Security Incident is an adverse event that compromises the security of system, network, data, confidential information, places of business, and/or physical assets.
A definition provided by CERT.org on the topic of -
What is a Computer Security Incident Response Team (CSIRT)?
A CSIRT is a service organization that is responsible for receiving, reviewing, and responding to computer security incident reports and activity. Their services are usually performed for a defined constituency that could be a parent entity such as a corporation, governmental, or educational organization; a region or country; a research network; or a paid client.
A CSIRT can be a formalized team or an ad-hoc team. A formalized team performs incident response work as its major job function. An ad-hoc team is called together during an ongoing computer security incident or to respond to an incident when the need arises.
RSS Inc. solution requires minimal or no capital expenditure. Call us for details.
Intrusions or malicious acts can occur even with the best-of-breed information security infrastructure in place. When computer security incidents occur, it is critical for an organization to have an immediate response that will limit the damage and thus lower the cost of recovery.
RSS Inc. provides an outsourced Computer Security Incident Response Team (CSIRT) service for clients who do not have internal resources or expertise. The service is responsible for receiving, reviewing, and responding to clients’ security incident events. Our team has extensive expertise in incident response acquired throughout years and various assignments. Orange team helps clients to contain and recover from information security breaches. From the ’lessons learnt’ we make recommendations to help our clients protect and secure the critical assets in the future.
Orange team will work in tandem with client assigned team in order to facilitate the sharing of response strategies.
This service conforms to key components of many compliance regulations such as PCI-DSS, Sarbanes-Oxley (SOX), Canadian Securities Administrators' (CSA) MI 52-109 and ISO27002. Our CSIRT Service offers a high-value expert analysis provided by information security specialists.
The immediate benefit for client organization is management of ongoing security incident and pertinent risks by minimizing the disruptions of business activities. The quick response will bring swift resolution of an incident and will reduce the remediation costs associated with the information security incident.
CSIRT plays an integral and crucial part of corporate Security Risk Management. From “lessons learnt”, client organization will improve its internal knowledge base that will be used to prevent the future incidents.
The RSS Inc. team will provide mid and long-term preventative steps in order to mitigate future incidents. The information contained within these reports will be analyzed and mitigation steps will be proposed to the client. The mitigation steps presented will address the immediate concern of the ongoing suspicious activities.
Proactively, our team can work with other areas of the organization to ensure new systems are developed and deployed with "security in mind" and in conformance with any site' security policies. A pragmatic relationship with other areas of client organization can facilitate the sharing of response strategies and early alerts to potential problems along with providing security awareness training to the constituency.
CSIRT service provides professional assistance in responding to a security incident. The solution encompasses the following deliverables:
Professional assistance in assembling of a client response team
Interpretation and Analysis of an event notification
Research and Investigation
Security Alert Response Service
Exercising client escalation path
Postmortem review of the incident
Resolution, post-incident follow-up
Actionable and Pragmatic Recommendations