Incident Response

When defences fail, too many organisations find they are not equipped to respond.

Get in Touch

Incident Response Guide

As much as we try to prevent a cyber attack, we live in a world of ‘when' and not 'if' it’ll happen.

Incident response has earned its right in any board-level discussion on cyber security. It’s importance is also tied to the simple fact that businesses must be able to respond to a cyber-attack if they want to avoid suffering its three negative impacts: reputational risk, legal risk and financial risk.

Our Proactive Incident Response service gives you access to our experienced Cyber Incident Response Team (CIRT) who can quickly recognise and contain the threat, reducing your response time and minimising the impact.

2M

$ av. cost savings with incident response teams and Incident Response testing

3.86M

$ average total cost of a data breach

280

Industry average time to identify and contain a breach

Why Incident Response?

The technical expertise required to analyse, contain and eradicate a cyber security threat isn’t a resource that’s ordinarily freely available.

Within the industry, Incident Response is seen as a core component of any well-thought out cyber security strategy. It's no surprise that proper incident response planning is seen as a core security control in all the leading cyber security frameworks and standards:

NIST PR.IP-9
CIS CSC 19
COBIT 5 APO12.06, DSS04.03
ISA 62443-2-1:2009 4.3.2.5.3,4.3.4.5.1
ISO 27001:2013 A.16.1.1,A.17.1.1, A.17.1.2, A.17.1.3
NIST SP 800-53 Rev. 4 CP-2, CP-7,CP-12, CP-13, IR-7, IR-8, IR-9, PE-17

Market Guide for Managed Security Services

Integrity360 named as a Representative Security Pure-Play Vendor in the 2020 Gartner Market Guide for Managed Security Services

Find out more

Our Incident Response Process

Your organisation must be able to respond to a suspected security incident quickly.

We leverage an array of next-generation technologies and expert cyber security specialists to deliver an incident response service. The service assists your organisation in responding to a suspected security incident in a time-efficient and productive manner.

Our staged approach is to stop the active threat while applying proprietary tools and processes to quickly diagnose the environment and remedy the situation:

Preparation

Integrity360 incident response specialists meet with you to discuss the scope of the incident and establish a communication matrix for escalation.

Detection and Analysis

Assist in the deployment of assessment tools. Conduct log analysis from your systems and environment in an effort to determine the root cause of the incident.

Containment and Eradication

Collaborate with you in containing the incident, and restoring the business to normal operational standard.

Post-Incident Activity

Our incident response team produce a technical report detailing the incident while a briefing of management, board and any other key personnel takes place.

At our request, Integrity360 stepped up brilliantly to respond to a cyber incident at a non-profit organisation, who had approached us seeking assistance. The team remedied a very serious situation and we thank the team at Integrity360 for demonstrating the power of the ecosystem.

Financial Services client

Benefits of Proactive Incident Response

Incident response gives organisations more resources, specialised services and managerial skills to deal with security incidents – not to mention the indepth perspective on how to remediate them. Clients gain access to malware experts who can add the decision-making perspective, proprietary tools and proven methodologies to respond more quickly. On top of it all, the service provides strategic malware, forensic and log analysis reporting personnel to educate your internal teams when needed. Other service benefits include:

Timeliness: Guaranteed availability of an experienced incident response expert in the event of a compromise or suspected breach
Skillset: Improve incident response capabilities and reduce exposure to attacks and breaches with certified Incident Response specialists
Experience: Skilled specialists from a variety of disciplines paired with a communication matrix allow for enhanced visibility and clearer decision-making.

Productivity: Speed up investigations to contain them within days and reduce response times while still clearing tasks and objectives.
Resourcing: Demonstrate compliance and improve policy enforcement with skilled staff you can bring on at a moment’s notice.
Value: Repurpose the hours not used to improve other areas of the cyber security strategy while also staying prepared in the event of a security incident.