Softthink Solutions offers the following services that help organizations prepare and maintain effective incident response (IR) programs against internal and external threats.
» Program Gap Analysis
» Program Design
» Tabletop Incident Response Exercise
Softthink Solutions program gap analysis services help organizations who already have incident response programs in place, but would like a review against industry best practices to determine and fix any gaps in their IR program. A series of in-depth interviews helps organizations uncover gaps, whether technological or procedural in nature, including a team’s ability to execute and the procedures teams would follow in order to mitigate a breach.
Many organizations have a strategic security program in place but struggle with planning, implementing and maintaining a timely and effective incident response program. We have helped clients around the globe build highly efficient and effective incident response programs.
Combining best practices from ISO standards to frame the process, we assess your current operations to determine if there are processes or technologies that can be used to support the IR program and share best practices regarding internal resources, third-party providers and technologies for program optimization. The result is a tailored program design capable of supporting centralized or decentralized global operations with timely notifications, helping you effectively address risk and provide metrics that drive behavior change throughout the organization.
Being prepared to respond to an incident involves unified communication, planning, capability development, training, evaluation and improvement. Interactive tabletop exercises help establish baselines and uncover recommendations to enable organizations to validate existing plans, policies and procedures as they pertain to cyberattacks.
Our tabletop exercises help organizations understand and gauge preparedness for cyberattacks and optimize IR plans in a relaxed, low-stress environment. They elicit constructive discussions as participants examine and resolve problems based on existing operational plans, identifying where those plans need to be refined. Based on pre-engagement meetings, we develop scripted scenarios that meet your objectives. Scenarios could include, but are not limited to, denial of service, data breaches, unplanned outages and ransomware.
Sensitive data in a majority of organizations no longer resides in a regimented, controlled environment. The flow of sensitive information tends to be organic, traversing multiple third parties and systems. Management needs to be assured that policies, procedures and controls are enforced which meet requirements from both customers and regulatory bodies.
Softthink Solutions maintains a dedicated team of governance, risk and compliance consultants with intimate experience of the UK Data Protection Act, European Union Global Data Privacy Regulation (GDPR) and PCI DSS. Previous clients include multinational financial organizations, government institutions, leading telecoms and global retail corporations. Armed with our prior experience, our consultants are best placed to provide you with the assurance that your information is appropriately managed at all points in the lifecycle.
Softthink Solutions is a member of the British Standard Institution’s (BSI) Associate Consultant Program for ISO certification.
Please contact us directly for other GRC services