Cyber Incident Response | Services

Cyber Incident Response

Most organisations today have a significant focus on preventing cyber incidents. What happens though when an incident actually occurs? 

  • How do we respond?
  • Who do we communicate with first?
  • The Board?
  • Our customers?
  • Government Regulators?
  • Police?
  • What are our legal obligations?
  • Why did this occur?

 

More often than not, a slow response or a unplanned response not only reflects badly on the organisation but can have significant impact on the organisations share price and immediate revenue. Long term it can lead to significant lawsuits, have a massive impact on careers and could devastate the value the company has built up over years of work.

 

Security in Depth can assist by helping organisations create a tailored incident response plan, based on industry best practices: 

  • ISO27001
  • NIST

 

These plans are focused on the different phases of an incident and allows your organisation to: 

  • Create your blueprint for response and recovery efforts
  • Define the priorities that will govern your response activities
  • Define your action plans for both common and, more importantly, high level responses based on your priorities

 

We then create playbooks for up to ten different cyber incidents: 

  • How to protect forensic evidence
  • Communications with all impacted parties
  • Testing and escalation to crisis management

 

Each of our incident response plans proceed to a workshop phase enabling the entire incident response and crisis management teams to practice and test as if working through a real world incident.

 

This includes providing: 

  • Real life scenarios
  • Production of a master events list
  • Facilitation by expert facilitators with real world expertise

 

If you have had an incident and are looking for further support please see cyber incidents and other resources.