Incident response
Moodi Mahmoudi avatar
Written by Moodi Mahmoudi
Updated over a week ago

Incident response plan

NEXT has a documented incident response plan that establishes the procedures to be undertaken in response to information security incidents. NEXT regularly test the incident response plan to validate continued relevance, effectiveness, and overall organizational readiness.

This incident response plan includes:

  • Escalation procedures

  • Incident severity identification and classification

  • Roles, responsibilities, and communication strategies in the event of a compromise

  • Containment and remediation strategies

  • Communication protocols, both internally and externally

  • A retrospective analysis to determine the root cause and implement improvements to incident response procedures

Monitoring and alerting

NEXT has continuous monitoring, logging, and alerting in place that will automatically escalate any issues. Depending on severity, these incidents may trigger an incident to dedicated on-call engineering 24 hours a day, 7 days a week, 365 days a year. Potential catalysts that may trigger an incident include:

  • severe vulnerabilities [link vulnerability management]

  • vulnerabilities disclosed by a security researcher [link vulnerability disclosure]

  • intrusion detections [link intrusion detection and prevention ]

  • elevated errors, operational performance, and suspicious operations [link logging and monitoring]

  • data breach discovery [link]

Did this answer your question?