CLA can help you review, update, or create a set of policies and procedures designed to effectively respond to security incidents.
What’s on your mind?
- Establishing and documenting a centralized process for management of security incidents
- Evaluating the tools and skill sets of the people responsible for incident response and forensic preparedness
- Gaining confidence that your existing policies and procedures are aligned with recommended practices
Experience our client-focused approach
Our information security incident team consists of former federal regulators, fraud and forensic assessors, and cybersecurity professionals. They have the technical knowledge to provide you with a detailed incident response plan that will help identify, manage, and resolve security incidents while maintaining the overall integrity of business operations.
Our diverse experience includes analysis of network intrusions, virus/malware infections, financial fraud, payment fraud, rogue internal employees, and theft of intellectual property. We also have training and experience in financial statement audits, forensic data recovery, cybersecurity vulnerability evaluations, and forensic technology.
We rely on your organization’s policies, procedures, and documented standards to define accepted standards of operation. In the absence of this we utilize generally accepted industry recommended practices and our own experience, including NIST Special Publications 800-61 and 800-86, and the Federal Financial Institutions Examination Council IT handbook.
Security incident and forensic preparedness services
- Assess and recommend enhancements to policies and standards related to:
- Organizational support and commitment
- Strategy and structure for incident response
- Defined incident handling and internal/external communication
- Up-to-date documentation to support response activities
- Evaluate staffing capabilities
- Roles and responsibilities
- Training and experience
- Review the systems and tools in place to assess and analyze incidents
- Architecture design
- System and application auditing, logging, and retention capabilities
- Automated and manual monitoring and alerting features
- Analysis, quarantine, remediation, and restoration capabilities
- Provide a roadmap for maturing your incident response capability
- Identify gaps in security posture with a ransomware preparedness assessment