The threat landscape is constantly evolving and cyber-attacks are increasing in scale and scope. It’s just a matter of time as far as when you’ll be faced with a breach event. Following a breach, a forensic investigation can help you understand what happened, plan remediation, and enhance your existing controls to further minimize the likelihood of a similar incident in the future.
The Cyber Forensics Readiness Program will prepare your Incident Responders and IT personnel to quickly and cost-effectively capture and maintain evidence in a forensically sound manner.
This on-site, hands-on technical training session will include pre-configuring systems for evidence collection, establishing procedures, evidence acquisition, evidence handling, working with law enforcement and forensic investigators, and reporting to the Incident Response Team. Each participant will receive open source tools and supporting documentation. Four (4) hours of Continuing Professional Education (CPE) Credits are awarded to each participant.
The Lunch and Learn session for the Incident Response Team is typically held the same day as the Evidence Handling Training Seminar. This non-technical session will include an introduction to forensic evidence including logs and volatile memory, an overview of evidence handling and the investigative process, and the role of external resources.
Twice a year, we schedule an exercise for your team that simulates a cyber-attack. Your team will collect, preserve, and transmit evidence to the Sage team within a predefined timeframe.
Program subscribers will be eligible for priority digital forensics services. Sage’s Network Forensics Service team is staffed by industry experts in incident response, digital forensics, electronic discovery, and training. Incident response fees are not included in the subscription.
There is no single, straight path that will get you to the point where you can say, “We did it! We’re 100% cyber-secure.”
A more realistic destination is cyber resiliency – the ability to prepare for and adapt to changing conditions, so you can withstand and recover rapidly from disruptions. Achieving cyber resilience depends on what we like to call the cybersecurity lifecycle – an ongoing cycle of interconnected elements that compliment and reinforce one another.