The number of cybersecurity incidents has increased amid the shift to remote work. Just in the past year, as many as 18,000 customers of SolarWinds unknowingly let in attackers through an update that appeared legitimate, exposing security weaknesses throughout infrastructure and supply chains. At the same time, ransomware continues to make the headlines as cybercriminals use highly sophisticated tools and tactics to disrupt the remote workforce and coerce organizations into paying large ransoms. In fact, according to the 2021 Unit 42 Ransomware Threat Report, the average ransomware payment climbed 82% in the first half of 2021 to a record of $570,000.
As a result, organizations are increasingly adopting incident response service solutions, specifically through retainer-based service contracts, in order to mitigate cyber risk and respond quickly in the event of a breach, before major damage occurs.
How prepared are organizations in the current threat landscape, and how does your organization stack up?
Enterprise Strategy Group recently surveyed more than 330 cybersecurity professionals to gain insight into the incident readiness market. The report, “An Ounce of Prevention: Investing in Incident Readiness,” captures the current landscape of incident response and identifies some of the current gaps and best practices:
Clearly, many organizations lack the infrastructure and expertise to support incident response. But with the increasing adoption of cloud-based platforms and the growing rate of enterprise IoT use, the stakes could not be higher.
Regardless of where you are on the journey to cyber resilience, the need for a robust incident response plan is clear, and it only makes sense to trust this task to the experts.
| An incident response retainer offers peace of mind to organizations, offering expert support before and in the aftermath of a cybersecurity incident. |
With an incident response retainer in place, organizations can prepare for cyberthreats and respond rapidly should a threat actor infiltrate secure data or systems.
The benefits of an incident response retainer include:
An incident response retainer is a promising option to help busy organizations prioritize cybersecurity initiatives and planning, but where should you start? It’s imperative to understand the services available to your organization and the distinct areas of expertise that should be included.
As your organization considers an incident response service provider, there are specific areas of expertise that should not be overlooked.
The Gartner® “Market Guide for Digital Forensics and Incident Response Services” outlines incident response services, the current market, the differences between proactive and reactive services and why those distinctions are key to developing the right plan for each unique organization. Also, the report recognizes several firms as Representative Vendors, including the Palo Alto Networks Unit 42 Incident Response Services.
If your organization is in the process of looking for an incident response retainer, there are several key criteria you should look for, including:
The Unit 42 Services Retainer reduces your incident response time by having our IR experts as an extension of your team on speed dial. This means we operate under prenegotiated terms, with predefined communication channels and playbooks to get started on your investigation within minutes.
What you may not know is that you also have the flexibility to use the prepaid credits for any of our proactive services. We help you take a threat-informed approach to identify gaps based on the latest threats that represent the biggest risk to your organization.
These services will help CISOs:
And it will also help your SOC team identify if you have been compromised, in order to respond quickly before any other damage happens.
Unit 42 is proud to offer industry-leading incident response retainer services, including data breach response, ransomware investigation and recovery services, digital forensics and insider threat investigations, tactical response insider threats, and expert witness testimony. Learn how to get started with our Incident Response Services.
If you are experiencing an active breach, or think you may have been impacted by ransomware, please email unit42-investigations@paloaltonetworks.com or call (866) 486-4842 – (866) 4-UNIT42 – for U.S. toll free, (31-20) 299-3130 in EMEA or (65) 6983-8730 in JAPAC. The Unit 42 Incident Response team is available 24/7/365. You can also take preventative steps by requesting a Ransomware Readiness Assessment.
Gartner Market Guide for Digital Forensics and Incident Response Services, Prateek Bhajanka and Wam Voster, Sept. 21, 2021. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.