Cyber Security Incident Response Supplier Selection Guide
In support of the CREST Procurement Guide for Cyber Security Incident Response, the Supplier Selection Guide provides practical advice on the procurement of cyber security incident response services. It outlines the key concepts needed to define a cyber security incident and build an appropriate response capability whilst presenting guidance on how to apply a systematic, structured process for selecting a reputable commercial supplier that can most effectively meet your requirements at a reasonable price.
The Supplier Selection Guide helps the buying community to understand the benefits of using external suppliers, determine which activities should be outsourced, define criteria upon which to base selection of a suitable supplier and provide guidance on appointing suitable third party experts. It provides practical advice on the procurement of CSIR services and outlines the key concepts that will help to:
- Define a cyber security incident;
- Build an appropriate response capability;
- Give detailed guidance on how to apply a systematic, structured process in selecting a reputable commercial supplier;
- Demonstrate why some or all incident response capabilities might be outsourced.
The Supplier Selection Guide also investigates the three primary considerations for a buyer when weighing up the benefits of whether to outsource their cyber security incident response capabilities, namely:
- Provision of resource and response expertise;
- Ability to conduct in-depth technical investigations;
- Performing cyber security analysis.
Please click on the image to download a copy of the guide.