Emergency Plan For Your Cyber Security

In many areas of our lives, we have a plan ready for the worst-case scenario. Why should cyber security be any different? We evaluate your preparedness to respond to cyber attacks with a readiness assessment and, if necessary, create an effective emergency plan tailored to your company. If a successful attack against your company does occur, we are at your side as an incident response team within the shortest possible time. You can have this support guaranteed with an Incident Response Retainer, which ensures that our incident response team is ready for you 24/7 and you are immediately connected with our experts, without going through a hotline.

The Oneconsult International Computer Security Incident Response Team (OCINT-CSIRT) provides expert support for ransomware and hacker attacks. We are available around the clock to assist you with security incidents. We coordinate all involved parties and accompany teams in this challenging situation. No matter if IT/OT team, crisis team, management, or the board of directors.

For the purpose of prevention, we test your security team’s ability to respond with exercise scenarios that are based on real-life situations and thus realistic for various target groups such as the IT department, the IT security team or the CSIRT. In addition, we train your employees for the emergency case of a cyber security incident. Oneconsult is your “Cyber Fire Brigade”, so that you get back to your daily business.

  • Experienced first responder team (CSIRT)
  • Certified DFIR experts
  • Customized SLAs (including 24/7/365 agreements)
  • Response and prevention
  • Readiness checks for incident response
  • Post-incident review
  • Practical solutions
  • Proven methods for managing and investigating cyber incidents
  • Short reaction time
  • Guaranteed discretion
  • Communication at the appropriate level
  • Reliable partner of companies and authorities

Respond Appropriately to Ransomware, Hacker Attacks & Co.

We accompany you before, during and after a cyber incident – so that you can fully protect your company.

Oneconsult Incident Response Plan ENG

After completion of the assignment, you will receive a customized final report, which will contain the following information:

  • Initial situation
  • Management summary
  • Documentation of the incident response
  • Findings and facts from the forensic investigation
  • Recommendations for preventing reoccurrence and improving technical and organizational measures.

Optionally, the incident and the findings are explained and discussed in detail during a final meeting.

Opt for fast and professional management of cyber attacks and competent support in all preventive measures as well as in the event of an emergency, if preventative measures have been circumvented.

Contact us now.

Get a Incident Response Quote Now


In the event of a crisis, the OCINT-CSIRT correctly assesses the situation and, if necessary, quickly arrives on site at the customer. We bring the incident under control and develop strategies to minimize the extent of damage. By securing and examining the required evidence with the appropriate tools, we then clarify the course of the incident. In addition, the root cause is determined so that the point of entry can be remedied in order to be protected in the future.

Companies should create an incident response plan that defines responsibilities, communication channels and action steps in the event of a security incident. Regular training and drills for employees are also important to ensure an effective response.

The duration of the incident response assignment varies depending on the type and scope of the incident. Simpler incidents may be resolved within a few hours or days, while the investigation and recovery may take weeks or even months in more complex cases. However, reaction time is an important aspect of incident response. Quick action is critical to stop the propagation of the damage, contain it, and restore operations as quickly as possible. A well-prepared incident response team as well as clear procedures and defined roles can help shorten the incident response time and manage the incident efficiently.

Red Teaming Oneconsult

We break into your company. You determine the question to be answered: Can I be hacked (red teaming) or will my team react correctly (blue teaming)? Or should the focus be on the interaction of offense and defense together with our ethical hackers (purple teaming)?

Penetration Testing Oneconsult

Systematic testing of your assets: Whether application, cloud, control or production system (ICS: SCADA/DCS), security system, aircraft, power plant, or train. We love the challenge and hack anything that is networked.

Incident Response Oneconsult

Your fire department for cybersecurity incidents. When there’s a fire, every second counts. Our computer security incident response team (CSIRT) provides competent support in correctly responding to ransomware, hacker attacks, and the like, and coordinates all involved agencies on request. Oneconsult extinguishes every cyber fire with you, so that you can concentrate on your daily business again.

Digital Forensics Oneconsult

Your fire investigators for digital incidents. After a security incident, our IT forensic experts systematically search for digital traces in a way that is suitable for court and clarify questions about how and why the incident occurred.

Oneconsult Cyber Security Academy

Your cybersecurity hub for security novices and professionals. Experienced trainers impart their expertise for people and companies that make the world safer – cutting-edge, practical, and oriented toward the target group. Increase the security awareness of your employees, achieve difficult certifications, develop secure software, or become an ethical hacker together with the Oneconsult Security Academy.

Confirmed by our statistics

Every day, companies around the world rely on our expertise. This is confirmed by our statistics in addition to our long-standing customers.


Incident Response


SMEs accompanied


Large-scale operations

Don’t miss anything! Subscribe to our free newsletter.

Your security is our top priority – our specialists provide you with professional support.

Availability Monday to Friday 8:00 a.m. – 12:00 p.m. and 1:00 p.m. – 5:00 p.m (exception: customers with SLA – please call the 24/7 IRR emergency number).

Private individuals please contact your trusted IT service provider or the local police station.

For more information about our DFIR services here:

Add CSIRT to contacts