Loading SBCYBER SIEM and Compliance: Incident Response ...
Loading SBGCYBER SIEM and Compliance ...

What is the first step?

It does happen, and Hanco is Here so you know what you first step will be. 

An incident to your company could mean the end of certain business processes which could put risk to your entire infrastructure and workflow.

Think of the Maersk incident where the attackers did not mean to plant malicious malware into their systems, but it ended up there anyway. 

We will help with responding to such threats quickly and affectively by isolating the host, killing the processes, logging off and blocking users or IPs and much more.

An incident is an event that could lead to loss of, or disruption to, an organisation’s operations, services or functions. Incident management is a term describing the activities of an organisation to identify, analyze, and correct hazards to prevent a future re-occurrence.

Some malware attacks do not attempt to single your company out, they can be ‘scattershot’ into the cyber space and your company can fall victim to this. Will our incident response you need not worry about such events. 

The general flow of an incident response is as follows: 

  1. Preparation,
  2. Detection and Reporting,
  3. Triage and Analysis,
  4. Containment and Neutralisation,
  5. Post-Incident Activity.