ASSESSMENT SERVICESMastering Incident Response Planning
STN’s incident response planning services train and test your team’s ability to detect, respond to, and recover from security incidents such as cybercrime, data loss, and service outages.
Your organization is the biggest target for data breaches.
The better you can prepare for inevitable cyberattacks with a well-defined Incident Response Plan (IRP), the better armed your organization will be. An Incident Response Plan is a set of instructions to help you detect, respond to, and manage a security incident. Building a clear IRP that you can rely on will help guide you and prepare for the imminent security incident. Your goal is to limit potential damage, reduce risks, and get your organization back on track.
The consequences of not having an incident response plan in place:
Loss of Revenue
Loss of Reputation
Regulatory fines, lawsuits
Loss of Business
Business Shutting Down
STN can partner with you to manage your incident response.
We can help you manage the incident response process every step of the way, starting with the Incident Response Plan (IRP) and continuing with plan development and testing. If you do not yet have an IRP, you are not alone. Seventy-seven percent of organizations do not have a formal cybersecurity incident response plan in place, according to the Ponemon Institute.
Cyber attackers and hackers are becoming more sophisticated and motivated. They are constantly spawning new attacks to compromise, steal or destroy critical information and disrupt organizations, according to GCN. STN can take your existing incident management policy—or build one from scratch—and work with you to develop it into an Incident Response Plan with thorough development, training, testing, and observation oversight.
Incident response plan, plan development, testing
STN will work with you on each of the Incident Response phases:
Incident Response Plan development and execution
- Identify relevant laws and standards as they relate to your organization
- List specific, regulatory environment-driven requirements that the program must meet
- Define Information Security Incident (ISI) as opposed to a significant event and identify authority(ies) authorized to declare ISI’s
- Define roles and responsibilities
- Define critical assets and systems
- Define monitoring systems, detection enablers, and forensics enablers
- Create the communication plan
- Create the actual Incident Response Plan
- Define the Incident Response team’s required equipment and assets based on the plan’s structure and steps
- Define plan review, updating, and testing requirements
- Define exception request process and identify authority authorized to grant exceptions
Plan Testing and Plan Refinement
STN will conduct continuing onsite exercises to test your plan against real-world scenarios scripted by STN.
Once each exercise has been completed, STN will provide a report on the results of the exercise and a question and answer session.
On an ongoing basis, STN will work with you to make adjustments as needed and conduct additional onsite exercises to ensure that:
Incident Response Plan meets your needs
Is continuously updated to reflect the ever-changing cybersecurity landscape
- Identify and document any changes to relevant laws and standards as they relate to your organization
- Identify and document any changes to Incident vs Event classification
- Identify and document any changes in Subject Matter Experts, Stakeholders, information systems, and critical assets
- Identify and document any changes to the communication plan, response plan and/or phases
- Identify and document any changes in the IR team’s required equipment and assets based on any new requirements and/or changes
- You cannot be confident about the implementation of your security controls without testing them first and the best way to test your security controls is to simulate what the bad guys would do to evade or circumvent your security controls.
Chris Akenson, CISO, STN
Get Secure Today
The best way to evaluate the risks of system misconfigurations based on the results of a simulated attack.
Get in touch
Let’s discuss your NIST compliance needs.
Contact us today to speak with an expert about your specific needs.
Stay in the Cloud
Sign Up for Our Newsletter
Sign up for our monthly newsletter for to stay up to date.