Service Benefits

Missing

Formalize Security Incident Response

Create workflows to more efficiently respond to security incidents.

Missing

Follow a Framework When Building Workflows

Follow the security incident management framework when building workflows to help ensure all aspects of the response process are formalized.

Missing

Identify Security Weak Points in Current Processes

By building security incident response workflows, identify maturity gaps and risks in existing organizational processes.

Security Incident Management Framework

Our Perspective

You will experience incidents.

Save your organization response time and confusion by developing your own specific incident use cases.

The results of incident response must be analyzed, tracked, and reviewed regularly.

Without a comprehensive understanding of incident trends and patterns, you can be revictimized by the same attack vector.

Effective internal communications are key to a more effective incident response.

Security Incident Response Team members come from departments that don’t usually work closely with each other. This means they often have different ways of thinking and speaking about issues. Be sure they are familiar with each other before a crisis occurs.

Service Overview

Build Prepare and Detect Phases

Select a security incident type to build a workflow for, then define that workflow’s ownership. Begin to create the workflow by identifying how the security incident can be detected.

Build Analyze and Contain Phases

Determine how the detected security incident will be analyzed to ensure it is fully resolved, then determine how the analyzed security incident will be completely contained.

Build Eradicate and Recover Phases

Define how the organization will identify and eradicate all components of the root cause of the contained security incident, then define how the organization will recover from the eradicated security incident.

Build Post-Incident Activities Phase

Determine the process for completing post-incident activities such as assessing response quality, determining incident costs, and potentially sharing information with key stakeholders.

Visit our Exponential IT Research Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019