Risk Assessment & Health Check

Risk Assessment and Health Check

Our clients are often surprised by the results we present to them; we use ISO31000 as our structured framework, and controls from below as terms of reference.

  • ISO72001:2022
  • IEC62443
  • NIST
  • NERC
  • Information Security Manual (ISM)
  • Essential 8
  • PSFP
  • ASFCSF

DMA Risk Assessments and health checks help organisations identify the current state of their security posture, document their desired state, achieve board and executive ‘by in’ to plan where they want to go and how they are going to get their.

The journey can then be delivered in line with global and domestic standards and regulations to keep people, proces,s technology and operations safe secure compliant and available.

Incident response & incident response planning

Our clients are often surprised by the possibilities we present to them; by thinking outside the box we present exciting new ventures:

  • Do we the right people process and technology to deal with an incident?
  • Do we have a plan?
  • What types of incidents could effect us and do we have an IA plan (Immediate Action Plan)
  • Hone sharp leadership skills to manage the team, table top exercises for IR
  • Cut expenses without sacrificing quality
  • Automate responses

How do we do incident response well?

6 P’s = Prior Planning & Preparation Promotes Positive Performance

IR Done well requires business input, planning, technology and people to deliver on discovery and the IR or OMG Plan.  DMA help document what do prior to an incident, what to do upon discovery of an incident and who does what when and how from discovery to lessons learnt post fix.  This includes;

  • what the CEO is going to say to clients, suppliers, staff and stakeholders via the multiple communication mediums
  • what the technology team is going to do and how, depending on the type of incident
  • how do we get our data back, what is our RPO and RTO
  • what are our people process and technology in place for prevention and detection, and then management and resolution

Document why we need a plan, what is in scope to protect and respond to if required, by when, by who and what with.  The Army does very well at teaching IA’s (Immediate Actions).  Effective Incident Response is achieved by having effective immediate actions document, tested and practiced in order to deliver on business RPO and RTO requirements, regardless of scenario.

Incident Response starts with a board directive that the organisation should have the capacity to response to any type of incident incident if and when required.  The response should be measured, achieve defined outcomes, (usually RPO and RTO, damage control) tested and practiced.

Organisations should not underestimate the stress and pressure management and staff will endure when mid incident.  The long term damage of not planning how to deal with an incident will be measured not just in financial impact.  It is critical for holistic organisational intelligence and sustainability to undertake incident response planning extremely well.  Please call for more information and a 1 hour Incident Response planning workshop .

Incident Response Engagement Model

A strong IR plan requires going beyond intuition and experience, and supporting your plan with fact-based testing and learning. Response teams need to have confidence in your understanding of the environment, so don’t let yourself down by skimping on research & testing. What we do to help achieve confidence:

  • Monitoring of multiple sources – Logs from Application and Infrastructure stacks
  • Correlation Rules – Company and Industry Research
  • Threat Hunting – Malicious code, activity, ‘not normal’
  • Digital Forensics – who what where and how, (maybe why)
  • Security Posture Guide – Are we CMMI Level 3, perhaps close?
  • Lateral Movement Identification – what can we see and how?
  • How to prevent an attack – best forms of defence
  • Vital Assets  – what are we defending and how?

Response Time With & Without IR Plan

how can we help you?

Contact us via email: enquiries@dmaust.com.au or submit a business inquiry online.

The Team at DMA helped us implement and achieve 27001 compliance. The process was seamless and adds enormous value to our security posture.

placeholder
Ashley Neale
Director, SpeedCast Managed Services