Cyber Incident & Breach Response
Archer Cyber Incident and Breach Response enables you to centrally catalog organizational and IT assets, establishing business context to drive incident prioritization and implement processes designed to escalate, investigate and resolve declared incidents. The use case is designed for teams to work through defined incident response and triage procedures in preparation for a potential data breach.
Built-in workflows and reporting are designed for security managers to stay on top of the most pressing issues and streamline processes. Issues related to a declared incident investigation can be tracked and managed in a centralized portal that provides full visibility and reporting. If an incident escalates into a data breach, pre-built workflows and assessments are designed to help the broader business team work with the security team to respond appropriately.
With Archer Cyber Incident & Breach Response, declared cyber and security events can be escalated quickly and consistently. Advanced workflow and insight to the velocity of declared cyber and security incidents allow more efficient utilization of security team resources, resulting in faster response, analysis and closure rates for critical security incidents. With improved processes and capabilities, the security team can more effectively leverage existing infrastructure -- such as SIEMs, log and packet capture tools, and endpoint security technologies -- to focus on the most impactful incidents. These capabilities improve security team preparedness in the case of serious incidents involving potential data breaches, increasing the return on infrastructure investments while lowering overall security risk.
For the key features and benefits of this use case, see the Data Sheet on the Archer Community: https://community.rsa.com/docs/DOC-40093
Cyber Incident & Breach Response is a use case in the IT Security & Risk Management solution area. The following sections describe the use cases that Cyber Incident & Breach Response requires as a prerequisite, which use cases you can upgrade to as your program matures, and which use cases in other solution areas you can integrate for additional business context and functionality.
Prerequisite and next use cases
|
||
---|---|---|
Issues Management |
Cyber Incident & Breach Response |
N/A |
|
|
|
Related use cases in other solution areas
Use Case Name |
Application Name |
Primary Purpose(s) of the Relationship |
---|---|---|
Crisis Management |
Crisis Event |
Using the Archer Crisis Management use case, you can create a crisis event record for your crisis event team to track and resolve. |
Any use case that includes the Risk Register application |
Risk Register |
You can tie your incident record to related risks in the Risk Register application.
|
The following resources are available for the IT & Security Risk Management solution area:
Get started