What is your opinion on setting up an "Incident Response Retainer" with an IR service provider?

1.5k views1 Upvote3 Comments

Sort by:

SVP, Director of Cyber Defense in Banking17 days ago

This is essential to have before a major incident occurs. You don't want to be engaged in a vendor management process or legal oversight process when in the middle of an incident. Additionally, the retainers are pretty flexible as the hours you pre-purchased can normally be turned into service hours before they expire....ie, assessments, table top exercises, red/blue teams, etc.

VP of IT in Manufacturinga month ago

It is always a good option to have for that difficult day. In a real incident situation, SOC is swamped and can be greatly helped by having IR specialists taking over. There are many service providers in the market and some are top of the league. Depending on the budget, you should choose.

1 Reply

no title22 days ago

thank you Gomeet

Content you might like

Is your company expecting to reduce IT/technology resources in the coming months due to recession concerns?

Yes51%

No42%

Uncertain5%

View Results

Are short term bans of the use of GenAI applications and tools (such as ChatGPT) a good idea for end users in most organizations? For context see this article on the State of Maine Government's directive before you vote: https://www.govtech.com/artificial-intelligence/chatgpt-generative-ai-gets-6-month-ban-in-maine-government

Yes - Maine did the right thing. There are too many security risks with free versions of these tools. Not enough copyright or privacy protections of data.23%

No, but.... - You must have good security and privacy policies in place for ChatGPT (and other GenAI apps). My organization has policies and meaningful ways to enforce those policies and procedures for staff.44%

No - Bans simply don't work. Even without policies, this action hurts innovation and sends the wrong message to staff and the world about our organization.24%

I'm not sure. This action by Maine makes me think. Let me get back to you in a few weeks (or months).8%

View Results

What is a "must have" meeting for you or your team? If you can please share why/what makes it so great - topic, frequency, etc. - I'm looking to brainstorm some fresh opportunities for my group.

Does anyone have any experience with Dune Security? I am in the process of doing an RFP for a vendor to provide phishing simulation and annual training content and their name came up, but I've not heard of them. My current vendor is KB4.

What is your opinion on setting up an "Incident Response Retainer" with an IR service provider?

Sort by:

Content you might like

Is your company expecting to reduce IT/technology resources in the coming months due to recession concerns?

What is a "must have" meeting for you or your team? If you can please share why/what makes it so great - topic, frequency, etc. - I'm looking to brainstorm some fresh opportunities for my group.

Does anyone have any experience with Dune Security? I am in the process of doing an RFP for a vendor to provide phishing simulation and annual training content and their name came up, but I've not heard of them. My current vendor is KB4.

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

How to develop top customer journeys using VoC data

Preparing For Shifting Data Privacy Laws: Data Leader Perspective

Hyperautomation: Are You Automating Your Business?

The CIO and CEO Relationship: CIO Perspective

Take Your Insights On-the-Go