Académique Documents
Professionnel Documents
Culture Documents
Few organizations really understand their readiness quotient when it comes to responding to a cyber
security attack partly because they miscalculate the gravity and partly because of the amorphous
dimensions of the term incident.
In general security parlance, any event that affects CIA (Confidentiality, Integrity and Availability) can
be called an incident. However, defining the term within the context of your operations requires
infallible perception and situational awareness. Without precise identification of the source of a
breach, its intent, impact, and entry point, organizations cannot effectively pair an incident response
plan with the level of support and threat management capability it requires.
There is a noticeable upward trend in the embracement of incident response planning, but merely
having guidelines proves to be persistently ineffective. A recent study by Ponemon Institute
indicated that though 73% of Fortune 500 companies have developed IR plans, about 68% of them
feel they arent yet ready to handle a data breach and wouldnt know what steps to take to control
the impact.
The reality of the situation, apparently, is that many organizations arent yet equipped with the right
staff to venture into the preparation phase with the forward-planning exigency it requires.
Negligibly few companies, whom I would call the 1%, are equipped with an IT team that can double
up as incident handlers with the kind of knowledge gained from day after day of dealing with a wide
range of incidents. The others who form the majority have the option to involve a dedicated incident
response team with battlefield experience.
The role of Managed Security in Preparation, Response and Follow-up of a Security Incident
Organizations are working with managed security operations teams are realizing the
transformational benefits of objective assessment and extensive threat intelligence the best of
both worlds.
Resuscitative Containment is undertaken to neutralize threats in critical systems to help keep them
in production while a clean backup is getting ready.
3. Follow-up:Corroborative security policy reviews, logs, checklists and surveys
End goals:
Every event encountered contributes to the knowledge pool that is used in adjusting rules, policies
and frameworks. Analysts prepare reports for a range of purposes but the most valuable reports are
those that chronicle the entire incident summary and answer all questions pertaining to it.
Aleph Tav Technologies is helping organizations discover simplified threat management with a
flexible and adaptive security operations team. Explore ways to build a robust response team with
our managed security solution. Visit alephtavtech.com for more.
Our services include: Ethical Hacking, Managed Security Services, Application Security, Network
Security, Security Testing, Enterprise Security, Security for IoT, SCADA Security, Digital Forensics