Planning for the Inevitable - Incident Response Activities

An increase of Ransomware attacks are being expedited by criminal outfits against UK organisations and associations with no intent on filtering out the smaller companies (all money is good money).


Ransomware
Ransomware is only one of the ways that attackers can target your organisation.
Therefore, if you haven't got the minimum requirement in place, then don't be surprised when your organisation is breached.

As a minimum, you should have:


1. Created a workable (and realistic) Incident Response Plan - We will visit your organisation to discuss how your organisation could respond to a Cyber Incident, or take an independent look at your current plan, in order to ascertain if it is current. This element will also look to identify the 'First Responders' within the organisation, of which would be the eyes and ears of the incident for the organisation.



2. Created a set of Playbooks tailored against your top risks - As part of the planning phase, a list of your Top 10 risks would be identified. These risks would then be planned against and acted out in order that an effective response to a specific risk could be orchestrated.


IR Playbook
Playbooks are created against the Top Threats to your organisation

3. Create a schedule to exercise your organisation regularly (Top to Bottom) - Whether it is Tabletop training, Walk-through training or full-on exercises, Forint can support your organisation in any stage of the maturity process.


Training for Incidents
Training at all levels needs to be conducted. Make sure that you understand your role and responsibilities when an incident happens!

4. Regularly tested your networks (internal and external scanning and Penetration Testing) and staff (Social Engineering) - Regular testing your network is essential, as vulnerabilities are always being identified (and further, exploited). You need to know how secure your

boundaries are, in order to create a secure haven for your data.


5. Updated your Incident Response Plan and Playbooks regularly - Organisations need to ensure that the plan is updated to reflect the current political situation, employee status and identified risks against your organisation.

Do not be caught out at the last minute, for the sake of a planning session with the team!

If you need assistance or advice in the setting up and running of any of these elements, we would welcome a call with you to discuss how to get some response activities aligned with your organisation.


Don't leave this activity for a time when it is critical. You need a workable Plan now!


Email (info@forint.co.uk), call, visit our site or contact us for more information


https://www.forint.co.uk/dfir


18 views0 comments

Recent Posts

See All