Crossword’s Cyber Incident Response service brings together a collection of capabilities aimed at identifying, investigating and responding to security incidents in a way that minimises impact and supports rapid recovery.
Incident response tailored to your needs
The impact of every cyber incident is different for every organisation. As part of our incident response engagement with you, we will provide you with a recommended set of incident response services from our service portfolio tailored to the specific recovery needs of your organisation.
We understand that cyber incidents unfold quickly and unexpectedly, and time is of the essence to react and respond. We can respond within 24 hours with an incident response service inclusive of all relevant tasks related to the incident.
Crossword’s Security Incident Response Framework outlines the aims, standards, procedures and strategy for the handling of security incidents, as provided by Crossword’s Incident Response, Digital Forensics, and Incident Management services. Customers are able to operate within the structure and governance of this framework by integrating into existing security policies and procedures, or as a fully encapsulated incident response procedure.
Demonstrate to customers, stakeholders and partners that you have taken the breach seriously and responded appropriately with security professionals.
Identify the extent of any data which may have been leaked as part of the incident with dark web and domain impersonation scams.
Determine the scale of the attack and the root cause, with recommended actions to contain and mitigate the current attack, as well as the likelihood of recurrence.
Monitor your digital estate to identify any continuing malicious activity or footholds, and protect against further attacks, which can typically occur within 4-6 weeks.
Understand the progress, findings and recommendations throughout the incident response, without needing to wait for a final report.
Alignment with NIST Incident Handling Guidelines
This incident response framework operates in alignment with NIST’s Computer Security Incident Handling Guide (SP-800-61) and adopts many of the information security standards and guidelines to ensure that incidents are handled efficiently and effectively, particularly for analysing incident-related data and determining the appropriate response to each incident.