Cyberattacks and Security Incident Response

Is your organization under a cyberattack?

Let our IT security experts help stop the cyberattack and minimize the impact of intruders. Truesec can help recover your data from encrypted files, get the rebuilding process up to speed, and provide strategic advice moving forward.

Truesec CSIRT has extensive experience performing security incident investigations and stay ahead of the curve by curating knowledge of current data breaches.

How to act if you are exposed to a cyberattack


Contact experts in IT security

Make sure you get professional help to stop the intruders. If you don’t have capacity inhouse, hire experts with the right skills and knowledge. It’s critical to wait until the IT security expert starts an investigation to avoid forensic data loss.

Call Truesec experts now: +46 (0)8 10 72 00
or email:


Don’t touch anything

Depending on your given situation, the security experts give you a few tasks to act on. For example: resist the instinct to immediately turn off all computers, pull out power-cords, shut down accounts or make any changes to the environment. Consider the situation a crime scene. Don’t touch anything without approval.


Secure backups

Secure your backups so they are not on any network. On critical systems you can disconnect the network – but do not switch them off.


Create a timeline of events

Create a timeline of how you experienced the incident and answer the questions what, when, how and who. Even small details can be incredibly important, when Truesec CSIRT starts to analyze what happened and act on it.

Don’t lose valuable time – act now!


Minimize the impact of a cyberattack

Systems and IT specialists who can detect and disarm cyberattacks in your environment, are just as important as alarms and cameras to provide a secure environment.

As the leading cyber security firm in northern Europe and a trusted cyber advisor, Truesec has developed a state-of-the-art capacity to protect our clients. The success is based on a combination of:

  • experience of investing major cyber incidents worldwide
  • skillful team of cyber security experts
  • the most advanced tools on the market
  • understanding the specifics of our client’s IT environments

The goal is to return to business as usual as soon as possible with no data loss during an ongoing security incident.

Securiy Incident Workflow

The Truesec Method


Identify threat actor activities

Contain and minimize the damage

Plan and execute a kick-out process

Data recovery & Rebuild

Lessons learned & Strategic advice

Experts to protect your organization

Truesec Cyber Security Incident Response Team (CSIRT)

Our Incident Response team, Truesec CSIRT, have vast experience from security incidents, forensic investigations and modern attack patterns. The process used, is perfected during an extensive number of assignments, including advanced ransomware campaigns, to cyber espionage and theft of digital assets. This has given us deep knowledge about how to instantly minimize impact and immobilize threat actors.

Together, we have managed to rescue data from encrypted files, and successfully disarmed several active cyber threat actors such as advanced persistent threat (APT)-groups. APT is a targeted cyberattack where the intruder aim to steal data, disrupt operations or destroy infrastructure, and often remains undetected for an extended period of time.

Truesec CSIRT consists of multiple roles depending on the incident:

For example:

  • Forensic Expert
  • Data Recovery Expert
  • Threat Hunter
  • Technical Leads
  • Legal & Crisis Advisement

Customer reference – Addtech

Saved after a massive ransomwareattack

When the technology trading group Addtech were victims of a ransomware attack, nearly all their business activity was halted. They quickly understood that they needed external help. After recommendation, they turned to Truesec for help.

Jesper Särnholm, Head of IT at Addtech:

“The help we got from Truesec was utterly fantastic. It was as if we stood there bleeding out from an open wound, and then we saw the ambulance coming around the corner. Truesec’s expertise, experience and security, brought a sense of calm in a time when we were all under extreme pressure. Their enormous contribution shortened our downtime and suffering immensely. We had underestimated the threat to us as a company, but thanks to Truesec we are now working more actively with our IT security.

In the beginning, both the users and us in IT were unaccustomed to all the new routines, but now it’s smooth sailing. Truesec implemented both technical solutions and gave us tips about new processes and routines within many vulnerable areas. Cyber security is an ongoing war, and more companies have to start working in whole new ways like we did in order not to be affected.”

Read the full customer case on how we helped Addtech here.


jesper särnholm
“The help we got from Truesec was utterly fantastic.”
Jesper Särnholm
Head of IT, Addtech.

Proactive Incident Response Solutions

To help your organization anticipate cyberthreat, issues and respond effectively in case of a data breach or cyberattack, we offer tailor made solutions for your specific needs. Don’t waste any time, let’s take the next step to secure your IT!

Get in touch with Truesec CSIRT

[mc4wp_form id="2129"]

Cookie Information
We use cookies for this website to work properly for you. By continue to navigate this website, you agree to this. Read more about cookies here and our Privacy Policies here.