What is Incident Response?
Incident response is an organised approach to addressing and managing the aftermath of a security breach or attack (also known as an incident). The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
What does Incident Response involve?
If you’ve suffered a breach, we’ll help you immediately with guidance, support and technology to deal with the incident and minimise business impact. We’ll deploy a rapid response team and quickly establish a process to deal with the incident. We’ll then contain the cause of incident and provide support and guidance to resolve it. And we will work with you to create a tactical road map of recommendations to reduce risk in the future.
It’s safe to assume that your organisation will, at some point, suffer a breach. So incident response planning needs to be part of your business continuity planning.
We will help you create a functional incident response plan which will:
- Define the incident response team along with their roles and responsibilities
- Agree any skill sets that may be required which don't exist within your organisation
- Define your communications process and plan for effective communication during and after the incident
- Define the criteria to declare when an incident has started as well as when the incident has ended
There’s a lot more to it that this of course, but predefined, the process will allow the response to start within minutes of the incident being declared.