:Overview - Symantec Corp.

Service Categories

Consulting Services

Education Services

Hosted Services

Managed Services

Support Services

Services By Business Need

IT Risk Management

Business Continuity

Data Center Transformation

Endpoint Management

IT Compliance

Information Management

Security

Storage Management

Symantec.com > Business > Services > Overview

Although it is impossible to predict when the next security incident will occur, every organization needs a means to effectively manage them. Symantec can help you craft and implement an effective incident response strategy that leverages best practices and aligns your organization to respond effectively to these incidents while mitigating the risk of damage to your business and reducing recovery time and costs.

Challenges

Critical incidents—such as attacks, virus outbreaks, and system vulnerabilities—compromise information systems and can lead to the loss of sensitive corporate data. Enterprises have responded by deploying virus protection, firewalls, and intrusion detection/prevention products.

Effective and well-integrated products can create a high level of security. However, just as a municipality staffs and trains a fire department with the hopes of never having to use it, your business needs a team of specialists trained to respond to internal and external security breaches.

Solutions

The Symantec Incident Response and Management Program is designed to strengthen an organization’s security posture, to demonstrate compliance, and to minimize the impact of threats, incidents, and downtime. The service is built on industry-proven processes, documented procedures, and diverse technology, and is executed by expert staff. The desired outcome is the implementation of a tailored solution for managing a client’s organizational response to security threats and incidents by establishing these five essential elements:

Incident Escalation: Notification of the appropriate groups within your organization of threat, incident, severity, and impact to prepare stakeholders to take remediation steps

Remediation Recommendations: Identification of the steps for remediation of the threat or incident to facilitate timely recovery from the incident to minimize business impact

System Recovery: Restoration of affected systems, applications, and data followed by reconfiguration of systems and security controls to return infected systems to operation as quickly as possible

Root Cause Investigation: Forensic investigation to determine how, where, when, and why the initial breach occurred

Post-Incident Review: Reviewing the effectiveness of the incident identification, response, and recovery processes, forensics readiness, forensics, and high-level reporting including the identification of damages

Symantec will also enable a Computer Incident Response Team (CIRT) to provide command and control in the case of a security incident. The CIRT team is trained to handle incident analysis, prioritization, escalation, remediation, and reporting throughout the lifecycle of the incident. Symantec can train your staff on operation of the CIRT, or you can let Symantec experts operate this critical function.

Why Symantec?

Working closely with Symantec, the world leader in security, you can develop a program that enables your Computer Incident Response Team to quickly and effectively respond to security threats and incidents in your network environment.

By aligning your organization to respond in a systematic manner to security incidents, you can prevent or minimize disruption of critical computing services and minimize loss of critical information.