If it’s a Security Emergency, it’s a whole of business emergency!
Understanding the criticality of preparedness, we draw parallels between Incident Response and standard emergency OH&S procedures, enhancing them with simulated 'fire drills'.
Our approach, encapsulated in the Crawl, Walk, Run methodology, ensures that during the initial phase, we align your Incident Response strategies with your team's capabilities and legal obligations.
That is how Secure Measure allows you to Focus Without Fear!
Preparedness Empowers Confidence
Secure Measure emphasises the importance of a robust Incident Response process, acknowledging that every environment is potentially hostile, and a major security incident is a question of when, not if.
This preparation allows you to confidently focus on your operations without fear, even in the face of potential security breaches.
Why This Service Exists
The move to the cloud has created a new “Cloud” Responsibility Model where you are more and more dependent on SaaS providers. Are your major Service, Cloud, Platform provider part of your Incident Response Plans? Why not?
| Responsibility | On-Prem | IaaS | PaaS | SaaS |
|---|---|---|---|---|
| Data classification & accountability risks | ● | ● | ○ | - - |
| Client & endpoint risks | ● | ● | ● | - - |
| Identify & access risks | ● | ● | ○ | - - |
| Application risks | ● | ○ | - | - |
| Network risks | ● | ● | ● | - - |
| Host risks | ● | ○ | - | - |
| Infrastructure risks | ● | ● | ○ | - - |
●Cloud Customer is responsible
○Cloud Provider is responsible
-Requires Internal Trust
--Requires External Trust
Cloud equals Shared Responsibility
Cloud security is a joint effort between customers, cloud service providers (CSPs), and sometimes third parties. While customers manage their data, CSPs secure the underlying infrastructure. Incident responses require collaboration across all involved entities, with responsibilities varying by service model—like IaaS, where customers handle the operating system and its incident response.
CIR Framework
By defining the end state to model the CIR Framework we are ensuring current Cloud Incident Response Procedural Best Practice.
Figure 2: CIR Framework
-
It is a 8-15 week engagement with annual follow ups including a new process procedure review with Annual Simulation testing. A typical engagement may look like the following:
A half day workshop (on site available) - a kick off session providing an overview of CIR, methods, definition of terms
A Half Day Discovery Session (on site available) - A deeper dive into specific subject areas of the business what is the current state of your documentation across your business because if it’s a Security Emergency, it’s a whole of business emergency
Weekly cadence of sessions to define the gaps in your current process with our goal state; and closing those gaps.
Deliverable: A fully updated and compliant ISMS Incident Response Procedure and Process documentation
A schedule to hold yearly simulations of this Incident Response Plan.
-
Incidents can and do happen all the time, day or night. Hackers do not take holidays, they are not going to wait until you’ve recovered from the flu or get back from a well deserved vacation. At Secure Measure we like to use the work place analogy of having a Fire Warden and running Fire Drills.
You never know when disaster will strike
A Severity 1 or Severity 2 Major Security Incident is by all definitions an emergency at Secure Measure we help you treat it as an emergency.
When a Security Emergency does happen we enable you to empower the skills, experience and available staff to get the job done: safely, securely and in legal compliance!
Secure Measure enables this in these ways:
Easy to follow Engineer focused Remediation/Escalation/Communication documentation
Easy to follow Business focused Remediation/Escalation/Communication documentation
Simulations scheduled on at least an annual basis that involve named roles organizational wide:
CEO
COO
Legal
PR
IT Staff; Developers, Operations, etc
-
Fixed price on the defined deliverable $75,000, annual simulation testing capped at an additional 2 days per year.