Cyber Incident Readiness and Response

Preparing for the worst


The response to (cyber) incidents is inherently reactive – the organization reacts only when the incident occurs. The way it reacts can be diverse, from an internal attempt to resolve the incident (which, due to the lack of trained personnel, can often end disastrously) to the calling of an external expert team (such as Infigo IS), which then goes through certain steps to analyze the incident, "capture" the culprit and eventually delete the threat before full system recovery can begin.

Regardless of the type of reaction, one key step is always missing, and that is preparation! Without preparation, the incident response time becomes much longer than it should be, giving the malicious actor a chance to do additional harm or simply keeping the system out of commission, generating a loss for the organization.

Find out more about Cyber Incident Readiness and Response in the brochure.

Infigo's Cyber Incident Readiness and Response service is proactive and provides, among other things, an overview and assessment of the state of information system security (gap analysis), preparation or review of an existing incident response plan (if the organization has one), and presentation of the situation to key stakeholders. That part, the preparation, gives the system baseline and enables when an incident occurs, Infigo's team of experts to start dealing with steps that will eliminate the threat without the long-term collection of initial information.

During the next 12 months, from the signing of the contract, Infigo's experts and resources are available to the organization in case of any incident - the organization chooses whether to use them for something trivial like a phishing email or serious like a documented breach of a malicious actor into the system.

Key Benefits


Preparation

The preparation phase (before an incident happens), drastically increases the speed of resolution, the chance of a successful resolution and shortens recovery time.

A reliable partner

With the service, the organization gets a trusted partner who is ready to help with a security incident of any size within a very short SLA (Service Level Agreement).

Affordability

This great value service provides the organization with an additional level of reliability when solving security incidents, without requiring drastic investments in products/processes/ people or long-term implementations.

Statistically, every organization will experience a cyber incident, some sooner some later, so don't let it catch you off guard because (recovery) time really is money

Methodology


During more than 15 years of operation, the expert teams at Infigo IS had the opportunity to save numerous organizations from minor or major disasters. Practice, not theory, has enabled us to develop sets of methods, tools, and best practices, which we constantly improve and refine, in order to be as efficient as possible to the great satisfaction of our clients.

There are six main steps in the "Cyber Incident Readiness and Response" service:

  • preparation, which is carried out before the incident occurs
  • identification, which occurs during the incident
  • containment, during an incident, when trying to limit possible damage
  • eradication, where the possibility of a malicious actor gaining access to the system is completely removed
  • recovery, returning the system to normal daily operations
  • lessons learned, where documentation is made based on the experienced incident that helps the organization improve its long-term security posture

Of course, each step has a whole series of smaller stages, but each one is transparent to the organization. Likewise, it is important to say that at no stage are public resources used for analysis, uploading, or sharing of data and that at the end of the incident response, all data related to the incident itself is completely scrubbed from Infigo IS systems. During the incident, all data at-rest is encrypted with restricted access.