In security, there's a gap between perception and reality. According to the Cisco 2015 Annual Security Report, 90 percent of companies are confident about their security policies, processes, and procedures -yet 54% have had to manage public scrutiny following a security breach. Not only are there direct costs to a security breach -there are also intangible expenses, including a negative impact to brand reputation, and the erosion of customer trust.
As John Chambers articulated recently at the World Economic Forum in Davos, "There are two types of companies: those who have been hacked, and those who don't yet know they have been hacked." 2015 is going to be another year where organizations around the world can expect to be under attack or will discover that they have been infiltrated.
There is a widening gap between resources and needs, as security practitioners lack both funding and manpower to adequately protect assets and infrastructure. Because of this, CISO's are increasingly looking to external experts for security guidance.
This is why we are unveiling our Security Incident Response Services. Our new Incident Response Service is designed to advise organizations on how to reduce time to detection, containment and remediation. Our experts identify the source of infection, where it entered the environment, and what data was compromised. By going to the source -patient zero -and identifying malware movement throughout the environment, organizations can minimize the cost and overall impact of any breach, as well as identify methods to reduce future risk. The service leverages threat intelligence from the Cisco Talos Security Intelligence and Research Group, Cisco security technologies including AMP Threat Grid and the expertise of the Cisco Security Solutions (CSS) team. The Incident Response Service supports businesses in two areas:
Every event is unique and our Security Incident Response methodology provides expedience and allows for flexibility to continuously adjust to the dynamic threat landscape. Whether it's an insider threat, distributed denial of service, advanced malware at the endpoints or customer data breach, the team guides an organization through identification, isolation and remediation using analysis and data mining, forensic image analysis, infected system dynamic instrumentation, malware reverse engineering and exploit analysis and re