Breach Response Planning

Unfortunately for so many businesses it’s not a matter of if, it’s a matter of when will their business be hacked.  

Let us help you plan for the unexpected.

While many businesses have taken the necessary precautions to avoid a data breach… last year’s record is up over 4.1 billion records breached, the largest breach-year on record. And, while mega-breaches grab headlines, a data breach within your organization could prove devastating.  

According to a study by IBM, 77% of business leaders admit that they don’t have a formal cybersecurity incident response plan that is applied consistently across their organization.  Where are you? 

 

Breach Response Planning Experts

Breach Response Planning

Today is the day.  It wasn’t yesterday, and it’s not tomorrow.  As cybersecurity experts, we are encouraging businesses to take time to prepare for the unexpected through our Breach Response Planning.  And, when prepared sometimes a breach can be an inflection point with your company coming back stronger.

Prevention is a major aspect of pre-planning for a breach.  We will identify weak points in your company’s security measures and look at potential ways your customers’ and employees’ data could be compromised. We will take steps to ensure these area are buttoned up and secure. 

Pre-Breach Planning

Includes, but not limited to:
  1. Security risk gap analysis
  2. Security risk assessment
  3. Live pre-breach security consulting and services
  4. Dark web breach monitoring
  5. Information governance self-assessment questionnaire
  6. Template Information Governance policy
  7. Data breach incident response checklist
  8. Security awareness training (online)
  9. Managed security services
  10.  Critical infrastructure protection

In addition to pre-breach planning/consulting service and tools, Black Bottle Security will be there to help you quickly respond to any data breach event while helping your organization remain compliant with all state and federal laws.

 

Post-Breach Response

Includes, but not limited to:

  1. Identification – we will identify if the breach was legally protected information or material loss of the company.  Different industries will have different reporting requirements.  See Industry Compliances.
  2. Containment & Eradication – Assisting your recovery team, we will secure all data, change the encryption keys and passwords, and clear malicious code from your system.
  3. Investigation – Once contained, we will look at the cause and document so that we can support your team through the investigation process.  You will consult with your executive leadership teams and legal counsel.
  4. Recovery – You will be able to notify customers on how to protect themselves and we will add an additional layer of monitoring through our Security Operations Center.  

Cybersecurity Awareness Training

  1. We will help you prepare for Company-wide awareness drills and you should plan to hold these annually.
  2. We offer Cybersecurity Employee Awareness Training which also simulates phishing scams.

Your employees’ abilities are put to the test when you send them simulated phishing attacks and monitoring their reactions. Pop-up questions overlaying the video ensure employee participation and automated phishing simulation puts your employees’ actions to the test! 

Did you know that 90% of cyber attacks happen because of human error?