Cyber Incident Response Management

In today’s technology connected world, regardless of an organisation’s size, industry or the products/ services it provides, the probability of being exposed to cyberattacks have significantly increased. To be protected from these cyber risks, it is imperative that all organisations have a cyber incident response plan in place with experienced team (internal/outsourced) to swiftly detect, respond and recover from cyberattacks.

A cyberattack happens every 39 seconds, and the average cost of a cyberattack is $3.86M. as we look at these stats, it becomes necessary for an organisation to have a robust mechanism in place to deal with cyberattacks/incidents.

“I am convinced that there are only two types of companies: those that have been hacked and those that will be.

And even they are converging into one category: companies that have been hacked and will be hacked again.” Robert Mueller

Our cyber incident management response approach is aligned with international standards such as NIST's "Computer Security Incident Handling Guide", to detect and respond to the incidents in a systematic manner. This approach helps us to seamlessly combine the strengths of organisation’s people, process and technology into effectively handling cyber incidents. Our approach is described below:

1. Preparation: Establishing cyber incident response team with clear roles and responsibilities along with appropriate tools and services including standard operating procedures (SOP).
2. Detection and Analysis: Establish continuous monitoring of organisation’s critical assets to detect and analyse the attacks and its impact on the business. Further, communicate the incident details to key stakeholders.
3. Containment, Eradication, and Recovery: Contain the attack with minimal business impact and gather the evidence appropriately. Also, identify the attacking host to seize the attack and recover.
4. Post-Incident Activity: After successful recovery from cyberattack, document lessons learnt and retain the evidences for further use.

Our cyber incident response management services include:

• Development of Cyber incident response plans
• Cyber incident response readiness assessment
• Cyber incident response preparedness simulations, tests and exercises