Many types of software tools and services exist to help organizations manage their incident response process. These range from workflows offered by compliance platforms to an emerging class of purpose-built software that focuses on incident response. And each type of tool provides a unique contribution to the overall incident response process.
Take, for example, Governance, Risk, and Compliance Platforms (GRCs). In a 2016 comparison of GRCs by Renee Murphy and partners at Forrester Research, four capabilities of the platform were identified as particular to managing risk: content management to collect data; workflow management to facilitate communication and data collection; reporting to manage status and support decisions made; and relational data to connect policies, regulations, businesses, and data.
These functions are important components of compliance, but any CISO will tell you that a fully developed compliance program requires more. In fact, in a 2013 white paper from Enterprise Strategy Group, 78 percent of enterprises surveyed planned to implement advanced integrated risk management platforms.
In that same study from Forrester Research, limitations of the GRC in managing specific compliance and risk processes were also noted:
“Vendors need to offer customers guidance just as much as they offer software. Risk management and compliance strategies vary by industry. An investment bank does not need the same kind of risk guidance as a utility. However, they often find themselves with the same GRC platform with no real idea of how to leverage it for their unique needs. An implementation without proper insight, understanding, or support gets a reputation as nothing more than a glorified spreadsheet, causing customers to abandon one platform for another or abandon the idea of centralized risk management altogether.”
With the complexity of compliance, a fully developed plan includes purpose-built solutions that complement each other and align with each step of the process.
Advanced Incident Management and Response: An Ecosystem of Solutions
Today’s advanced security and privacy solutions exist in an ecosystem of sophisticated products and services designed to protect and manage sensitive corporate data. A well-developed privacy and security governance program includes tools suited for each step of the incident management process:
- Document and Analyze: Governance, Risk, and Compliance Platforms (GRC): providing content management, workflow management, reporting and relational data models.
- Track and Secure: Industry Agnostic Data Loss Prevention (DLP) solutions, and industry-specific technology solutions: providing software that detects, identifies, monitors, and controls sensitive data leaving a network.
- Monitor and Detect: Security Information and Event Management Solutions (SIEM) or Managed Security Service Providers (MSSP): providing a holistic view of IT security, with centralized storage to detect, log, analyze, and correlate security threats and trends.
- Assign and Mitigate: IT Ticketing Systems: allowing IT teams to notify multiple stakeholders in the remediation process, track and document the investigation of the event, and assign roles for remediation.
- Assess and Notify: Incident Assessment, breach guidance, and notification platforms (like RADAR) provide the processes, documentation and decision support needed to create consistency in compliance, determine if incidents are notifiable under state and federal breach laws, and ensure readiness should an audit come your way.
To learn more about how to close the loop on incident response, view our solution brief here.