SECURITY

COMPUTER INCIDENT RESPONSE

The cost of such incident may run into the millions, and may also have legal consequences, it is imperative to ensure proper actions are taken. Actions that are accurate, effective and legally binding, should you want to amid the evidence in court.

In Genesis, we are able to respond to all Information Security incidents with a 2 hours response, 24 x 7, systematically, with the relevant technology and skill to assist you in any situation that involves breach of information.

Incident Assessment And Containment

Our information security experts start by analyzing the incident and evaluating your organization's information security posture for vulnerabilities that may have been exploited. As major vulnerabilities are discovered, they are addressed. In order to minimize changes to critical systems, minor vulnerabilities are documented for future remediation. While stabilizing systems, our consultants will take the necessary steps to preserve any electronic evidence that may exist. The overall goal of incident containment is to minimize system downtime, alteration and the disclosure of sensitive information.

Computer Forensics

Wherever possible, electronic evidence is preserved throughout the incident stabilization process. Since this evidence may be required in a court of law, it is important that existing information system are not unnecessarily altered and the state in which it was found is properly documented. Once evidence is properly collected, the computer forensic investigation process can begin. We follow a strict procedure in the process:

  • No possible evidence will be damaged, destroyed or compromised by the processes used to investigate the computer or drive.
  • No external component/software is introduced to the system during the analysis of the computer or drive.
  • Extracted information with even the most remote evidentiary value is properly handled and protected from later mechanical or electromagnetic damage.
  • A continuing chain of custody is established and maintained.
  • Information concerning each phase of the engagement is kept in the strictest confidence.

Remediation and Prevention

Once the damages are assessed and contained, and all relevant evidence collected, we are able to provide additional services to

  1. Provide in-depth analysis of your information assets, threats and vulnerabilities.
  2. Identify security weakness to the information systems, policy or operation guideline that may lead to future incidents.
  3. Recommend additional prevention measures to mitigate or totally eliminate any threat or vulnerabilities identified.
  4. Provide resources to perform the remediation our services is required.