...

Incident Response Dry-run

To cope with the proliferation of cyber threats against SMEs and limit financial and reputational damage, NFIR offers an Incident Response Dry-run that provides organizations with practical preparation for real incidents.
NFIR beeldmerk kleur
NFIR beeldmerk kleur

Incident Response Dry-run

To cope with the proliferation of cyber threats against SMEs and limit financial and reputational damage, NFIR offers an Incident Response Dry-run that provides organizations with practical preparation for real incidents.

Cyber threats are increasing dramatically and we are seeing the devastating effects daily. One of the biggest threats to organizations is the digital threat and its effects. The financial losses can be immense. Paired with these high numbers is often the idea that cyber attacks are limited to large companies. Unfortunately, practice shows that more and more SMBs are also targets of a cyber attack. In 2020, 43% of cybersecurity incidents targeted SMBs.

Awareness Program

Prevent financial and reputational damage

In the absence of proper preparation, the impact of an incident can be seriously magnified. It slows down the identification of the incident and this delay is associated with higher costs. In addition to the direct financial damage, many companies also suffer significant indirect damage. Consider the reputational damage incurred. To minimize both types of damage, your organization can prepare with our Incident Response Dry-run. A dry-run that prepares your organization for the insurmountable: a cybersecurity incident.

How does a dry-run test your Incident Response Plan?

With its Dry-run, NFIR offers you the option of approximating the impact of an incident as much as possible without harming you. An effective way to gauge the extent to which your Incident Response Plan is complete and effective. During the dry-run exercise, your organization’s crisis team is confronted with a successful ransomware attack and the reality is replicated as closely as possible. Thus, new insights that we encounter in daily practice will always arise during the incident. An example of a new insight is the appearance of a media article about the incident at your organization. During the dry-run, we test how you react to this fact. These insights make “just as they do in a real incident” the course of the investigation ever so slightly more complex. The crisis team which consists of a director, IT manager, a person responsible for information security and a person responsible for crisis communication is challenged to act in an adequate manner with the resources they have at the time.

What is the purpose of the dry-run?

Dry-run simulates a cybersecurity crisis situation to let organizations know what it’s like during a cybersecurity Incident. A simulation that will make participants forget they are part of a dry-run. In this way, the true impact of a major incident is made palpable and tangible. An unthinkable scenario comes true during the Dry-run. This dry-run will contribute to understanding and awareness and get organizations thinking. Key findings from this exercise will lead to action items needed to reduce the impact in the event of a potential incident.

Do you also want to be prepared for a cybersecurity incident?

Good preparation is half the battle. An Incident Response Dry-run steams your organization for the inevitable: a cybersecurity incident.

Also check out our other security awareness services

Frequently asked questions

During an Incident Response Dry-run, a cybersecurity incident is simulated. This simulation includes all phases of an incident and involves all parties necessary for the resolution of an incident. In this way, the dry-run approaches reality and your organization can make the necessary preparations, should an incident occur.

That's super helpful! Making organizational and technical preparations is essential to be able to act more quickly in the event of a cybersecurity incident and to make the situation a little less stressful. By doing the incident response crisis simulation, your organization will experience what the different crisis team members have to deal with. We take a very realistic approach to the practice and help your organization gain insight into areas for improvement.

A Project Lead and Technical lead from NFIR's Computer Emergency Response Team will let you experience different phases of an IT Security incident through various "injects". The decisions made and the responses given can lead to action items for the organization, in order to act better and faster in case of a real incident. These recommendations will be recorded and handed over as a handout to your crisis team at the conclusion of the exercise.

An Incident Response Plan is a structured representation of the steps an organization takes when an IT security incident occurs. The dry-run is the practical translation of this plan and thus demonstrates whether the plan is complete. Both aim to reduce the impact of an incident (and therefore recovery time and costs).

SECURITY INCIDENT BIJ UW ORGANISATIE?

De volgende 30 minuten zijn van cruciaal belang​!

De eerste 30 minuten na een cyber security incident zijn cruciaal, omdat een snelle en adequate reactie de schade kan beperken. Daarnaast kan verdere verspreiding van de aanval worden voorkomen en kan essentieel bewijsmateriaal veiliggesteld worden voor nader onderzoek.

Ons Computer Emergency Response Team (CERT) staat 24/7 klaar om bedrijven en organisaties te ondersteunen bij IT-beveiligingsincidenten.

Heeft uw bedrijf professionele hulp nodig bij een beveiligingsincident? 

* LET OP: Wij werken uitsluiten voor bedrijven en organisaties.

SECURITY INCIDENT AT YOUR ORGANIZATION?

The next 30 minutes are crucial!

The first 30 minutes after a cyber security incident are crucial because a quick and adequate response can limit the damage.
In addition, further spread of the attack can be prevented and essential evidence can be secured for further investigation.

Our Computer Emergency Response Team (CERT) is available 24/7 to support businesses and organizations during IT security incidents.

Does your company need professional help with a security incident?

* NOTE: We work exclusively for companies and organizations.