Incident Response Management
We can help with the various stages of Incident Response
- Preparation: planning how to respond to an incident is best before an incident takes place. This takes the form of creating possible scenarios and creating an action plan on what actions would be taken.
- Identification: the incident would be detected or reported. Second, the verification of an incident is the next step. Confirming a reported incident will help identify the next steps.
- Containment: the most important incident response procedure is to contain the incident to prevent additional damage to the organization.
- Mitigation: the eradication of the incident is a critical step, otherwise the incident is likely to re-occur.
- Reporting: the organization needs to understand in simple terms what happened and why. We work with the internal/external IT department to help address the incident by providing guidance.
- Recovery: the recovery steps vary by incident, and can include restoring servers, data, etc.
- Remediation: this is the continuation of the mitigation steps, and can include patching, or making additional changes to the environment to prevent future incidents.
- Post-incident activities: this includes incorporating lessons learned and updating the Incident Response Plan and Procedures.
We can help the organization develop an Incident Response Plan that follows Industry Standards, including NIST 800-61 Rev 2, to help the organization be prepared to handle incidents.
Please let us know how we can help, take advantage of our initial FREE 30-minute Consultation. Contact us to get started.