TheMicrosoft Compromise Recover Security Practice(CRSP) is a worldwide team of cybersecurity experts operating in most countries, across all organizations (public and private), with deep expertise to secure an environment post-security breach and to help you prevent a breach in the first place. As a specialist team within the wider Microsoft cybersecurity functions, we predominantly focus on reactive security projects for our customers. The main types of projects we undertake are:
Compromise recovery:Giving customers back control of their environment after a compromise.
Rapid ransomware recovery:Restore business-critical applications and limit ransomware impact.
Advanced threat hunting:Proactively hunt for the presence of advanced threat actors within an environment.
Many articles around compromise recovery rightly focus on the technical aspects of what steps to take in the event of the control being lost in an environment. However, these are but one aspect of regaining control.As the CRSP, we would like to share the importance of assessing and supporting the human aspect of recovery based on our experiences in recovering organizations that are often in a very precarious, demanding, and stressful situations.