Incident Response Plans
Effectively plan to efficiently respond
Being prepared for a potential cybersecurity attack is essential in today’s threat landscape of vast, complex and sophisticated threats. While it is important to make sure that your organization has the correct technical security setup, another important aspect of preparation is having a plan in place if a breach occurs. This plan should account for the potential effects on the overall business and incorporate the organization's goals and capabilities.
Unique plans designed for your specific needs
Your organization is unique, and your IR plan should not be any different. With this service, you receive expert guidance and custom-designed plans that consider the effects on stakeholders, critical assets, internal processes, systems and legal workflows. The CTIR team will meet with you to create a plan, specifically tailored to your organization that will allow you to work together, as one team, to respond to incidents.
What does this include?
-
A clear picture of all possible business impact
this may include public relations, communications, legal, and other non-technical business units. -
Clear, concise, and consistent processes
for how your organization responds to cybersecurity threats across your business. -
Customized actionable incident response plans
Expert advice tailored to your organization, giving you a solid foundation for triage in the event of a breach.
How does it work?
Sample Timeline-
Phase 1
Project kick-off, threat-modeling
The CTIR team will have an initial kickoff meeting with you to discuss your business goals, determine project focus, and identify any potential threats or previous attack experiences you would like to build into your plan.
-
Phase 2
Conduct interviews, review current documents from stakeholders
Next, they will conduct discovery stakeholder interviews and artifact gathering to ensure the incident response plan aligns to your business goals and accounts for all relevant areas of your business. This may include public relations, communications, legal, and other non-technical business units.
-
Phase 3
Plan development, draft documents for review with stakeholders
Then the CTIR team will analyze the material and insights to build a customized plan that associates your business capabilities to tangible processes for each group within your organization that is involved with incident response and review the plan with your stakeholders to confirm the design.
-
Phase 4
CTIR refinement of documents based on feedback
If any edits are needed, the CTIR team will work with you to refine the design based on your team’s feedback.
-
Phase 5
CTIR prepares a sample scenario
After the draft plan is finalized, the CTIR team will also craft a sample scenario to test against your IR plan.
-
Phase 6
Review final plan and sample scenario with stakeholders
CTIR will present the final outcomes of the plan and the test scenario.
Interested in this service?
Reach out to your account team or contact us below.