Over the years, CGA has invested significantly in building the right capabilities to cope with these cybersecurity challenges. This has resulted in the creation of a dedicated Cyber Security Incident Response Services (CSIRS). Computer Security Incident Response Team (CSIRT) helps to adequately prepare for and cope with cybersecurity incidents during the whole attack continuum: before, during and after.
- Before an incident; CSIRT conducts an audit on the processes, technologies, and people in terms of readiness to cyber incident detection, investigation, audibility of systems, availability and detail of audit trails, retention of log data, etc.
- During an incident; the CSIRT is on 24/7 standby to support the customer in the mitigation of the breach by providing all the expertise for monitoring, detecting, analyzing, containing & recovering.
- After an incident; based on the lesson learns, CSIRT proposes the best way to adapt security policies and enhance the resilience to the same type of attacks. After validation by the Security Officer, these change proposals can be handled via the standard procedure for managed services change handling.