Renewed Focus on Incident Response Brings New Competitors and Partnerships>
N-Cryp Tech News – Kelly Springer
In late March, Microsoft announced that the company would focus its generative AI offering, Copilot, on helping companies triage and respond to incidents, with an aim towards bolstering organizationsâ incident-response capabilities. The company also announced that it would start offering incident response services and consulting on cybersecurity posture as a retainer to companies upon request.
The announcement marks a significant change at Microsoft. In 2019, Microsoft labeled its incident response team â known then as the Detection and Response Team (DART) â as the âcybersecurity team we hope you never meet.â Now, the team hopes to meet clients on a regular basis.
Microsoft is not alone. Incident-response services have taken off, and the companies that offer them are looking to build relationships rather than one-off engagements. Google bought incident-response bellwether Mandiant in 2022, adding to its other IR-focused acquisitions Siemplify and Chronicle and its security advisory services. Consulting firms Deloitte, Booz Allen, Kroll, and PricewaterhouseCoopers have long offered incident response, while managed service firms such as CrowdStrike and Secureworks have focused expertise. Large business-technology and service firms â such as IBM, AT&T, Verizon, and Palo Alto Networks â have also long been players in the IR space.
Corporate legal requirements and cyber-insurance policies have an outsized impact on incident response. Often, the first call for an engagement comes not from an company executive, but from an outside counsel hired to handle the crisis (often because attorney-client privilege shields a company from legal discovery). In other cases, an insurance company would bring in incident responders to help reduce the cost of recovering from a breach and to assess the security of a policyholder.
Link: https://n-cryptech.com/renewed-focus-on-incident-response-brings-new-competitors-and-partnerships/