The M2000/IS Loss Mitigation Program is a reactive response to a computer related incident. When an incident occurs, loss can be measured as real-time loss, as potential ongoing loss and/or as future loss. All too often the incident is investigated exclusively as a real-time event and is not sufficiently or professionally investigated further for additional loss possibilities. Do not place this burden on your IT staff. Perpetrators are known to create diversions while they go after their real target in the company. If your IT staff is focused on the real-time incident, the rest of the company and its systems are highly susceptible.
Why Professional Third Party Incident Response?
Many companies and their IT staff are not aware of the incident and evidence handling procedures that are so critical in the first hours following an incident. Typically, IT employees are not sufficiently skilled and/or practiced to properly accomplish the following:
Implement a forensic investigation (suitable to courts of judicature)
Stop the loss without endangering investigative and potential prosecutorial activities
Protect evidence from deletion, alteration or removal by the perpetrator
Coordinate activities with local and/or federal law enforcement, legal counsel, corporate and IT executives, and Directors of Risk Management
Provide expert witness testimony
Perform a targeted incident analysis for incident related vulnerabilities or back doors.
Perform a reactive vulnerability and threat analysis.
Implement security solutions for identified vulnerabilities (hardware, applications, human interface / emergency policies and procedures implementation, etc.)