Incident Response & Detection
Structured, time sensitive approach to incident detection & response
We assist organisations to prepare and respond to major security incidents
Major CyberSecurity incidents have risen by 110% in New Zealand over the past 2 years with both public and private organisations targeted in similar percentages. This does not include incidents that are unreported or incidents targeting lesser significant organisations to the NZ economy or national security. SecOps has a three stage approach to Incident Detection and Response. Firstly we assist customers to develop and improve their security posture through assessments and development of an overarching strategy with a programme of works. Secondly, we assist customers to be prepared with their own internal policies, as this readiness significantly supports any third party engaged to assist with handling escalated incidents. Thirdly, we support customers with Detection and Containment activities. Depending on the nature and criticality of the incident, we will engage additional agreed third parties including private specialist organisations and also Government bodies such as CERTNZ and/or NCSC.
Services provided by our experts and key response partners
- Initial leads investigation through tools and hands-on forensics delivered by subject matter specialists.
- Crisis Management consulting
- Incident containment services
- Forensic analysis across targeted assets or accounts.
- Impact assessment and root cause analysis
- Remediation plan and mitigation strategy
Principles of Incident Management
Form a Cyber Incident Management function in your organisation, detailing its scope, stakeholder group and extent to its role in the event of an Incident.
Establish a budget, securing Executive leadership, and merge the plan into your organisations pre-existing Business Continuity Plans
Determine roles and responsibilities in the Incident Management function and Incident Response Plan, including third parties
Identify Critical Assets and appropriate Asset Recovery processes in the event of an incident impacting these.
Schedule testing of Incident Response Plan, ensuring this is adhered to.