Incident management

Incident

We are talking about an incident, in information security, as soon as availability, integrity or confidentiality has been compromised. Availability is about being able to access data at the right time by the people who need it to do their job. Integrity is about ensuring that data is not changed or deleted without the knowledge of people with the ability to manage it. Finally, the purpose of confidentiality is to limit access to data only to people who have the ability to view, modify and delete it.

Vérification

As soon as an incident, in information security, is confirmed, then we must find the cause (s) of it, and if applicable, the evidence when charges need to be laid against an individual. In the case where a computer proof must be presented to the court, it is called an inquiry that consists of collecting, analyzing and presenting this evidence.

Organizing against the enemy

Cybercrime is booming and nobody escapes it. From the simple "hacker" in the past, who wanted to understand how a computer system works or get into it to show off their skills, we are now in the air of cybercrime et hacktivism. The case of Sony Play Station Network hacking reminds us to be well prepared when a security incident occurs. It is not enough to correct the problem, but we must learn and improve our interventions in this area.

Our approach

To properly prepare for a future incident, the processes necessary for the preparation, detection, analysis, containment, eradication, recovery and recovery of an incident must be in place. Our approach is based on the NIST SP 800-61 standard, and CFSSI adapts it to your business.

Expertise at your service

CFSSI can assist you in one of the steps of managing an incident. She has the experience to advise you in this area.