Ellis Network Associates assists client's respond to a wide variety of cyber security incidents.
I've handled a wide variety of incidents including mass malware outbreaks (and other opportunistic attacks), targetted hacking, email scams and fraudulent payments, internal disciplinary matters, disputes over the cause of an incident, lost and/or stolen ICT equipment.
Some very large incidents have been very large (over 7,000 impacted devices) and disruptive, other incidents have been potential privacy breaches; however, incident response doesn't end with the incident closed - post incident recommendations to assist organisations prevent re-occurances or reduce the impact of a future incident are also part of the services that I provide.
The response methodology used, is based on the United States, National Institute of Standards and Technology's special publication on this topic, ensuring that the processes used are backed by the industry leading practices.
Being prepared is a key part of handling incidents well and ensuring that public support is maintained. Poor preparation can require the use of expensive forenic specialists to understand the impact of an incident and poor communication can lead to loss of customer trust ultimately resulting in loss of business.
When handling large or high impact incidents, the incident response team will need support from a number of internal specialists; depending on the size of the organisation, specialist external providers may be needed to assist.
Many Cyber Security Incidents occur in a matter of minutes making it difficult for teams to "learn on the fly". Training and preparing both business and technical response teams assists in the efficient and effective handling of incidents, reducing the business impact and assisting in recovery. Training exercises can also be used to test if business processes are resilient to these attacks.
These specialists, including Exective Management, support the technical team handling the incident to ensure that the impact to the business is understood and appropriate business continuity processses are activated, provide clear communications to the public that are aligned to corporate values, provide legal advice and review communications to regulators and the public, ensure that personnel are supported, and adjust any physical security protocols.
This website collects, processes and logs your ip address, document requested (url), browser used (user-agent), and other information sent by your browser for security
and operational verification purposes.