3. Containment, eradication & recovery

  • Ransomware removal via MDR
  • Isolation of compromised systems via MDR
  • Supporting secure system recovery

4. Post-incident activities

  • Sharing Incident Reports
  • Definition of remediation plan and security improvements

But this is not enough

Our Legal Forensics team moves in parallel with the IT team and with this workflow:

Preparation - cyber attack analysis

Report/Complaint to the Postal Police

Data Breach Management - Privacy Authority

Data Breach Management - privacy gap analysis

Computer attack emergency management

  • Technical-legal analysis of post cyber attack effects (by reasoned and comparative examination of technical reports issued by the ReeVo cybersecurity team); analysis of compromises and/or exfiltrations

  • Analysis of the IT structure, critical points, possible access points, vulnerabilities (through reasoned and comparative examination of the technical reports issued by the ReeVo cybersecurity team).

  • Drafting and filing a complaint alleging unauthorised access to computer systems and any other information systems.

  • Coordination with the competent Postal Police for investigation activities.

  • Data breach impact assessment

  • Preliminary notification to the Privacy Authority to be made within 72 hours of learning of the personal data compromise as a result of the attack

  • Supplementary/conclusive notification to the Privacy Authority to be made within 14 days of learning of the personal data compromise as a result of the attack

  • Analysis and possible communication to interested parties (employees, customers/suppliers, third parties)

  • Gap analysis of documentation (processing registers, data controllers, data breach, appointees, system administrators, privacy operations manual, IT manual, etc.).

  • Possible reorganisation/update of privacy documentation (enhancement following point 1)

  • Legal coordination of forensic investigation and acquisition activities

  • Management and coordination of external institutional relations / CNAIPIC / Government Agencies / Research Centres / Prefecture / Postal Police / Trade Unions / Trade Associations

  • Press management and coordination

  • Defining strategy and critical issues in relations with Customers, Suppliers, Employees and third parties

  • Assistance in preparing CDA minutes

rvo-banner-08

Cyber incidents are becoming increasingly frequent and happen to companies of all sizes or sectors.

Don't get caught unprepared!

Get in touch with us

Some of our cases

The answer you are looking for to the most common use cases, our vertical specialisations and services on platforms certified by leading vendors.

Etica SGR

Etica Sgr, a company of the Banca Etica Group, is currently the only Italian asset management company to exclusively establish and promote sustainable and responsible (SRI) mutual funds. Etica Sgr has chosen ReeVo for its cloud projects.

Iperius Backup

Enter s.r.l. an Italian software house engaged in application development on multiple Assets, from assisting SMEs in digitising processes, to the international market with the Iperius project. A suite of products dedicated to safeguarding one's data. The suite includes: Iperius Backup, Iperius Remote, Iperius Console, Iperius Storage. The collaboration with ReeVo is centered around the Cloud Storage service.

Mail Boxes Etc.

Mail Boxes Etc. (MBE) is one of the world's largest networks of franchise shops in the field of postal, communication and business support services for companies and individuals. MBE chose ReeVo for its cloud project.

Sistemi Cuneo

Sistemi Cuneo wants to be, for its customers, the IT solutions provider with a deep vision of the market, IT technology and the ability to create a winning team, to face the market of the future. Guaranteeing quality and continuity in the relationship with Customers. The collaboration with ReeVo focused on Cloud IaaS services.

Staff

The Errevi System project with ReeVo Cloud which allowed Staff to embrace digital transformation. A case of extraordinary digital excellence made in Italy.

Starch

Working alongside the Public Administration for over 30 years. More than 130,000 files submitted online in the last 3 years thanks to its systems used by our Italian municipalities.

Tiscali

Tiscali is one of the leading telecommunications companies in Italy and offers its customers, both private and business. Tiscali has chosen ReeVo to expand its Cloud and Cyber Security offering.