Incident Response

Respond quickly and minimise the damage

Many organisations find they are poorly prepared only after a security breach and subsequent failure to contain the damage. Its a bad time to realise you aren’t properly prepared. As a result, the costs are often far greater, with the consequences for the company and individuals escalating very quickly. Every organisation should have a comprehensive Computer Security Incident Response Plan (CSIRP) in place. It should be an integral part of your overall security policy and risk mitigation strategy and drill tested regularly to confirm currency.

Organisations that can demonstrate that their incident response plan has been validated by a third party will be well placed to avoid Federal prosecution and the associated financial penalties. For example, the Privacy Act only requires organisations to take appropriate steps to secure their critical assets, and if a breach occurs, to handle it properly.

CloudPort is able to provide a wide-range of services to help you accelerate your incident response planning and ability to execute. We can:

 

Ideally the CSIRP should anticipate the point at which the magnitude of the problem requires external resources to augment the internal team. Proactive organisations realise that it is too late to evaluate vendors and negotiate contracts in the middle of a security incident, so they retain organisations like CloudPort and Proficio to guarantee emergency help when it is needed. Having access to security experts that are familiar with your CSIRP, environment and change policies will ensure you are able to quickly expand your team and accelerate your response to contain the damage.