As a result, internal incident response teams and incident response service providers can achieve unprecedented levels of effectiveness, accuracy, consistency and compliance, while substantially reducing expense and risk.
Co3 Security Incident Management encompasses all phases of incident response, from planning and "fire drill" testing, through codifying best practices into a repeatable response system and subsequent analysis and reporting tools.
Benefits of the module include:
Organizational readiness allows organizations to account for and enroll all response team stakeholders, validate and encode response policies and procedures and categorize and profile critical networks and systems.
Event identification and assessment enables immediate alerting of/engagement with all team members, evaluation of incident precursors and indicators, automatic prioritization and assignment of activities, tracking of events/ maintaining logbooks, logging of evidence and generation of assessment summaries.
Incident containment, eradication and recovery provides real-time IR plan generation, complete team response coordination, containment strategy selection, cause isolation and evidence gathering and handling instruction.
Post-incident capture establishes a central resource for incident results documentation, lessons learned assessment, policy/procedure updates, reporting to authorities, evidentiary retention and historical performance tracking.
"The common refrain in the security industry is that there are two kinds of customers, those who have been hacked and those who don't yet know they have been," said John Bruce, CEO at Co3 Systems. "The reality is that every organization at some level is living in a state of compromise, or at least significant exposure. Itís well accepted that the question is no longer when companies will suffer an incident, but rather what are they going to do on the day they discover it. While preventative and detective technologies are absolutely critical in reducing exposure, what Co3 has done with our Privacy and Security modules is give companies the ability to not only recover faster, but also develop the organizational competency to attend to them better over time."