Invalid or Broken rss link.
 

Cyber Security Incident Response Team

Preparing organizations for responding to cyber threats

Current Challanges

In today’s hyper connected world, most institutions worldwide today are dealing with three different pressure points:

  • Increasing exposure to cyber threats, stringent regulatory environment, data security and privacy challenges
  • Integrating, managing and optimizing deployments of several complex technology elements is a significant  challenge
  • This problem gets compounded by availability of skilled security professionals makes the third element of the complex landscape,  forming a “Perfect Storm”

Sequretek works with its customers to create a Cyber Security Incident Response Team (CSIRT), akin to a SWAT team. The team would  define functions and deliverables both during ‘peacetime’ (regular operations) and ‘wartime’ (attack and incident scenarios) when need arises.  In ‘Peacetime’, the team works primarily on housekeeping activities, simulation and preparation for Wartime scenarios. Whilst in ‘Wartime’ the emphasis is to respond, remediate and root cause analysis. Sequretek has build a complete framework that helps its customers in getting prepared for this scenarios as an extended arm of their Security Operations team.

Why we need it?

Most organizations need professional help in responding to a cyber security incident in a fast, effective manner, be it for all of their cyber security response capability – or just specialized areas like incident management, incident response, intrusion analysis, malware reverse engineering or forensic investigations; and situational awareness.
Sequretek helps its customers by offering a capability, which is a combination of People (qualified consultants), Process (Incident Management) and Tools to handle cyber security incidents in a more effective and appropriate manner.
Creating a Cyber Security Incident Response Team (CSIRT), akin to a SWAT team defines functions and deliverables both during ‘peacetime’ (regular operations) and ‘wartime’ (attack and incident scenarios) when need arises.

Solution Components

This team will be placed within the overall governance and response structure as part of IT Security Risk and Operations departments. They will work closely with Info-sec Governance & Operations teams. Their reporting lines will be as per customer’s incident response structure.

  1. Internal team:
    Identified from customer’s existing Info-sec operations and governance team who would be the single point of contact working with Sequretek’s onsite CSIRT Team
  2. Expert team:
    6 security professionals (4 for covering 3 shifts and 2 in general shift) from Sequretek with expertise in Incident definition, Analysis, Forensics and security tools. This team will be placed within the bank premises in Goregaon.
  3. Tools:
    Specific security tools around Forensics, Simulation and Incident response, to be identified jointly with the customer.
  4. Incident response service from global players:
    This can be contracted for specific number of incidents.