Incident Response and Crisis management
Even in the best governed and operated security functions, incidents are, unfortunately, a likely occurrence. Incident management and crisis management, while often being more an art than a science, requires effective and regular communication with business stakeholders. Proper preparation and regular practice of how to manage incidents and through crises is critical in managing the associated risks. We work with organisations in preparation and practice (e.g. through blue teaming and wargaming activities) as well as in helping them to manage through the event. Most importantly, and mirroring our approach to penetration testing, we work with our clients to do a thorough (and forensic quality if needed) lookback and root cause analysis to understand and ultimately remediate the underlying people, process and technology issues that were not operating effectively. Our key service offerings in this area are:
Pre-incident planning and development of response processes to be followed in the event of an incident. These include defining the criticality of the incident, escalation procedures as well as stakeholder communications planning;
Blue teaming and wargaming of scenarios to test the effectiveness of the security team and their ability to detect and respond to security events. This can include both hands on and tabletop exercising of the incident response plans;
Cyber Response Management team setup and operation to create a working group of relevant stakeholders to manage through an event including legal counsel (internal and external), executive leadership, insurers, compliance, public relations and the relevant regulators;
We provide surge resources to support our clients during a breach including response management, malware analysis and forensic incident investigators;
During a crisis, communication is paramount. The right messages at the right time can not just reduce the financial and reputational damage but can actually go a long way to increasing trust through transparency and honesty – values that are core to Genium4. We have an experienced and certified crisis PR manager who has helped clients in the past in defining a communications strategy through the crisis management lifecycle;
Post incident analysis, forensic lookback and business resumption support with the objectives of understanding and remediating the root causes that led to the incident, to respond to regulators and customers and bring the business back to full operational capability in a controlled way.