Isolate compromised systems without powering them off (to preserve volatile memory), notify management and the DPO, then contact a CERT immediately. Our FIRST-accredited CERT can intervene within 2 to 4 hours. The first 48 hours are critical for containment, evidence collection, and CNIL notification (within 72 hours under GDPR).
EN
FR