Cyber attacks are now one of the biggest threats to businesses, regardless of industry or size. They often strike without warning, develop rapidly, and leave behind not only technical but also organizational traces. In such moments, it is not only important to react quickly, but also to ensure well-thought-out and reliable cooperation between all parties involved.

This is exactly where the partnership between HvS-Consulting and TEAL comes in: Together, we offer companies a structured and seamless process from the initial cyber alert to the complete restoration and securing of the affected systems. What makes this collaboration special? It combines analytical depth with technical implementation – and always focuses on the specific needs of the customer.

In this blogpost, we show how HvS-Consulting and TEAL combine their expertise, what a typical procedure for a security incident looks like, and what concrete added value our collaboration creates for companies that want to take a holistic approach to cybersecurity.

Why partnership at all? Our mutual advantage!

Cybersecurity can only be effective when strategic thinking and operational implementation go hand in hand.

This is precisely where the partnership between HvS-Consulting and Teal comes in. We bring different but ideally complementary strengths to the table with the aim of providing organizations with more comprehensive and effective protection.

While HvS-Consulting specializes in the structured management of security incidents, from identification and response to restoration of operational capability, Teal focuses on the technical implementation of security measures.

Especially when it comes to complex Microsoft infrastructures, Teal offers the necessary depth and experience to implement concrete remediation measures precisely and sustainably.

This collaboration results in a comprehensive service approach that offers customers real added value: those who rely on our combined expertise in an emergency not only receive rapid assistance, but also professional remediation of the causes, without interface losses or operational gaps. The result is an integrated approach from two perspectives that takes a holistic view of cybersecurity and implements it accordingly.

From remediation plan to implementation mandate: How deal shaping creates trust, clarity, and efficiency

Once HvS-Consulting has drawn up the remediation plan and agreed it with the customer, a crucial phase begins: translating the analysis into concrete, actionable measures.

This is where deal shaping comes in—a structured, cooperative process that not only clarifies the scope of the project but also lays the foundation for successful implementation by Teal.

The process begins with a joint kick-off meeting with all relevant parties: the customer, HvS-Consulting and Teal. The aim of this meeting is to go through the remediation plan together, analyze and evaluate the work packages it contains. This involves checking which measures are to be taken over by Teal and whether certain points should or can be addressed by the customer themselves. This coordination is essential in order to design a realistic offer tailored to the customer’s needs.

Based on this analysis, the offer development phase begins, the actual deal shaping. In close consultation with the customer, we first define the exact scope of the collaboration: Which measures are to be implemented specifically? Which systems are affected? Which dependencies must be taken into account? At the same time, we identify the relevant stakeholders on the customer side and define roles and responsibilities in the project.

The time frame is also determined in this phase. Depending on urgency, resources, and technical requirements, a feasible schedule is developed. This offer is created iteratively, which means that customer feedback is continuously recorded and integrated into the offer. This ensures that the result is both technically and economically viable.

Another important point in this phase is the clarification of the contractual basis. Depending on preference and scope, the commission can be either a time-and-material approach or a fixed-price project – with the contract concluded either via HvS-Consulting or directly with Teal. Here, the partnership offers the advantage of flexible contract models and a clear, transparent structure.

Once the offer has been finalized and signed, the measures are prioritized in close consultation with the customer. Not only technical aspects are taken into account, but also business-critical aspects: Which systems need to be secured first? Which measures are immediately necessary to stabilize the security level in the short term? With this coordinated prioritization, the delivery phase begins and with it the actual implementation of the action plan by the Teal team.

The deal shaping process is thus much more than a formal intermediate step. It forms the bridge between analysis and implementation – transparent, collaborative, and goal-oriented. And it is further proof of how the collaboration between HvS and Teal ensures clarity, speed, and reliability in practice.

Possible remediation measures

Once the assignment has been defined and approved, technical implementation begins, tailored to the customer’s specific threat situation and system landscape. The content of such a project can vary greatly. Depending on the initial situation, the systems affected, and the security requirements, measures are prioritized, bundled, and implemented in close consultation with the customer.

Below, we provide an example overview of the possible contents of a remediation project. This list is not exhaustive, but is intended to illustrate the building blocks that typically form part of a comprehensive restoration and hardening of the IT environment. Of course, the specific catalog of measures is individually tailored as part of the remediation plan, together with the customer, HvS, and Teal. Some measures – such as the introduction of PAWs or tiering concepts – can also be planned as medium to long-term steps following the acute phase.

Active Directory:

• • Reset all (AD) passwords
  • Rebuild domain controller
  • Golden ticket reset

Restaging compromised systems:

• • Identification of compromised assets
  • Rebuild affected systems
  • Restore from backups where feasible

Hardening and vulnerability remediation:

• • Improve security in Office applications
  • Perform a targeted vulnerability scan
  • Block potentially dangerous file types in the email gateway
  • Eliminate attack-related vulnerabilities

Additional measures (depending on context):

• • Introduction of clear content separation, if not already in place
  • Use of PAWs (Privileged Access Workstations) for Tier 0 administrators
  • Implementation of a tiering model to separate permission levels
  • Review and adjustment of GPO permissions

From plan to practice

With the combined offering from HvS and Teal, we create a comprehensive security concept – from the initial alert to the complete implementation of all recovery measures.

Our promise

In a nutshell: “We don’t just secure – we also close the deal.”

While HvS-Consulting reacts quickly, analyzes, and structures during the acute phase of a cyberattack, Teal takes over the consistent implementation of the recommended measures – pragmatically, technically sound, and tailored to real business requirements.

The advantage for our customers is obvious: a seamless, efficient process without friction losses between analysis and implementation.

Modular service structure

Our services are clearly structured:

• • Module 1: Incident Response & Analysis (HvS-Consulting) – immediate measures, containment, forensic analysis, and remediation plan
  • Module 2: Remediation Support (Teal) – implementation, system hardening, restart, and optional review, lessons learned, and further consulting

Clearly defined roles & handover procedures

We guarantee smooth collaboration through coordinated interfaces, standardized playbooks, and clearly defined handover points. HvS-Consulting remains the central point of contact for the customer even during remediation. Teal takes care of implementing the technical measures in the background. This ensures that no information is lost—and no time is wasted.

We specifically target companies that rely on external expertise in an emergency, such as medium-sized businesses without their own incident response teams or organizations with high regulatory requirements (e.g., KRITIS, financial sector).

Our sales channels combine direct contact with educational formats: webinars, white papers, anonymized case studies, trade fair presence, and panel participation, supported by coordinated sales kits and one-pagers for joint customer outreach.

Conclusion and next steps

Cyber attacks cannot be completely prevented, but they can be professionally managed. The partnership between HvS-Consulting and TEAL closes a crucial gap between analysis and implementation and creates a consistent, coordinated process: fast, technically sound, and practical. Companies benefit from clear responsibilities, structured handover processes, and a modular service offering tailored to their individual needs.

Would you like to learn more about our joint offering, or are you currently facing a specific challenge?

Then contact us directly. Both HvS-Consulting and TEAL are available to assist you. Together, we will find the right starting point.