Identification and Prevention activities

Assessment and action plan for Security Incident Response

An assessment is performed to prepare for the Security Incident response.

Based on the maturity model of the enterprise, strengths and weaknesses are identified as well as a complete understanding of client Technical architecture. A coordinates list for first contact persons is created.

A series of recommendations are provided to improve prevention tasks.

ISIFAST Experts assist the client in defining the requirements for a Cybersecurity Insurance. They also assist in discussing with insurance brokers the requirements and the extents of theinsurance policy in line with client management instructions.



Detection and response activities
Incident handling by the incident Service desk and the swift involvement of ISISFAST Expert.

Client is provided with a series of detection indicators necessary to launch incident response activities. Education sessions explain Indicators, threat classes and incident classes.

Detection of an incident initiates an Incident Service desk request within business hours (9:00 to 17:00).

The client single point of contact or his substitute is entitled to call the Incident Service desk. He/She then gets a direct channel communication with the Incident Handler expert.

ICTC processes require a fast reaction and the execution of a specific protocol agreed upon with the client.

Additional services involves that ISISFAST Experts use existing indicators to react on specific alerts (ex: wrong password, virus, …). Other optional services involve the installation by ISIFAST protection experts of specific devices/systems to detect and correlate security events.

The Incident Handler reacts according to ICTC procedures and in collaboration with the client contact.



Recovery services are conducted on client premises and systems by ISIFAST experts, Technical staff and/or regular suppliers.

ISISFAST Expert team is available until his involvement is not deemed necessary.

Incident registration, follow-up and reporting is performed for each reported incident.

Specific reporting is periodically sent to clients providing incident reports and recommendations aiming at improving their global security posture.

ISIFAST Experts assist the client in preparing an incident claim in relation to their Cybersecurity Insurance.