Thinking / Incident response planning

Your organization must know in advance how it will react to a cyber incident, such as the unauthorized remote control of devices and systems, theft of confidential data, or sabotage. For instance, a defibrillator might be controlled by an attacker, blocking or modifying its operation with fatal consequences instead of saving a life. A facility-related control system (FRCS) for heating, ventilation, and air conditioning, as well as lighting and physical security (door locks, for instance) might be hacked to make these systems inoperable. Without an incident response plan, you may not be able to handle such incidents properly or recover from them.

Using our experience in responding to the many kinds of cyber incidents, we work with you to make a plan that is tailored to your establishment, your use of devices and control systems, and your patient and personnel context. Besides the preparation to enable you and your personnel to identify, contain, eliminate, and recover from incidents, we also maximize the possibilities to learn from attacks and events afterwards for even stronger cybersecurity in the future.