header-img

Incident Response & Investigations

Incident Response & Investigations

 

 

 

 

Quick and effective response is critical when it comes to limiting long-term damage. ICC experts understand that cyber incident response capability must seamlessly integrate across existing mission critical functions, and they have the expertise to respond to
all types of threats.

Preparation
  • Establish and train an incident response team
  • Develop appropriate tools and resources
  • Select and implement controls based on the results of our
    risk assessments
Detection & Analysis
  • Combine resources and tools necessary to determine the
    scope, impact, and appropriate response
Containment, Eradication, & Recovery
  • Prevent data from leaving the networks and prevent further damage
  • Remove malicious code, actor accounts, or unnecessary access
  • Repair vulnerabilities that may be the root cause of the incident
Post-incident Activity
  • Reflect on lessons learned, new threats, and better technology
  • Detail the cost, cause, and response for the incident, along with steps that should be taken to prevent future incidents