You
get a call in the middle of the night. Your company
has been hacked or one of your employees is funneling
proprietary research information to your competitors.
How will you
respond?
Since these types of incidents can cost into the
Millions of dollars and may have legal consequences,
it is imperative that your response be efficient,
accurate and effective. InfoDefense offers some
of the most experienced security professionals in
the industry to work closely with your organization's
technical staff to effectively address
any type of information security incident.
InfoDefense developed its incident response service to help organizations minimize damage, preserve evidence and investigate the root cause of violations. Our consultants use the following incident
response methodology to ensure consistent quality.
Incident Stabilization
Our information security experts start by analyzing
the incident and evaluating your organization's
information security posture for vulnerabilities that may have been exploited.
As major vulnerabilities are discovered, they are
addressed. In order to minimize changes to critical
systems, minor vulnerabilities are documented for
future remediation. While stabilizing systems, our
consultants will take the necessary steps to preserve
any electronic evidence that may exist. The overall
goal of incident stabilization is to minimize system
downtime, alteration and the disclosure of sensitive
information.
Computer Evidence Discovery
Wherever possible, electronic evidence is preserved
throughout the incident stabilization process. Since
this evidence may be required in a court of law,
it is collected according to Department
of Justice guidelines. It is important that it not be unnecessarily altered and the state in which
it was found is properly documented. Once evidence
is properly collected, the computer forensic investigation
process can begin. See InfoDefense computer forensic services for more information.
Root Cause Analysis
Once systems are stabilized and all relevant evidence
it collected, our consultants perform an in-depth
analysis of information assets as well as threats and vulnerabilities
that may have lead to the incident. The goal is
to identify and mitigate security weaknesses that
may lead to future incidents.
Why InfoDefense?
InfoDefense offers some of the most seasoned information
security experts in the industry to respond to your
computer security incident. Your organization will
save valuable time and money by addressing the compromise
in accordance with our proven methodology. You will also have
the option of pursuing legal remedies for any losses
your organization has incurred and when the process is complete your organization will have an improved
information security posture to prevent future
incidents.
Contact our computer incident response team by email at cirt@infodefense.com or call us at (877) INFODEFENSE.
It is often difficult to determine the real value of
information security investments since they do not produce revenue. They instead protect against potential
losses. These losses may or may not be realized. As
a result, decision-makers are often reluctant to make
security investments. There is a way, however, to maximize
your security investment and measure its return through
risk assessment and return on security investment analysis.
This information can be used to prioritize information
security investments and help justify additional expenditures.