CMMC Incident Response

Incident

An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of a system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies. Source: NIST SP 800-171 Rev 1

Is your firm ready to handle a real world Incident Response under CMMC?

Peak InfoSec has experience working numerous cases with the analysts at the DoD Cyber Crime Center (DC3) for our clients.  We have walked clients through our Incident Response Plans based on the SANS PICERL process:

  • Preparation
  • Identification
  • Containment
  • Eradication
  • Recovery
  • Lessons Learned

As a part of these efforts, we

  • Led the Incident Response;
  • Gathered evidence and conducted Forensic investigations;
  • Reported Incident Response findings, activities, and remediations underway client’s Executive Leadership Team;
  • Drafted Incident Response reports per DC3 guidance;
  • And, interacted with DC3 on the client’s behalf.

We also work with DoD’s Counter-Intelligence organizations (Air Force Office of Special Investigations, Army Criminal Investigation Command, & Navy Criminal Investigation Service) to identify and pursue mitigations from Advanced Persistent Threats when they become involved.

For more information, please contact us at [email protected].

An Authorized CMMC 3rd Party Assessment Organization (C3PAO)