INCIDENT RESPONSE
MONITORING. MITIGATION. RESTORATION.
An incident response capability is a strict requirement for both federal agencies and federal contractors for rapidly detecting incidents, minimizing loss and destruction, mitigating the weaknesses that could be exploited, and restoring IT services.
Because performing incident response effectively is a complex undertaking, establishing a successful incident response capability requires substantial planning and resources. Continually monitoring for attacks is essential. Establishing clear procedures for prioritizing the handling of incidents is critical, as is implementing effective methods of collecting, analyzing, and reporting data.
Let Metis Defense Develop your Incident Response Plan
Metis Defense is a trusted advisor to federal contractors all throughout North America when it comes to developing well-written, highly usable incident response plans. When developing such plans, we utilize Special Publication 800-61 Computer Security Incident Handling Guide, along with numerous other NIST publications for building the very best plan for your organization.
Incidents will happen, that’s for sure, yet your ability to respond is what’s critical with growing cybersecurity threats. Organizations must create, provision, and operate a formal incident response capability. Federal law requires Federal agencies to report incidents to the United States Computer Emergency Readiness Team (US-CERT) office within the Department of Homeland Security (DHS). The Federal Information Security Management Act (FISMA) requires Federal agencies to establish incident response capabilities. Each Federal civilian agency must designate a primary and secondary point of contact (POC) with US-CERT and report all incidents consistent with the agency’s incident response policy. Each agency is responsible for determining how to fulfill these requirements.
Establishing an incident response capability should include the following actions:
01
Creating an incident response policy and plan.
02
Developing procedures for performing incident handling and reporting.
03
Setting guidelines for communicating with outside parties regarding incidents.
04
Selecting a team structure and staffing model.
05
Establishing relationships and lines of communication between the incident response team and other groups, both internal (e.g., legal department) & external (e.g., law enforcement agencies).
06
Determining what services the incident response team should provide.
07
Staffing and training the incident response team.
TRUSTED
Trusted Advisors to both Federal Agencies and Federal Contractors
RESPECTED
Well-known and Respected Throughout the Federal Agency Apparatus
UNIQUE
A Unique Combination of Knowledge, Expertise, and Capable Manpower
