Article
Technology Planning: Incident Response
The Process of Improving Security
Developing a comprehensive incident response strategy is a key component of any organization’s security program, but it requires a thoughtful approach and point-by-point plan.
Working with CDW on Improved Incident Response
PHASE 1
Preparation
Prepare for the inevitable by developing a plan to more effectively respond to an incident.
- Secure executive buy-in.
- Identify your organization’s most valuable assets.
- Perform a risk assessment and address identified gaps.
- Create a threat model to understand the types of incidents your organization is most vulnerable to and their potential impact.
- Identify compliance and reporting requirements.
- Properly define roles and responsibilities and establish a communication plan to be used during an incident.
- Develop an incident response plan, including processes and procedures.
PHASE 2
Instrumentation
Security teams need the right instrumentation to detect, contain and eradicate threats.
- Consult an expert to identify gaps that exist within your existing security instrumentation.
- Invest in endpoint detection and response (EDR) and next-generation anti-virus (NGAV) solutions to provide comprehensive visibility into endpoint activity critical to detecting, investigating and mitigating advanced cyberthreats.
- Centralize logs and leverage an event log management solution to detect and investigate unusual or suspicious activity across the enterprise environment.
- Collect network telemetry to identify and track anomalous network traffic and baseline deviations.
- Minimize the attack surface of your environment through comprehensive vulnerability management solutions.
PHASE 3
Maintenance
Organizations and threats constantly evolve. Conduct regular reviews of your incident response program.
- Conduct regular reviews of your incident response plan and update it as necessary.
- Leverage purple team and tabletop exercises to validate the efficacy of your incident response program.
- Never let a good incident go to waste. Learn from security incidents within and outside your organization.
- Stay abreast of the latest trends and attacker techniques and adapt your incident response program as necessary.
Next step: Call CDW to get started with Incident Response.
Security Services
Get critical insight into your organization’s security risk with
CDW Cybersecurity Assessments.
You May Also Like
White Paper
What Is GDPR, and How Does It Affect Retailers?
A major regulation went into effect this year to govern how organizations that do business in the European Union handle data. Here's what you need to know.
Article
Why a Risk-Based Approach Yields Effective Security
A holistic assessment of threats and vulnerabilities helps an organization appropriately prioritize and mitigate its risks.
Article
Smarter Security Addresses Evolving Threats
Artificial intelligence and data analytics are improving the performance of endpoint security solutions.MKT42894