Telindus-CSIRT Telindus Cyber Security Incident Response Team

Recent years have seen an increase in new vulnerabilities, exploit types, APT groups, ransomware families and cybersecurity attacks in general. Furthermore, the shift to the cloud and acceleration of teleworking, has highlighted the need for organization to ensure protection for a variety of resources accessing the corporate network, resources that represent new opportunities for threat actors. Digital Forensics and Incident Response has become a central capability within the organization’s security strategy. It’s not when you’re suffering a cyber-attack that you have to wonder whom to call, should such situation arise the Telindus-CISRT (Cyber Security Incident Response Team) is one call away.   


Key benefits Telindus-CSIRT

  • 24/7 Incident Response services

    Assisting you should an incident occur with a 24/7 coverage (with a guaranteed SLA)  

  • Short Incident Response time

    First recommendation to contain and evaluate the scope of the cyber-attack

  • Return to an acceptable business activity situation

    Finding the incident root cause, identifying threat actors’ actions on objective and eradicating the threat

  • Help you recover from a security incident

    Support during the recovery phase by leveraging in-house experts from any other ICT and TELCO departements of Telindus (Citrix, Microsoft, NetApp, VMware, network security engineers)

  • A team of security experts

    Having experience with a variety of incidents, ranging from business email compromise attack to ransomware infections, involving either on premise or cloud environments. Member of the CERT.LU community, Telindus-CSIRT is also Accredited by TI (Trusted Introducer) since March 2016. Presence on the social network by sharing threat watch and best practices via @TelindusCSIRT Twitter account and speaking at security conferences. Highly trained and multi-certified team holding well-known certifications in the industry: GSE, GCIA, GCIH, GCFA, GNFA, GMON, GCTI, GREM

The benefits

  • Limit the impact

    It is not a matter of preventing all types of attack, it is a matter of having people, processes and technologies in place and being prepared to face emergency to limit the impact should a security incident may occur

  • Consider proactive activities

    Many people associate the term “incident response” with response, recovery and mitigation efforts following a security breach. However, incident response is not just a reactive activity. As best practice and industry frameworks indicate, and as the evolving adversaries and regulations demand, you need to consider proactive activities such a Threat Hunting and Adversary Emulation leveraging the Telindus-CSIRT Threat Intelligence

  • Threat hunting

    Threat hunting is the practice of proactively searching for cyber threats that are lurking undetected. Threat hunting digs deep to find malicious actors in an environment that have slipped past your initial endpoint security defences by spotting suspicious or unusual activities in the customer network or leveraging publicly available resources applying the threat hunter philosophy “know normal to spot abnormal”

  • Adversary Emulation

    Adversary Emulation is a process of imitating the activities or mimicking or copying the adversaries or threat actor behaviour. Adversary emulation allows organization to test security team against the latest threats used by real threat actor which might pose the greatest risk to the customer. Goal of adversary emulation is to assess the current stance in cyber security aspect of the organization (People, Process, Technology), to improve security posture in a whole process and also to enhance the blue team capabilities for detection and response process

The characteristics

  • Digital Forensics and Incident Response
  • Incident Response Readiness
  • Threat Hunting
  • Threat Intelligence
  • Adversarial Emulation
  • ISO 27001 certification

 

HOW TO CONTACT TELINDUS-CSIRT?

E-mail : csirt@telindus.lu
Phone: +352 450 915-1
Hours of operation: 09h00-17h00 CET from Monday to Friday except during Luxembourg’s public holidays
Outside of these hours / in case of emergency / for operational problems : telecomsd@telindus.lu