INCIDENT RESPONSE MATURITY ASSESSMENT
Few organizations really understand their ‘state of readiness’ to respond to a cybersecurity incident particularly a severe cybersecurity attack, and are typically not well prepared in terms of:
People – Assigning an incident response team or individual; providing sufficient technical skills; enabling decisions to be taken quickly; and gaining access to critical third parties.
Processes – Knowing what to do, how to do it and when to do it. This includes identifying cyber security incidents, investigating situations, taking appropriate actions (e.g. contain the incident and eradicate cause), and recovering critical systems, data and connectivity.
Technology – Knowing data and network topology, determining where Internet touch-points are and creating / storing appropriate event logs.
LRQA Nettitude’s Incident Response Maturity Assessment will provide valuable insight into your capability in the previously described domains. Part of the assessment includes the benchmarking of your current capability against a robust Incident Response capability framework.
Analysis of the results will provide a roadmap towards improvement. The assessment will also include a review of your existing logging capability and make recommendations on how to enhance your logging capabilities in order to maximise the capability of any SIEM or SOC solutions that you have in place.
LRQA Nettitude’s Approach
As a security consultancy and solution provider, data security is at the heart of what we do.
LRQA Nettitude will look to present a holistic set of recommendations and remediation advice and guidance for moving forward. This will be detailed in the form of a roadmap document, enabling the organization to prioritise any remediation tasks and work required. LRQA Nettitude is always keen to debrief these reports and will always provide clear guidance around the suggested actions. As well as the technical detail and recommendations LRQA Nettitude will provide strong guidance around the overall risk and processes to manage the threats that exist in today’s modern cyber-environment.
All findings will also be presented back to the customer in the form of a strategy debrief. This allows senior management to understand why security should be a focus, for the organization, what they are currently doing, where their vulnerabilities currently lie and how they may be targeted and which controls they should focus on as part of their forthcoming cyber strategy.
Strong technical services
Our consultants are not simply auditors but all have a strong background in networking, technology and solutions. We are security evangelists who believe passionately in what we do. We work hard to deliver solutions and best practice guidance to help our clients meet their needs. We seek to develop close working relationships with our clients in order to tailor all of our services to your needs, timescales and requirements.
Risk reduction and management
Pragmatic, manageable solutions