Today’s businesses need to be well equipped to deal with incidents as and when they occur, in a timely manner, to minimise financial and reputational damage. As such, Savanti consultants can be called upon during ‘peace time’ to provide an information security operating procedures (ISOP) review. This will thoroughly assess your organisation’s ability to deal with an incident should you be targeted by an attack vector.
The service will compare your businesses current processes and procedures with ‘best practice’ guidelines from industry bodies including NIST and SANS and our own unique knowledge and experience.
Based on our findings we are able to provide gap analysis reports and detailed roadmaps for risk reduction and capability improvement.
How comprehensive the review is down to you. We can cover the full incident response lifecycle or just some or all the following elements:
- Review of security operations team and capabilities
- Review of incident handling policies and procedures
- Review of post-incident information sharing and lessons learned
- Gap analysis and creation of critical improvement roadmaps
- Development of security operating procedures (run books)
- Process development and implementation governance
NIST incident handling life cycle:
Whilst general preparation should be made to handle all incidents, our consultants pay particular attention to the processes and procedures that can be put in place to deal with common attack vectors.
Working through the incident response lifecycle for each attack vector, we evaluate an organisation’s capability to deal with any or all of the following as well as any bespoke requests:
- Web and email based attacks
- Attacks executed from removable media and peripheral devices
- Attrition based attacks such as brute force and DDoS
- Loss or theft of equipment
- Improper use of company resources by authorised users and/or disgruntled employees