Cybersecurity Month: Respond Quickly

If you’re waiting until your organization has a security breach to develop an incident response plan, you’re already damaging your brand and creating the potential for great material loss.

“All companies should have an incident response plan in place, so that when (a security event) happens, it can be reacted to quickly,” said Sword & Shield Enterprise Consultant Rocky Breeden. “The best and safest first steps are crucial to saving data and should be initiated immediately upon notification of the threat.”

nist_incident-response-life-cycle

Graph: NIST IT Security Incident Response Life Cycle

How you initially respond to security incidents determines whether the incident becomes manageable or whether it quickly gets out of hand causing damage to your brand, reputation, and material loss for your company. Unfortunately, experience tells us that many organizations are ill-equipped to respond to security incidents.

Building effective incident response capabilities takes careful planning, understanding of modern threats, guiding risk management principles and participation of stakeholders at all levels of the organization. There is a fine line between a well-executed response and chaos.

Breeden said there are five phases in properly eradicating a threat:

  • Incident Response: Lock down all file shares.
  • Gather Information:  Locate the point of origin by reviewing logs and conducting interviews.
  • Eradicate the Infection: Remove the client machine from the network and contain the threat.
  • Remediation:  Ensure that all patches are installed, anti-virus up to date and restore clean files from backup.
  • Education: Keep the end-users informed.

At Sword & Shield, we can help you with both early detection and a quick response  to an existing threat.

Our Incident Response Services can help you detect, analyze and remediate security incidents. We help you plan for security incidents before they happen and we provide the help and expertise you need when they do occur. Our Managed Security Services can also help to limit your liabilities by helping you quickly, easily and cost effectively deploy all the security controls you need to detect, analyze, log, monitor and react to threats, ensuring that your most important IT assets are always protected.

We help companies respond to security incidents the right way. Our team is assisting customers with measured and effective responses to deal with all kinds of threats and security incidents on a daily basis. Let us put our experience to work for you.


Comments are closed.