Incident Response & Detection


Structured, time sensitive approach to incident detection & response

We assist organisations to prepare and respond to major security incidents 

Major CyberSecurity incidents have risen by 110% in New Zealand over the past 2 years with both public and private organisations targeted in similar percentages. This does not include incidents that are unreported or incidents targeting lesser significant organisations to the NZ economy or national security. SecOps has a three stage approach to Incident Detection and Response. Firstly we assist customers to develop and improve their security posture through assessments and development of an overarching strategy with a programme of works. Secondly, we assist customers to be prepared with their own internal policies, as this readiness significantly supports any third party engaged to assist with handling escalated incidents. Thirdly, we support customers with Detection and Containment activities. Depending on the nature and criticality of the incident, we will engage additional agreed third parties including private specialist organisations and also Government bodies such as CERTNZ and/or NCSC.     


final icons-07.png

Services provided by our experts and key response partners

- Initial leads investigation through tools and hands-on forensics delivered by subject matter specialists.

- Crisis Management consulting

- Incident containment services

- Forensic analysis across targeted assets or accounts.

- Impact assessment and root cause analysis

- Remediation plan and mitigation strategy

diagram 6-01.png

Principles of Incident Management

Form a Cyber Incident Management function in your organisation, detailing its scope, stakeholder group and extent to its role in the event of an Incident.

Establish a budget, securing Executive leadership, and merge the plan into your organisations pre-existing Business Continuity Plans

Determine roles and responsibilities in the Incident Management function and Incident Response Plan, including third parties

Identify Critical Assets and appropriate Asset Recovery processes in the event of an incident impacting these.

Schedule testing of Incident Response Plan, ensuring this is adhered to.