Experience addressing cyberattacks
We have nearly two decades of experience analyzing multiple types of cyberattacks, including:
- Insider threats: The activities of former and current employees, contractors, or business associates who have inside information on the organization
- Financial crime: Securities, credit card, and banking fraud at stock markets, payment organizations, and financial institutions
- State-sponsored attacks: The crimes of trade secrets and other sensitive data across a wide range of industries
- Destructive attacks: Attacks intended to cause the victim organization pain by making information or systems unrecoverable
- Protected health information (PHI): Exposure of protected healthcare information
- Privacy data and personally identifiable information (PII): Exposure of information used to uniquely identify individuals
- On-site or remote requirements analysis: Interview key stakeholders to assess the operational environment and determine any special requirements.
- Incident response plan development: Prepare for and respond to cybersecurity attacks more efficiently with a proven response plan.
- Annual or semi-annual status review and refresh: Review and identify any changes needing modification with the in-place incident response plan.
- Tabletop exercise: Hold a two-hour roleplaying session of likely attack scenarios and discuss the actions to be taken as part of the response plan.
Obtain, preserve, and examine digital evidence
Whether an external attack resulted in a data breach or a rogue employee compromised sensitive information, it’s vital that you investigate the incident and take the necessary post-containment steps.
Our forensics analysts piece together specific events to provide a greater understanding of when an event occurred, who was involved, and what data was affected.
We also help clients involved in litigation by supporting digital evidence and data collection and acquisition across IT systems, mobile devices, and social networks, as well as providing investigative analysis, expert testimony, and litigation consulting.
- Breach response analysis – Identify indicators of compromise, incident timeline, network connection and user account information, malware, and vulnerability information.
- Cellular and mobile device investigations – Capture system images of mobile devices for forensic analysis, keyword and pattern searches, PII, or credit card data.
- Employee misuse and misconduct investigations – Focus on reviews of system users who have been accused of violating an organization’s policies and acceptable use procedures.
- Indicator of compromise (IOC) check – Evaluate your system for IOCs, including malware on disk or in memory.
- RapidCheck – Check for compromise and credit card exposure on point-of-sale (POS) terminals.
- Video and audio investigation – Examine evidence, verifying its integrity, and, when needed, enhancing recordings or images to more clearly identify that vital piece of evidence.