Incident Response Readiness Planning Services

Partner with Tesserent to help ensure your Incident Response Plans and Playbooks accurately reflect threat environments and internal capabilities across New Zealand. We simulate realistic attack scenarios to gain proof of your resilience and how your teams react.

At some point, despite all the investments in your cybersecurity, you'll likely suffer a cyber incident. Your preparation will dictate the impact.

Readiness, and the ability of teams, senior management and boards, to act quickly when faced with a Cyber Incident is critical. An effective Incident Response (IR) capability means anticipating the right scenarios and having full coverage plans in place.

But existing Incident Response Plans are often not effectively operationalised, lack stakeholder awareness, and go untested. When this happens, during a real-life incident, plans may not be fit for purpose, resources may be unavailable, and response processes may be ineffective. The specific incident type may not be a part of your list of anticipated attack scenarios.

Incident Response Tabletop Exercises simulate realistic cyber-attack scenarios that require speedy, informed decision making, testing the readiness of teams and coverage of IR plans. Leverage tabletop exercises to identify process gaps and discover the true value of communication and management involvement.


Incident Response Planning Benefits and Outcomes

Tesserent's Incident Response Planning is designed to assist you to critically plan and prepare your response to a significant cyber intrusion, or other incident, affecting key information and Information Technology Systems.

  • Identify and remediate gaps in your incident response capabilities
  • Create new incident response plans based on best practices
  • Test cross-functional communication and coordination
  • Improve decision making skills
  • Raise awareness and preparedness
  • Evaluate technology, tools and processes
  • Learn from mistakes in a safe environment
  • Comply with regulatory and third-party requirements
  • Benchmark and measure progress

How we can assist:

IR Readiness Commencement and Review

Tesserent starts with a kick-off meeting and documentation reviews to understand your organisation, roles and responsibilities, objectives, regulatory environment, policies and procedures, communication protocols and technology landscape.

IR Plan Review and Playbook Development

Incident Response Plan Review

The IR Plan Review involves stakeholder discussions, documentation reviews, and compliance with an industry baseline such as NIST SP 800-61R2 – Computer Security Incident Handling.


Incident Response Plan Creation or Update

Based on the review and your requirements, we can create or update your Incident Response Plan in alignment with an industry baseline.

Playbook Development or Update

Where necessary, we collaborate with stakeholders to create or update Incident Response Playbooks. Each playbook serves as an actionable guide to address a specific cyber incident scenario, capturing the unique, appropriate steps and actions to respond and recover.

Typical scenarios include:

  • Account Compromise

  • Ransomware

  • Denial of Service

  • Data Breach

  • Malware

Scenario Preparation

With the agreed scenarios and related collateral, including wider business context, Tesserent works to create tabletop exercises drawing on industry best practices, real-world attack patterns and threats, and experience from prior engagements.

We typically tailor tabletop exercises for two streams: Executives and Technical teams. We can run the exercise individually or as a dual-group event. By running dual-group exercises, you gain consistency in assessing the readiness and awareness of incident response plans and procedures across stakeholder groups. Here, the scripts and focus are tailored to the expected roles and responsibilities of each specific group.

IR Tabletop Exercises

Our team facilitates an immersive, hands-on training and incident response testing (tabletop) experience for key stakeholders, IT teams, and decision-makers. This service allows organisations to evaluate their existing incident response strategies, identify gaps, and refine procedures for swift and effective responses.

We lead your team through the attack scenarios, with stakeholders role-playing to discuss and deliberate on responsibilities and strategy, while we observe responses, documenting what occurs, to identify key areas of improvement. Tesserent may include 'curve balls' for each unique environment; challenging assumptions to identify gaps or alternative attack vectors that could occur in real life. This helps create a thoughtful and productive exercise for the stakeholders.


Reporting and debriefing

Following the testing exercises, we deliver a report of findings, including Observations, Findings, and Recommendations. The report is designed specifically for stakeholder-participants but can also be utilised by management.


Tesserent conducts a debrief session, where stakeholders can ask additional questions to gain further benefit, discuss best-practice IR improvements, examine training requirements, and set test, training, and remediation timelines.

Video

Is getting hacked inevitable?

Michael McKinnon, CIO Tesserent explores the questions: Is getting hacked inevitable? How do you develop an effective response strategy? What common mistakes are made in the heat of the moment when responding to an incident? Where do you start in developing an incident response strategy?

Mckinnon
Q&A Video Series

Incident Response Planning and Recovery

Industry experts and practitioners including Mark Smink, CISO JLL and Georg Thomas, CISO Corrs Chambers Westgarth join our panel to discuss best practice Incident Response.

Click here to explore the full video series.

Incident Response Management

Related Articles

Client Story
Sun Metals partners with Tesserent to proactively bolster cybersecurity defences
Sun Metals partners with Tesserent to proactively bolster cybersecurity defences
Blog
Top 5 recommendations for the Victorian State Parliament to improve response against cyberattacks
Top 5 recommendations for the Victorian State Parliament to improve response against cyberattacks
Blog
Critical Infrastructure and Cyber Physical Systems: Importance of Being Prepared
Critical Infrastructure and Cyber Physical Systems: Importance of Being Prepared
Contact us

Speak with a Tesserent
Security Specialist

Tesserent is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.

Let's Talk
Tess head 4 min