Your ability to detect threats and respond to privacy and security incidents is critical to your business. DivIHN is experienced in helping you identify and manage relevant threats and vulnerabilities in your environment. Our capability extends to ensuring your organization can respond to relevant incidents such as the exposure of customer personal data or ransomware attacks. We understand that incident response must consider regulation requirements such as GDPR breach notification and, where applicable, build in the necessary steps to achieve compliance.
Privacy & Security Incident Management
Security incidents are unavoidable. DivIHN provides services to help you prepare and minimize the impact of privacy and security incidents in your environment. Our security incident response methodology is based on the OODA (Observe, Orient, Decide, and Act) Loop. The objective is to quickly identify threats, understand their potential impact, take the appropriate decision, and act to eliminate it. We work to understand your regulatory and customer contractual requirements and establish expectations for communication. DivIHN’s privacy and security incident management service includes:
- Establishment of the Computer Security Incident Response Team (CSIRT)
- Definition and implementation of the end-to-end security incident management process
- Documentation of external communications requirements
- Establishment of security investigation processes including forensics
- Validation of processes using table-top exercises
The deliverables of the service is a documented privacy and security incident management process aligned with the needs of your organization, educated CSIRT, and established partnerships to assist with targeted investigations. The outcome is reduced risk that comes with the ability to respond to incidents.