1- Definition
The following Service Terminology is used through these Terms and Conditions for FindMyAttacks:
This Agreement between Cybercraft and the Customer
Any deliberate action or attempt by malicious actors to compromise the Environment
A network of remote servers hosted on the Internet to store, manage, and process data
Establishes an API connection between FindMyAttacks and external cloud services
Provides real-time monitoring and data collection, within the Customer Environment
A service that is delivered over the Internet to provide access to software applications
Information, processes or methods that are commercially sensitive to either Party
Means the legal entity subscribing to the FindMyAttacks service
Means Cybercraft (NZ) Limited, a cybersecurity operations & advisory business
The Customer digital ecosystem into which the FindMyAttacks is monitoring
A Finding is a suspicious or anomalous event that is sufficient to trigger an alert
A cybersecurity operations service provided by Cybercraft
The process of setting up and configuring FindMyAttacks for the Customer environment
Refers to the Customer, Cybercraft or both
The specific subscription package for FindMyAttacks that the Customer subscribes to
The services provided by FindMyAttacks
The levels of service provided by the FindMyAttacks service
Means the minimum 12-month subscription period for the FindMyAttacks Service
Means Cybercraft (NZ) Limited
Means the Customer
The following Acronyms may be used through these Terms and Conditions:
FindMyAttacks
Priority-1 (Critical Severity), Priority-2 (High Severity), Priority-3 (Medium Severity)
Service Level Agreement
Single Point of Contact
2- Scope
The objective of FindMyAttacks BRONZE PLAN is to provide the following capabilities on a 24/7 basis:
The FindMyAttacks BRONZE PLAN is “Cloud Only”, focussing on the high value cloud assets. We focus on detecting the Critical Findings in cloud services, and direct other Findings to the Customer to action.
FindMyAttacks requires an onboarding process to complete connections to the various services in the Customer Environment, and to undertake any configuration required to send security event logs to the FindMyAttacks service.
FindMyAttacks does NOT provide any Incident Response capability within the service. Our role is to validate Findings, to notify the customer if an Incident is detected, and hand the Incident over to the Customer Incident Response Manager.
2- Scope
The objective of FindMyAttacks BRONZE PLAN is to provide the following capabilities on a 24/7 basis:
The FindMyAttacks BRONZE PLAN is “Cloud Only”, focussing on the high value cloud assets. We focus on detecting the Critical Findings in cloud services, and direct other Findings to the Customer to action.
FindMyAttacks requires an onboarding process to complete connections to the various services in the Customer Environment, and to undertake any configuration required to send security event logs to the FindMyAttacks service.
FindMyAttacks does NOT provide any Incident Response capability within the service. Our role is to validate Findings, to notify the customer if an Incident is detected, and hand the Incident over to the Customer Incident Response Manager.
3- Service Description
FindMyAttacks aligns with the industry standard ITIL service definitions, with a context on validating cybersecurity event, Findings, determining attack criticality and their potential severity to the organisation.
Critical security threats that could potentially cause severe damage or data breaches. These are events that require immediate attention due to their high severity, such as detected ransomware or active exploits.
High-severity threats that, while not immediately destructive, could lead to serious issues if left unresolved. Examples might include detected malware or significant policy violations that need prompt action
Medium-severity threats that pose a moderate risk to the organization. These might include suspicious activities that warrant investigation but are not immediately harmful, such as unusual login patterns or potential phishing attempts
4- Service Agreement
This Agreement outlines the Services provided by FindMyAttacks, the requirements for those Services, and the respective responsibilities of each Party.
The provision of Services outlined in this Agreement is guided by the following principles:
The parties agree to conduct all business activities under this agreement in a spirit of mutual trust, good faith, and transparency. Both parties will transact business in a manner that is in the best interest of both parties and make every effort to understand and align with each other's objectives.
The parties agree to communicate openly and honestly in all matters related to this agreement, and to act in accordance with the principles of good faith and transparency. Any disputes arising under this agreement will be resolved through good faith negotiations and a genuine effort to find a mutually acceptable solution.
The Customer subscribes to a FindMyAttacks Plan that meets their business requirements and cybersecurity objectives.
The following Table outlines the Plans provided by FindMyAttacks, outlining the core cybersecurity objective for each Plan.
Identify threats on Cloud services only, & notify the Customer
BRONZE PLUS on-premise threats
SILVER PLUS hybrid device threats and automatic containment
Cybercraft is responsible for the following:
The Customer is Responsible for the following:
The Customer will provide:
The following types of cybersecurity services are not included in the scope of the Agreement or our FindMyAttacks deliverables. Cybercraft provides these services separately.
Security controls are required to detect and prevent many types of cyber threats and incidents. Organisations require a range of cybersecurity controls to protect their Environment, data, and reduce risk. The Customer is responsible for determining which security controls are required to protect their organisation to effectively mitigate risk.
The ongoing lifecycle management of security controls, their configuration, maintenance, and determining their effectiveness is the responsibility of the Customer. The Customer is also responsible for the fine tuning of security controls to improve the quality of security events logged to FindMyAttacks.
The Incident Response Management is a leadership role focussed on the technical & digital aspects of the incident response process, and undertakes the following actions during an incident:
The Incident Response Manager works closely with the Customer service providers to contain the incident, to prevent further damage or data loss, eradicate the compromise, recover the systems, and work to prevent a reoccurrence.
Incident Management is a business crisis management leadership role that is typically activated when a critical cyber incident is identified and where there is business reputational impact, requiring solid business risk decision making and executive level communications to internal and external parties.
The Incident Manager works closely with the business to manage business risk, and in conjunction with the Customer’s Executive team, minimise reputational damage, and provide guidance for any regulatory and compliance breaches.
Incidents often require additional support due to the specific nature of the attack, or introduction of a significant risk where the business may have a regulatory, commercial, or reputational impact. The Cyber & Information Security Office compromises of a team of specialists that provide advisory for specific types of incidents.
Effective Incident Response and Management requires planning, preparation, staff training, and testing to provide an effective response across a range of potential cyber incidents.
The following terms and conditions shall apply in respect of all work carried out by Cybercraft, except to the extent otherwise agreed with you in writing.
Agreed Term
Expiry of Initial Term
Termination by Either Party on Notice
Consequences of Termination
Neither party will be liable to the other party under the law of tort, contract or otherwise for any indirect or consequential loss arising out of, or in connection with, this Agreement; and
This section outlines the Fees for the Services provided under this Agreement.
Service Plan Fee
Onboarding Fee
‘Other Fees’ may be incurred to support the effective delivery of the FindMyAttacks Service.
Authorisation
Types of Additional Work
Additional Triage Requirements
Introduce feature
Tailors and minimise your costs, talk to us and customise
your cyber-security plan.