When a data breach incident occurs, every action taken needs to be a calculated step to recovery. Any missteps can cause damage to your organization, data, and evidence.

A typical incident response from ArcherHall includes a combination of the following:

  • Identification – the response team is initiated to determine the nature of the incident and what techniques and resources are required for the case.
  • Containment – the team determines how far the problem has spread and contains the problem by disconnecting affected systems and devices to prevent further damage.
  • Eradication – the team investigates to discover the origin of the incident. The root cause of the problem is determined and any traces of malicious code are removed.
  • Recovery – data and software are restored from clean backup files, ensuring that no vulnerabilities remain. Systems are monitored for signs of weakness or recurrence.
  • Recommendations – the team analyzes the incident and how it was handled, making recommendations for better future response and preventing a recurrence.
The window of opportunity to mitigate a breach and take corrective and preventative action can be short. Call ArcherHall for a free consultation.


Give us a call at (855) 839-9084

Or send us a message and we’ll get back to you right away.