This service identifies problems that hinder investigations and enables organisations to increase their ability to detect and respond to attacks, as well as minimise the impact and cost caused by the incident.
We analyse your current detection and response capability, including review of current IR Plans and Playbooks and network and logging configuration. These elements are crucial in not only ensuring an organisation has the data available for the eventual incident but also to effectively respond.
We give recommendations to improve the overall capability and gain greater visibility of the environment. Our recommendations from this heighten the overall security posture of the enterprise, improve detection and minimise time to resolution.
In 90% of incidents that we’re engaged on without having performed our Breach Readiness Service, we find that crucial data is missing.
Without essential testing of current Incident Response plans, due to panic and a lack of understanding of roles, responsibilities, communication methods and actions, they prove to be rarely followed when an incident occurs.
We will run through incident-based scenarios via table-top (TTX) and/or live-fire exercises (LFX) to ensure that the Incident Response process will be triggered in a real-world incident.
Testing improves an organisations ability to adhere to IR plans, allows key players to understand their roles and responsibilities in the IR process, thus improving response actions undertaken and time taken to recovery.
An Incident Response Retainer provides you with:
Our team are seasoned, experienced and business-minded security consultants with an average of 10 years experience across state and local government, health, finance, education, nonprofit organisations and more.