Be proactive with your security incidents to minimise the impact on your business
Preventive information security policies and controls cannot guarantee total protection of your information, services, systems or networks. As a result, no organisation is immune to incidents caused by network problems, server breakdowns or sophisticated attacks.
In the event of such events, users or customers will no longer be able to access essential services, affecting business continuity. CAPTOSEC is aligned with best practice and recommends that companies develop and implement a formal security incident management process to respond to incidents and mitigate the impact on business.
Our services
To help our clients manage their information security incidents, CAPTOSEC is developing an incident management framework based on an effective incident response plan and process. The incident response process includes the following steps: Prevention, Detection, Response and Post-Incident.
On a practical and operational level, over the years we have built a collaborative environment around a number of tools, enabling us to respond to security incidents. This environment is made up of tools, workflows, procedures and analysts.
- CAPTOSEC’s security experts respond to incidents by carrying out the following main activities:
- Identify and analyse the incident quickly
- Contain the incident
- Restore normal services according to established priorities
- Analyse the root cause (how the security breach occurred, what the attackers changed, Index of Compromise, etc.)
- Implement or update security controls
- Security incident response process
- Security incident response plan
- Escalation procedure
- Roles and responsibilities of the incident response team
- Restoration of essential services
- Main cause of the incident
- Evidence for legal action