Challenge

Solution

Results

Comprehensive IRP in place, but untested.

Conducted an on-site tabletop exercise designed to put the client’s incident response plan through its paces. Consultants walked the client’s team through their first-ever incident response scenario and uncovered numerous gaps and pain points commonly associated with new and growing enterprises.

Organized strengths, weaknesses, and recommendations into a comprehensive report. Client used this to improve their enterprise cybersecurity defenses across people, process, and technology topic areas.

Siloed business units. Stakeholder organizations did not have established working relationships.

Identified stakeholders needed for IRP execution. Examined and discussed how the team would respond to the different phases of the scenario.

Exposed process gaps such as points of contact responsible for certain actions and which groups have jurisdiction and access to tools and records valuable to a post-compromise investigation. Collaborative discussions revealed responsibilities and dependencies that where described as “eye-opening.”