Cyber Incident Response Planning
When reputation, revenue, and customer trust is at stake, it’s critical that an organization can identify and respond to security incidents and events. Whether a breach is small or large, organizations need to have an incident response plan in place to mitigate the risks of being a victim of the latest cyber-attack.
Incident response strategies and plans layout what defines a breach, the roles and responsibilities of the security team, tools for managing a breach, steps that will need to be taken to address a security incident, how the incident will be investigated and communicated, and the notification requirements following a data breach.
We are well suited to delivery on your project requirements. Developing an incident response (IR) plan is a process that requires thought and several layers of development. Each engagement is customized to your organization and will include the following activities:
- Evaluate the level of maturity in cyber security incident response in your organization, i.e. your ‘state of readiness’. We will review and codify the underlying security policy that informs your incident response plan.
- Determine how cyber security incidents should be identified and handled in your organization.
- Develop a plan to help you build a suitable cyber security incident management capability (possibly in support of a wider cyber security resilience program).
- Develop an incident response plan and incident response process.
- Evaluate your existing disaster recovery capability and make improvements suggestions as necessary.
- Develop KPIs & SLAs.
- Provide recommendations: If required, we will recommend if you need to utilize third-party experts, be it for some or all of the cyber security response process or just specialized areas like technical or forensic investigations; situational awareness.