Cyber Incident Response Services
Learn how your organization can benefit from our cyber incident response services.
What are Cyber Incident Response Services?
Cyber Incident Response Services enable organizations to quickly contain and remediate the damage caused by cyber security incidents. We were named a Leader in the Forrester Wave™ for Cybersecurity Incident Response Services for 2022.
Cyber Incident Response Services: The Why and When
Explore the research and data points below to learn more about why cyber incident response services are both a short-term and long-term value-add for organizations at time of rising cyber security risk:
The average cost of a data breach in the U.S. was $9.44 million in 2022. (1)
In 2022, it took an average of 277 days — about nine months — to identify and contain a breach. (2)
of organizations experience at least one successful cyber attack over a 12-month period. (3)
The National Institute of Standards and Technology outlines a four-step approach for incident response:
- Preparation: Deploy technologies and processes to prevent intrusions. Plus create and maintain a detailed incident response plan for when they do occur
- Detection and analysis: Identify a breach or other cyber incident, analyze the risk it poses, document what has occurred and notify stakeholders
- Containment, eradication, and recovery: Prevent problems from spreading beyond the point of attack, remediate damage and identify attackers
- Post-incident activity: Document lessons learned from the specific incident and from aggregate data for all incidents
How Aon Can Help
Aon understands that every incident is unique and requires a tailored approach to achieve the best outcomes. This is why our Incident Response Services combine the latest technology with guidance from seasoned professionals. Clients have the same dedicated Engagement Leadership team from beginning to end, ensuring a single source of accurate information and clear lines of communication.
Our Incident Response Methodology
While each engagement is unique, the team always guides clients through the same process:
- Intake: A victim of a cyber attack, legal team, government or cyber breach coach contacts Aon. The Engagement Leadership team logs the case and assigns it for scoping.
- Scoping: The Aon team meets with the client to assess the incident and documents a scope of work and estimate.
- Activation: The engagement begins with the full team meeting with the client to initiate the investigation.
- Containment, data collection and analysis: The team works to help stop the attack from spreading, find the root cause, minimize damage and data loss and ensure continuity of operations.
- Report findings and recommendations: Aon provides verbal and written communication to help clients understand what happened, how the damage was contained, what longer-term network and system repairs are needed and how to help strengthen the organization against similar future attacks.
The Aon Team
Our incident response services are delivered by our global team of highly qualified professionals with decades of experience across all areas of cyber security, as well as disciplines like law enforcement, accounting, law, risk management, business resilience, disaster recovery, crisis management, insurance and more.
With Aon, you can respond in a timely manner when a cyber security incident occurs, make better informed decisions and minimize risk.
Insurance products and services are offered by Aon Risk Insurance Services West, Inc., Aon Risk Services Central, Inc., Aon Risk Services Northeast, Inc., Aon Risk Services Southwest, Inc., and Aon Risk Services, Inc. of Florida, and their licensed affiliates.
The information contained herein and the statements expressed are of a general nature, not intended to address the circumstances of any particular individual or entity and provided for informational purposes only. The information does not replace the advice of legal counsel or a cyber insurance professional and should not be relied upon for any such purpose. Although we endeavor to provide accurate and timely information and use sources we consider reliable, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future.