Data breaches can be costly events, impacting your customers and bottom line. By partnering with Rendition InfoSec you are well prepared to deal with a breach.
We have the forensics expertise to address the hard questions that you need answers to:
- What data was compromised
- How many records were compromised
- When it happened
- How it happened
- What your next steps should be
Incident Response Personnel Staffing
Incident Response Management
During an incident response, you need experienced personnel management to perform duties such as executive engagement, personnel coordination, and strategic IR task management. During an IR, we often find that personnel are very focused on individual technical tasks and lose overall focus for the investigation. Incident response management handles this overall coordination to ensure that tasks are accomplished as required.
Incident response management may sound easy – much like DIY plumbing it’s appearance of ease is deceptive. Getting it wrong can cost you big too. During the early stages of the incident, there is often more evidence to capture than organizations have complete logging ability for. But not all evidence is created equally. Rendition’s IR managers can help you answer the tough questions so you preserve the maximum amount of high value evidence during the investigation.
Rendition’s IR managers have worked incidents in technology, manufacturing, payment card processing, banking, health care, and many other verticals. Incidents we’ve worked have had hundreds of millions of dollars at stake, and we’ve always guided the client to the most advantageous incident resolution.
Incident Response Coordinator (Incident Handler)
While the incident response manager performs strategic level coordination, the incident response coordinator is their tactical counterpart. This position, often referred to as an incident handler (IH) is responsible for coordinating the efforts of the forensic analysts on the scene. While your forensic analysts (endpoint, network, and memory) may all be individually very capable, left to their own devices they will each focus on a specific area of the investigation costing the organization significant time.
The IH assigns tasks to individual analysts, follows up on task completion, and assembles the results into status reports. The IH coordinates meetings with analysts to share and update information and ensure that all resources are working on the highest priority tasks available.
An experienced IH is often the difference between a successful incident and total chaos. Even if you have a capable team, Rendition can mentor your incident handling team and ensure that they learn from our combined decades of experience in IH. This will save the organization time and money and ensure an optimal resolution for the incident.
Cyber Threat Intelligence (CTI) is about understanding threats to your environment. If Rendition is visiting your organization for an incident response, then it probably isn’t the time to stand up your own CTI program. However, Rendition can help by providing key indicators and providing context around those indicators.
Rendition has been collecting, analyzing, and fusing CTI data since before it was a buzzword. Many of our staff have experience in intelligence agencies where they targeted and defended networks much like yours.