Cisco Blogs
Share

The Impact of Incident Response (IR) Services and How to Address Them

- February 27, 2017 - 1 Comment

You heard why your security practice should include cybersecurity incident response services. Now we’ll dive into the why: the threat landscape impact, the potential impact of a security incident on your customer’s business, and why partnering with Cisco can help defend your customer’s intellectual property and brand.

Even though governments around the world regulate data handling, there are still high-profile data breaches reported each week, and the costs of those breaches continue to rise. Studies show that a brand’s value could decline more than 31 percent after a breach, depending on the industry. Healthcare breaches show the highest average global cost of data breach per lost or stolen record at $355. Education, transportation, and research costs were slightly below that, with the average global cost coming in at $158 per record. The lowest is the public sector at $80 per stolen record. (source: poemnom research).

Given the high cost per stolen record, businesses should be evaluating and evolving their cybersecurity approach regularly, not to mention the fact that the time-to-detection (TTD) is often between 100 and 200 days.

That’s where Incident Response (IR) teams come in. They provide expertise on evaluating current and developing new IR processes, and assist in responding to and remediating cybersecurity incidents. Even better? Studies show that businesses who utilize IR teams reduce the cost of a data breach, sometimes by $16 per record (2016 cost of a data breach study by Ponemon Institute).

We understand that it’s a significant challenge for many organizations to build out their own IR plan and teams, which is where Cisco can step in. We will work with you to build out a full-fledged IR plan, complete with the most critical components — everything from understanding the current environment and identifying critical systems and assets to integrating the plan at a higher level and mobilizing the team.  Incident responders are not only a technical asset: they are a trusted partner, too.

To understand the first steps to implementing an Incident Response service and why it’s necessary, listen to the December Power Hour, then contact your Cisco Account Manager or Partner team.

Please tune into the second IR Power Hour session on March 8th, where we will focus on how to increase your deal size by selling the Cisco Incident Response Retainer Service before your customer experiences a breach. You’ll hear the top reasons your customers need a Cisco Incident Response retainer, why you should sell IR, and the next steps so you can start selling today.

Tags:

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments

    Most companies have subscribed to the theory that regular network penetration testing is a security standard or table stakes in the protection of the network, applications, and data. The Cisco incident response team also recommends regular proactive internal threat hunting. This is just one component of the Cisco Incident Response Retainer program that helps strengthen client's security posture.

Share