Experiencing a breach?
We can help: 1-833-650-1337
An Incident Response Program Assessment is an analysis of your organization's security event monitoring, threat intelligence and incident response capabilities.
Cybersecurity incidents are at the forefront of the minds of many executives, customers and boards. Organizations with strong incident response capabilities will limit their overall impact when an incident occurs - which is why evaluating and improving the maturity of an incident response program should be a regular practice.
ASEC’s Incident Response Program Assessment will evaluate the effectiveness of policies, controls, and procedures of an organization’s response program. Our lightweight and practical assessment can help organizations reduce blind spots, identify gaps, and provide tactical and strategic recommendations when responding to cyber events.
This will include an evaluation of the following:
Review documentation sets including policies, processes, procedures and technological standards
Review monitoring coverage, configured alerts, processes, use-cases and use-case-responses
Interview key stakeholders including senior management, management and technical resources
Will attempt to understand your monitoring landscape, SIEM and related detection and response technology
Review incident lifecycle management approach, processes and procedures
Review incident handling process, SOC team structure and skillset
Evaluate inter-departmental cooperation in incident handling
Review incident handling timelines against the defined processes