Incident Response and Development
Security Incident Response is concerned with managing risk from identified security breaches. The assessment reviews the organization capabilities to respond to a security incident from both a technology and business perspective.
Three primary components are packaged for initial development:
- Assessment: The assessment is an expert-led process and includes interviews with several department and subject matter experts. This assessment includes a documentation review of past evaluations, process documentation, and evidence of implemented Security.
- Program Development: Initial development of a security incident response policy, security incident response plan, and security run books.
- Tabletop testing: Initial tabletop test that challenges the organization from a business level, identifying process gaps and used to design or update the security incident response program.
Security incident response programmes should not be left until there is a security incident, but often this is the case. We can assist with the remedial work. This allows the organization to measure there security incident response capabilities from a business perspective and to develop customized solutions to minimize the effect of a breach.