International intrigue. Rogue actors. Cybercrime. You might think I’m talking about Tom Cruise and his record-breaking sixth “Mission Impossible” movie. But I’m not. I’m talking about what happens to enterprises with a frequency that is a lot higher than most people suspect. Daily—sometimes hourly—these companies are the targets of attacks that look to steal their intellectual property, valuable data, customer identities, or wreak general havoc in their infrastructure to the point it makes it impossible to do business. Their adversaries can be an individual rogue hacker or nation-states.

So what happens when you do become a target? (And right now it’s more likely that you will than won’t.) Even, better, is there a way to be proactive in preparing for a breach? Cisco Business Critical Services for Security has the answer you’re looking for.

In my last blog post, I outlined how to use Business Critical Services to help efficiently manage your security and compliance problems. In this post, I’ll dive deeper how to use Business Critical Services to shift your incident response towards more proactive activities.

Sure, Cisco Incident Response Services provide you the assurance that the entire might of Cisco is always on standby to come to your aid in the case you do endure a breach. With some of the shortest response times in the industry, you know the peace of mind that industry experts will be working on your crisis within hours, not days if the worst case happens. We work across Cisco to pull in the right experts, including from the IR team, Talos, Public Relations, Legal, and more to help you triage the incident, contain the situation, and ultimately get your business not only back up and running, while being hardened from future attacks. This includes engaging and leveraging Cisco Talos’ industry-leading threat-intelligence. They have more than 350 full-time threat researchers, millions of telemetry agents, and thousands of decoy systems. This produces a library of unparalleled proprietary threat information that we can use to more rapidly diagnose and respond to a breach. We also provide the level of technical detail you need to make decisions about how to fix and defend against these and similar threats in the future.

More importantly, Cisco’s Incident Response Retainer enables you to be more proactive. You can become vigilant against, more resilient, and more ready to respond to threats before they happen. Our experts are available to work with you to develop a plan before a breach happens. We can also perform an assessment that covers your current readiness to respond and proactively hunts for threats, as well as provides a roadmap for how to strengthen your ability to respond. Our retainers typically include at least one of the following:

  • Tabletop Exercises: We create custom scenarios for your specific security concerns to simulate attacks and provide report on how to improve your threat identification and response effectiveness.
  • Proactive Threat Hunting: Are you sure your systems haven’t already been breached? This is a question your organization’s leaders are asking all the time. We proactively use our expert incident investigators to search for active threats on your network.
  • Incident Readiness Assessment: How effective is your existing breach response plan in comparison to industry peer and leading best practices? We look at your services, people, processes and technology to determine how you can improve your breach detection and response capabilities and give you detailed recommendations for remediation.
  • Penetration Testing: Our network and application security white hats simulate security threats and identify vulnerabilities that may expose you to a potential breach.  This allows you to remediate and shrink your attack surface, decreasing the opportunities for adversaries to breach your systems and cause an incident.
  • Plan and Process Development: If you don’t have an incident response process in place, we help develop one from scratch.
  • Playbooks: To be better prepared to respond to specific concerns or incidents.

Vigilance is key. You can purchase all the tools in the world, but when a breach hits, you need to be prepared–an expert team backed by the latest threat research by your side. Our comprehensive Incident Response Services gives you access to all of those security experts across your business—network, data center, collaboration, and more. But vigilance also includes more than security experts to be safe. You need to know when to make upgrades to hardware and software, which configurations are out of alignment with your current standards. You need to know what operational best practices acre across your entire ecosystem so you can spend time increasing revenue through new business models, not fixing things, or chasing down bad actors. So Incident Response Retainer as an overall part of a Business Critical Services engagement covers your foundational needs, and helps you accelerate your growth so you can transform your business.

So you don’t need Tom Cruise to go on a Mission Impossible to deal with threats so you can stay safe. You can get extraordinary outcomes—and accomplish your mission—with Cisco Business Critical Services.


Gary Alterson

Director, Advanced Services - Security

Advanced Services