Cyberattacks and Security Incident Response

Is Your Organization Under a Cyberattack?

Let our IT security experts help stop the cyberattack and minimize the impact of intruders.  Truesec can help recover your data from encrypted files, get the rebuilding process up to speed, and provide strategic advice moving forward.

Truesec CSIRT has extensive experience performing security incident investigations and stays ahead of the curve by curating knowledge of current data breaches.

How to Act if You Are Exposed to a Cyberattack


Contact Experts in IT Security

Make sure you get professional help to stop the intruders.  If you don’t have capacity in-house, hire experts with the right skills and knowledge.  It’s critical to wait until the IT security experts start an investigation to avoid forensic data loss.

Call Truesec experts now: +46 (0)8 10 72 00
or email:


Don’t Touch Anything

Depending on your given situation, the security experts give you a few tasks to act upon.  For example, resist the instinct to immediately turn off all computers, pull out power cords, shut down accounts or make any changes to the environment.  Consider the situation a crime scene.  Don’t touch anything without approval.


Secure Backups

Secure your backups so they are not on any network.  On critical systems you can disconnect the network – but do not switch them off.


Create a Timeline of Events

Create a timeline of how you experienced the incident and answer the questions who, what, when and how.  Even small details can be incredibly important when Truesec CSIRT starts to analyze what happened and act upon it.

Don’t Lose Valuable Time – Act Now!


Minimize the Impact of a Cyberattack

Systems and IT specialists who can detect and disarm cyberattacks in your environment, are just as important as alarms and cameras to provide a secure environment.

As the leading cybersecurity firm in northern Europe and a trusted cyber advisor, Truesec has developed a state-of-the-art capacity to protect our clients.  The success is based on a combination of:

  • Experience from investigating major cyber incidents worldwide
  • A skillful team of cybersecurity experts
  • The most advanced tools on the market
  • Understanding the specifics of our clients’ IT environments

The goal is to return to business as usual as soon as possible with no data loss during an ongoing security incident.

Securiy Incident Workflow

The Truesec Method


Identify Threat Actor Activities

Contain and Minimize the Damage

Plan and Execute a Kick-out Process

Data Recovery and Rebuild

Lessons Learned and Strategic Advice

Experts to Protect Your Organization

Truesec Cybersecurity Incident Response Team (CSIRT)

Our Incident Response team, Truesec CSIRT, has vast experience from security incidents, forensic investigations, and modern attack patterns.  The process used, has been perfected during an extensive number of assignments, including advanced ransomware campaigns, cyber espionage and theft of digital assets.  This has provided us with in-depth knowledge on how to instantly minimize impact and immobilize threat actors.

Together, we have managed to rescue data from encrypted files, and successfully disarm several active cyber threat actors including advanced persistent threat (APT)-groups.  APT is a targeted cyberattack where the intruder aims to steal data, disrupt operations, or destroy infrastructure, and often remains undetected for an extended period of time.

Truesec CSIRT consists of multiple roles depending on the incident such as:

  • Forensic Expert
  • Data Recovery Expert
  • Threat Hunter
  • Technical Leads
  • Legal and Crisis Advisement

Customer Reference – Addtech

Saved After a Massive Ransomware Attack

When the technology trading group Addtech were victims of a ransomware attack, nearly all their business activity was halted.  They quickly understood that they needed external help.  After a recommendation, they turned to Truesec for help.

Jesper Särnholm, Head of IT at Addtech:

“The help we got from Truesec was utterly fantastic.  It was as if we stood there bleeding out from an open wound, and then we saw the ambulance coming around the corner.  Truesec’s expertise, experience, and security brought a sense of calm in a time when we were all under extreme pressure.  Their enormous contribution shortened our downtime and suffering immensely.  We had underestimated the threat to us as a company, but thanks to Truesec we are now working more actively with our IT security.

In the beginning, both the users and us in IT were unaccustomed to all the new routines, but now it’s smooth sailing.  Truesec implemented both technical solutions and gave us tips about new processes and routines within many vulnerable areas.  Cybersecurity is an ongoing war, and more companies have to start working in whole new ways like we did in order not to be affected.”

Read the full customer case on how we helped Addtech here.


jesper särnholm
“The help we got from Truesec was utterly fantastic.”
Jesper Särnholm
Head of IT, Addtech.

Proactive Incident Response Solutions

To help your organization anticipate cyberthreat, issues and respond effectively in case of a data breach or cyberattack, we offer tailor made solutions for your specific needs. Don’t waste any time, let’s take the next step to secure your IT!

Get in Touch with Truesec CSIRT

[mc4wp_form id="2129"]

Cookie Information
We use cookies for this website to work properly for you. By continue to navigate this website, you agree to this. Read more about cookies here and our Privacy Policies here.