Network Trace
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

06) Does your organisation have a cyber incident response and forensic capability (either internally or via a third party or cyber insurance policy)?

January 30, 2023
Business Resilience
Incident Response Team

Answer yes if your organisation has a cyber incident response capability that it can call upon in the event of an incident. This can be an in-house capability or provided by a third party or cyber insurance provider.

A severe security incident may require a specialist incident response capability. This capability will allow your company to effectively respond to any technical , PR, evidential and governance requirements and challenges experienced during the incident.

If your company has a cyber insurance policy, often an incident response service is bundled in with the policy. It is important to include any details required to contact the incident response capability within your incident response plan. If you don't have cyber insurance, or an incident response capability is not included with your policy, you may want to engage a third party to provide an incident response capability on retainer.

A specialist incident response capability should also include a forensic capability which will allow any evidence to be collected in a manner that allows it to be legally used during litigation (for example, by adhering to any evidential chain of custody requirements). If evidence or an investigation is improperly handled this may impact your companies success in any corresponding court cases.

How to implement the control

A number of companies will provide a cyber incident response capability on retainer. Ensure that the capability meets your requirements and that the team are provided with any information (such as an up to date network diagram) required for them to deploy and begin responding to an event immediately.

An incident response and forensic capability is sometimes included as a value add service alongside a cyber insurance policy.

If you would like to contribute to this article or provide feedback, please email Contributors will be recognised on our contributors page.

Pattern Trapezoid Mesh

Defend against supply chain attacks with Defend-As-One.

No organisation is an island.