ISA expands incident response capabilities with preparedness-focused service

Proactive preparation for an attack is the key element of the six-step process at the heart of the new ISA Incident Response Readiness Service.

Kevin Dawson, ISA’s President and CEO

ISA, a Toronto-based cybersecurity solutions provider which covers the country from Vancouver Island to Newfoundland, has announced the formalization of a new Incident Response Readiness Service to supplement their long-standing incident response service.

“ISA has been in the security business since 1992,” said Kevin Dawson, ISA’s President and CEO. “From a customer standpoint, we support the whole breadth of the market, from small and midsize customers to some of the largest organizations in Canada. Four of the top ten enterprises in Canada are customers. We also have a lot of customers in the public sector – municipalities, cities towns and education.”

ISA has offered a core 7/24/365 incident response service for many years. What is new here is the formalization into a service offering of a six-step Incident Response Plan designed to help customers take a more proactive approach to cybersecurity, so that they can better prepare for an attack and recover much more quickly if an attack takes place.

“Over the years we have been doing incident response and been called in to respond to breaches, we have developed this process,” Dawson said. “We have now formalized it as a service around helping customers understand how prepared they are and what they have in their environment should an incident occur. When an incident occurs, its not a time to do inventory.”

The process embodied in the Incident Response Readiness Service is thus not new, but it has not been presented as a formal programmatic service offering until now.

The six stages of the service are: preparation; identification and assessment of incidents; containment, eradication of the threat; recovery of data and network availability; and reviewing and assessing the lessons learned. Dawson said that the most important of these is the first – the Preparation Stage – in which the customer reviews their existing security infrastructure, prepares identification and response plans, and implements incident response tools and processes.

“Preparation is the key,” Dawson said. “Being able to let us know exactly what they have in place lets us get in front of things before an incident takes place. At the time an incident takes place, most organizations don’t have the breadth to educate someone. Time is of the essence. If we do a good job of preparation, the other five steps fall out much easier.”

Dawson said that the new service is of value to both large and small customers.

“Some larger customers who have more complex environments have already invested more to be in a better position,” he said. “However, they also represent a bigger target, so can benefit from this. With a lot of smaller companies, the skills to go through these six steps internally don’t exist at all. They look to have others come in and help them when there is an issue, so can really benefit from this kind of proactive service.”

Dawson said that the initial customer response to the Incident Response Readiness Service has been strong.

“We are actively meeting and talking with our clients about this, and many of them are signing up,” he indicated. It has been a big focus for the sales team. We also have reseller partners who leverage our services, and some of the buzz around this is coming through those partners as well.”

ISA has published a white paper on their six-step plan, which can be downloaded here.