Incident Response Service: When unusual activities are detected (Usually by MSC SOC), preset actions are taken. Actions usually consist of forensic analysis activities such as preserving the evidence, analyzing entry point and method, evaluating the extent of damage, identifying breached data, deciding neccesity and reporting to proper authority, Flag and Class, as well as owners.
MCS will support or take charge of this phase by providing specialists in forensics. The findings will be communicated to the vessel Captain, DPA, CSO, GM.
This communication will include the damage and initial recovery efforts. This is one of the most critical phases when a breach has been identified. In most cases, the initial discovery and reaction will limit the extent of damage done.
Incident Response Service: Fifth and the final phase is “Recover” phase. During this phase, you and our advisors work out remedial actions to prevent further attacks and to block attackers access to your system.
After careful forensic analysis, MSC can advise on the course of remedial actions and patch holes in your security. Naturally, full report will be presented so that you are able to use such information for user education sessions in the future. Please note that MCS combines Respond and Recovery phase as a unified service.