Incident Management Consultancy
Preparing for and responding to Cyber Security Incidents
Organisations are never going to eliminate the inevitable happening, but can prepare an effective response and do all that they can to minimise the impact when it does happen.
Incident response and incident management is now a major factor in regulatory compliance, GDPR, NIS Regulations, NHS (DSP) Data Security and Protection Toolkit, CareCERT and the Scottish Cyber Resilience Strategy for Scotland all have mandatory incident reporting requirements and associated fines if breaches are not reported within certain timeframes.
An organisations ability to detect, react to and respond to security incidents in a fast, planned and coordinated fashion is of paramount importance to the operation, cyber resilience and success of an organisation.
Incident Management Consultancy Services
Defend, protect and prepare for cyber incidents and data breaches with our Incident Response Planning and Management Solutions based on the CREST guidelines and ISO 27035. Let us help you Plan for and Prepare for and be ready to Respond to a cyber incident or data breach quickly.
If you are looking to implement an incident management and incident response solution then we can help develop a bespoke solution for you utilising the following milestones:
Review your current status, perform a gap analysis and recommend suitable controls and appropriate technical measures
Assist in data asset discovery
Perform a Business Impact Analysis (BIA)
Advise on the development of a suitable incident response process
Develop an incident response team
Develop an incident response plan
Provide incident response training
Develop bespoke incident scenarios
Assist and advise on scenario testing
Advise on a suitable framework for continual improvement and ongoing management
CREST and ISO 27035 Incident Management
The purpose of incident management is to manage and respond to unexpected, disruptive events with the objective of controlling impacts within acceptable levels. The objective of incident response is to suitably prepare for the cyber attacks that organisations are likely to face.
Incidents can be technical, such as attacks mounted on the network via viruses, denial of service (DoS), system intrusion or they can be the result of mistakes, human error, system or process failure.
While it is important for organisations to have preventive measures in place to avoid security incidents, it is equally important that there is a robust, tried and tested response plan in place should an incident occur.
We advocate the implementation of an incident management framework based on ISO 27035 and the CREST (CSIR) guidelines utilising the 3 phase Prepare, Respond and Follow Up approach.
Cyber Incident Response Case Study
Below is a real life Incident Management case study compiled by Romano Security Consulting to demonstrate and provide an insight into the work that we have carried out on a previous Incident Management project and that might be of interest to our prospective clients.
G Cloud Approved Incident Management Consultancy
Romano Security Consulting are approved to supply our Incident Management consultancy services under the UK Government Crown Commercial Services G Cloud 14 Digital Market Place.
The Digital Marketplace is an online procurement service for any public sector organisations to procure services, resources and technology for digital projects, quickly and cheaply.
The G Cloud procurement process eliminates the need to go through a full tender process as suppliers have to apply to and be approved by the Crown Commercial Service via the G Cloud application process.
Please click on the button below to access our Incident Management consultancy services on the Digital Market Place.