At some point, your business may have to deal with a cyber security incident. But when you are under pressure and your team is stressed, people make mistakes. Delaying too long in making critical response decisions may exacerbate the impact of the incident but, conversely, making knee-jerk decisions can cause further damage to the business or hinder a complete response.

There are many ways you may suspect that a security incident has happened, from detecting unusual activity through proactive monitoring of critical systems or during audits. However, indicators such as unusual CPU (central processing unit) and network usage on a server may have multiple potential causes, many of which are not information security incidents. So it is vital to investigate further before jumping to conclusions.

Once you have confirmed an incident has occurred, you need to take time out from initial response activities to prioritise your actions and decide, definitively, what the business objectives are for the response operation. Incident triage generally consists of classifying the incident in terms of impact and urgency and how it should be handled. The incident response team can then use the impact, urgency and priority evaluation to define the objectives for the incident response operation and assign actions or further investigation, as required.

The urgency of an incident should also be assessed along with the impact. Some incidents are unlikely to worsen over time, such as the discovery of a historical compromise by a former employee. But in other cases, such as a ransomware outbreak, it may be absolutely critical to respond rapidly to isolate the infection.

If you are worried about your Cyber Security then Absolute Networks can take some of the pressure off you. Our state of the art monitoring systems allow us to monitor your network for unusual traffic. Our Vulnerability testing services and Data Encryption means you can reduce the risk of hacking and data breaches.

Call one of our Network and Cyber Security Experts today on 01332 291992

You can read more here