No Security Framework = security gaps

    So many businesses think they know how to respond to threats until it happens. If you do not have playbooks with the necessary details for identifying, containing, and eradicating a threat, I'm sorry, you are sadly behind the 8 ball. 

    Let RedempSec formalize a plan for you on how to respond to incidents. The first step we focus on is creating a plan. 

    In the technical world, things are evolving such as software and hardware. Automation and artificial intelligence is on the rise. This does not mean we can relax, what this means is we must adapt and ensure all of our playbooks are evolving with technology.

    It's always important to have a team that is constantly researching adversarial techniques and tactics to ensure your IR team is ready. 

    You ask what constitutes an “incident”? As part of your response plan, you need to define, categorize and associate a risk rating to an event, or a series of events. These definitions affect how your team responds. Knowing the severity and type of incident being handled is key. 

     Once you’ve defined what you’re dealing with, you can determine the appropriate response.  These steps should be in your incident response plan so there are guidelines on how to appropriately escalate incidents, and when to engage the incident response team. 

    Testing your plan is extremely important. For example, tabletop exercises where teams are involved in scenarios on how to deal with Ransomware are essential. 

     If responsible teams know "who is doing what" during such a catastrophic event, this expedites success and decreases further damage to the organization. Test your plan!