Breach Readiness as a Service
Why companies need to be ready:
If you've ever thought "I don't have information that anyone would want" or "I'm too small to be a target for a cyber-attack", then you're already setting yourself up for a 'reactive' approach to cybersecurity - which is backwards thinking. Reacting to a breach can set your organization back in more ways than the financial impact. Downtime will affect your organization's productivity and ability to keep up with regular business; not to mention the impact a breach can have on your customer's perception of your brand. BRaaS (Breach Readiness as a Service) will help your organization mitigate the effects of the breach and reduce the turnaround time.
Hackers don't DISCRIMINATE against the size of an organization or the industry
Every organization is a target, whether you have one employee or one million employees. It's critical to prepare for the worst. There are steps that all organizations can take to prepare for a breach to reduce downtime, minimize the effects, and protect information.
Qi’s BRaaS offers customers a proven proactive approach in preparation for a breach. We will work with you to set up policies and procedures, form response teams where individuals will be assigned specific roles, establish channels of communications, and much more.
On average, it takes 191 days for organizations to detect a breach
Qi will provide your organization with Insight Reporting to show your level of preparedness. Your company will be scored based on level of completion or the implementation of procedures, and compared to the industry's average preparedness score; which gives organizations an idea of how they rate compared to other organizations. Goals can be customized to align with each organization's mission, to show their progress and compliance.
Initial on-boarding workshop
Here's what you can expect from Qi for the initial on-boarding:
Information Gathering - this will include asset lists, network diagrams, systems information, etc.
Response Processes - Qi will review the current response process and tailor it as needed. If there is no response process in place, we will provide a net new protocol.
Familiarization - Qi will review various types of breaches that the organization may experience and ensure that the management and the response team feel comfortable that they have: (a) sufficient information should they need to call Qi; and (b) a better understanding of what a breach might look like, so that they know when to engage Qi.
Response and Escalation Processes - Build out initial notification and escalation processes.
Shared Repository - At the completion of onboarding there should be a shared central repository of all breach response documents for the customer and Qi to access.
Here's what Qi delivers for ongoing BRaaS activities:
Breach Readiness Response Service, phone and email available 24x7x365 to initiate the response for a breach.
Ongoing meetings to: (1) review any outstanding items from previous meetings to ensure completion or report on progress, using the Breach Readiness Insight; (2) review current processes, protocols, notification/escalations, etc. to ensure everything is up-to-date; (3) identify any changes or activities which need to be completed as takeaways.
Tabletop Exercise - twice annually (on average every 6 months) conduct a Tabletop exercise. The goal will be to pick either a potential breach that the organization may have recently had issues around, or pick a breach scenario from the news headlines.
Annual Review - Review all 12 Breach Readiness Insights, identify any possible trends, provide overall observations and recommendations to further improve the organization's Breach Preparedness.