Incident Response Services

Incident Response Planning

A business can mitigate the impact of a data breach by proactively developing an Incident Response Plan. Each Incident Response Plan is customized to the organization´s risk profile and includes an analysis of the type of data managed, the manner in which it is handled, the industry and applicable regulatory framework, and potential severity of the breach. Incident Response Plans are sometimes mandated by compliance regulations, such as the PCI DSS (Requirement 12.9). The development of a plan may include:

Risk assessment
Identification of the incident response team - key resources, roles, and responsibilities
Breach definition, mobilization, and alert mechanism
Step-by-step action plan and checklists
Incident response training (also required by the PCI DSS)
Communication plan
Regulatory response

Technical Services

Technical services include:

Infrastructure Management: Implement controls, procedures and training programs to minimize the risk of a breach occurring and to have internal and external mechanisms in place and ready to go if a breach occurs.Containment: Stop in-progress attacks or reduce the efficacy of an attack.
Damage Assessment: Investigate and identify the exact nature of the problem, enabling you to continue your business operations uninterrupted and disassociating you from the problem.
Remediation: Patch the vulnerability or otherwise prevent the problem from reoccurring.
Recovery: Get affected systems back up and running, reinstall software, restore lost data, and other actions necessary to recover from the incident.

Regulatory

Federal law and most US states require notification in the event of a data breach. Failure to notify the affected individuals may result in significant penalties and other liabilities. Some laws require notification to be performed "as soon as possible, and without unreasonable delay." Notification requirements are also impacted by the nature of the information (healthcare records vs. payment card numbers), the format of the data (paper records vs. electronic data), and whether the breach is defined as material or immaterial.

Regulatory services include:

Forensic investigation to identify affected customers and location
Rapid turnaround to comply with mandatory notification time frames
Coordination with and support of internal and external legal counsel, including ensuring that the attorney work-product privilege is maintained to the maximum possible extent
Coordination with criminal or civil investigation, including national security agencies
Ensuring maintenance of safe harbor protection throughout the investigation

Public Relations

Developing an effective and coordinated public relations response is critical to ensure customer retention, business credibility, investor confidence, and protecting the bottom line.

Public Relations services include:

Situation assessment
Message development
Communication strategy development and implementation
Outreach and response to employees, customers, business partners, investors, regulators, and media
Surveillance that scours traditional media, the web, chat rooms and bulletin boards for misinformation

Customer Retention Management

Data breaches can have a severe adverse effect on the relations between a business and its current and future customers. Our Customer Retention Management services are designed to minimize the inconvenience caused to your customers and include the following: