Develop and Implement a Security Incident Management Program

Create a scalable incident response program without breaking the bank.

Onsite Workshop

Organizations without a formal security incident management program suffer from:

  • High susceptibility to risk.
  • Costly repairs to damaged or lost assets.
  • Time and effort wasted retroactively handling preventable incidents.
  • Legal ramifications from not complying with regulations.
  • Reputation damage with existing and prospective customers.

A formalized incident management program results in:

  • Streamlined processes for handling inevitable incidents.
  • Decreased downtime and possibility of breaches.
  • Increased preparedness and protection of assets.
  • Strengthened compliance with regulatory requirements.

Module 1: Prepare Your Incident Response Program

The Purpose

  • Understand the purpose of incident response.
  • Formalize the program.
  • Identify key players and escalation points.

Key Benefits Achieved

  • Common understanding of the importance of incident response.
  • Various business units aware of their role in the incident management program.
  • Formalized documentation.

Activities: Outputs:
1.1 Assess the current process, obligations, scope, and boundaries of the incident management program.
  • Understanding of the incident landscape
1.2 Identify key players for the response team and for escalation points.
  • An identified incident response team
1.3 Formalize documentation.
  • A security incident management charter
  • A security incident management policy
1.4 Prioritize incidents requiring preparation.
  • A list of top-priority incidents
  • A general security incident management plan

Module 2: Develop Incident-Specific Runbooks

The Purpose

  • Document the clear response procedures for top-priority incidents.

Key Benefits Achieved

  • As incidents occur, clear response procedures are documented for efficient and effective recovery.

Activities: Outputs:
2.1 For each top-priority incident, document the workflow from detection through analysis, containment, eradication, recovery, and post-incident analysis.
  • Three to six incident-specific runbooks

Module 3: Maintain and Optimize

The Purpose

  • Ensure the response procedures are realistic and effective.
  • Identify key metrics to measure the success of the program.

Key Benefits Achieved

  • Real-time run-through of security incidents to ensure roles and responsibilities are known.
  • Understanding of how to measure the success of the program.

Activities: Outputs:
3.1 Limited scope tabletop exercise.
  • Completed tabletop exercise
3.2 Discuss key metrics.
  • Key success metrics identified

Workshop icon Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Book a Workshop View Blueprint
GET HELP Contact Us
VL Methodology