In the event of a security incident, initial responses and actions undertaken by your organisation will have a direct impact on the level of business disruption incurred. The immediacy & effectiveness of your response will determine how comprehensively you are able to minimise damage, disruption and costs to your business operations.
The Fortis Incident Response service has been designed to prepare your organisation through the design and implementation of robust policy, procedures and first responder training tailored to your operational needs. It is important that staff feel prepared and confident to deal with such an incident, so planning, preparation and training is key.
Incident Response Consultancy Services
INCIDENT RESPONSE AND DO YOU NEED IT?
Your organisational response to an incident will determine the level of disruption to business operations. When an unexpected incident occurs, having a robust plan in place and staff who know how to implement the plan enables you to reduce financial losses and stay in control of the situation.
Incident response is also a common compliance requirement for security standards such as the:
Information Assurance for Small to Medium Enterprises (IASME) governance certificate
US Department of Defense Cybersecurity Maturity Model Certification (CMMC)
The purpose of this service is to support your organisation to:
Staff playbooks for each type of incident such as ransomware, data breach and DDoS amongst others
Training your cyber incident response team (CIRT)
Delivery of a simulated cyber incident training exercise to hone those skills
FORTIS APPROACH TO INCIDENT RESPONSE
Our consultants work collaboratively with your team to deliver you a robust incident response capability which ensures that your unique organisational needs are addressed and potential weaknesses identified then remediated. The initial workshop stage enables our consultant to gather important information about your business and to gain insight to your current policies and procedures, analysing them against industry best practice, identifying the gaps and highlighting areas to improve. If you don’t have them, we’ll design and create them for you so they’re appropriate to your business operations.
Fortis Cyber consultants are experts in their field and will be able to identify the greatest threats to your business responding quickly and professionally to cyber incidents. We will deliver a comprehensive and robust Incident Response Plan. This will include:
At the end of this, your cyber incident response team will be ready!
ENGAGEMENT METHODOLOGY STRUCTURE
CREATE, REVIEW OR UPDATE INCIDENT RESPONSE PLAN
Our consultant will create an initial incident response plan with the assistance of the client. This will identify any gaps & the associated risks, enabling the consultant to guide you on effective procedures and training.
CREATION OF IR PLAYBOOKS
Playbooks will be created to match the major incident types identified during the risk assessment planning activities.
INCIDENT RESPONSE FIRST RESPONDER TRAINING
Fortis will provide formal training around chosen incidents from the policy, processes and playbooks, teaching specific skills around technical responses to a cyber incident. This will include understanding when and how to invoke digital forensics support.
TABLETOP EXERCISE WORKSHOP
This is where a realistic incident scenario is exercised with your CIRT team. Your updated policies, procedures and training will be put to the test under simulated conditions.
INCIDENT RESPONSE REPORT
During this phase we will present the new Incident Management Plan and the outstanding gaps from the review. Our consultant will provide documentation and there will be an opportunity for questions and support with implementation.
The Fortis Incident Response Retainer (FIRR) allows you to pre-negotiate terms and conditions for incident response services before a cyber security incident is suspected to have occurred.
With the pre-arranged FIRR, you have a trusted expert partner on standby and ready to help. This proactive approach can significantly reduce the response time and reduce the impact of an incident on your business operations.
FORTIS INCIDENT RESPONSE RETAINED SERVICE
OTHER FORTIS ISRM OFFERINGS
Fortis has built a suite of Information Security and Risk Management Services (ISRM) to allow organisations of any size or industry stay in control of their cyber security. By being able to identify security risks and detect vulnerabilities, companies are armed with the knowledge to more easily protect themselves, meet and respond to ongoing and changing cyber threats.
“Taking the vantage point of an attacker and attempting to gain access”
Fortis’ Penetration Testing services enable clients to identify, assess and prioritise vulnerabilities and security flaws across their applications & API’s, platforms and infrastructure.
Penetration testing will help to identify security vulnerabilities which might otherwise leave your company open to compromise. Fortis has a proven track record in finding such vulnerabilities in some of the most complex, and sophisticated IT environments. The majority of the testers Fortis employ work on red teaming engagements as well as penetration testing. This ensures clients receive the highest level of quality, with testers often recognising scenarios that a normal penetration tester wouldn’t have the experience to detect.
The Fortis penetration testing and red teaming group are extremely well certified, holding multiple certifications awarded by bodies such as CREST, Offensive Security and the Tiger Scheme. Fortis also complements this focused knowledge with its National Cyber Security Centre (NCSC) CHECK & Certified Cyber Professionals to provide a valuable wider viewpoint to penetration testing assurance.
“Where is your security risk in the context of business operations”
There is a new style of information security risk assessment which now includes socio-technical elements. This recognises and measures the interaction between people and technology in workplaces. Traditionally risk assessments haven’t included the people working on tech, which is a blind spot for any organisation not assessing the socio-technical component.
In order to effectively target security activities, it is important to understand the holistic risks to businesses. A cyber maturity model should include a modern risk assessment, called a cyber vulnerability risk assessment (CVRA). This offers an enterprise-wide risk assessment of the cyber security posture and awareness of your organisation and highlights key risk areas.
“Win and retain business, stand out from competitors”
The breadth of Fortis' service portfolio enables it to offer a variety of risk management & consultancy support solutions:
from a simple one-off gap analysis against a specific standard such as ISO/IEC 27001 or NIST’s Cybersecurity Framework, through to complex multi standard integrated management systems projects.
Fortis prides itself in achieving a 100% success rate with its clients achieving UKAS Accredited Certification to ISO 27001, 9001, 14001 and many other management systems standards ‘first time, every time’.
Fortis will continue to work with your organisation beyond certification to support it with the ongoing maintenance of systems. Fortis can do this by providing an innovative and pragmatic risk-based approach across the organisation, helping maintain legal obligations, drive down cost and increase profit.
“Identify what really happened”
Fortis offer a complete, digital forensic investigations package to establish and identify the cause and source of cyber incidents. These events are instigated by internal or external threat actors. These services are carried out by experienced and certified investigators who will utilise versatile and powerful software and technology solutions to undertake digital forensic investigations & data restoration services.