In the midst of a security compromise your organisation needs clear and cohesive guidance on driving the incident management process. Without it, a simple information security event could escalate to crisis or disaster, leading to a notifiable breach of company information and subsequently, reputation damages and customer losses.
An overarching Information Security (IS) Incident Management policy sets the directive for a more coordinated response. It’ll act as a basis for a comprehensive IR plan, and will further provide transparency around your entire IR process. Ultimately, it ensures a formally documented IR procedure is readily available, demonstrating your organisation’s commitment to containing information security threats and minimising damage to third parties.
Our qualified team of consultants develop and implement IS Incident Management Policies and Standards across a range of industries, with the additional creation of custom-made Incident Response Plans. As an ISO 27001 certified organisation, we pay special attention to Annex A.16 of the standard, ensuring your business has a clear, successful and compliant strategy around the notification, communication and general handling of information security incidents.
This is a total cost gap of $2.46m or 54.9 per cent. These figures show a growing cost difference effectiveness of IR capabilities in just 2021. However, when we compare the numbers year-over-year, it’s clear that testing is only improving response processes and minimising costs even more. For example, the average cost difference in 2020 was only 42.1 percent, or $1.77m.IBM's Cost of a Data Breach Report
The purpose of Information Security (IS) Incident Management Policy is quite self-explanatory – it describes the overall requirements for preparing and dealing with information and cyber security incidents in the period immediately after their occurrence. In addition to enabling your team is to respond swiftly and effectively to an incident, this policy will demonstrate an integrated approach to risk management and ensure your organisation is compliant with the relevant legislation and standards. Above all, the objective of IS Incident Management policy is to show your business is doing its due diligence and providing high standards of information security to protect staff, customers, partners and other third-parties.
Your incident management policy should cover all staff, customers, suppliers and any other third-parties that may be involved or impacted by a potential information security incident. As such, it applies to any individual in your organisation that handles or uses the company’s information resources.
In addition to outlining the responsibilities of executives and general staff, we ensure your incident management policy defines your Incident Response (IR) team and delivers clear guidance on how they should handle the IR process, from determining the type of threat to activating the overarching IR plan.
The policy covers the entire incident management cycle – from planning and prevention, to notification and activation of the IR plan, containment and response procedures as well as recovery and review. This high-level overview ensures incidents do not escalate through inaction, and puts incident management into clear, formalised steps.
This includes data breaches, malware outbreaks, internal frauds and system
misuse, cloud compromises, phishing, sexual harassment or other industrial relation disputes involving information systems.
Moreover, our services extend beyond just Information Security Incident Management policy. We specialise in Security Assurance Services, Governance, Risk and Compliance, Enterprise Services, Digital Forensics and Incident Response, partnering with Strategic Vendors to protect your business.
More importantly, it’ll ensure a top-down approach that’s been approved and communicated across your key-decision makers, incident response team and other staff.
Content Security will perform interviews with senior managers and team leaders from your IT department, as well as key process owners (e.g. from HR, Risk and Compliance, and Facilities Management).
The objective of these meetings is to identify key business processes, the nature and value of your information, and areas of risk within the business. This information then will be used to ensure that the incident response plan will be aligned with the business goals, information security objectives, and legislative and regulatory requirements.
Content Security will work with your team to develop and implement a tailored incident response plan. This plan will align with your organisation’s unique requirements for collecting evidence and swift resumption of business operations. The incident response plan will contain:
The plan will then be deployed to your key employees, and our team will provide training and skills transfer sessions to interested parties.