Cyber Security/ Privacy Breach

Security Incident Response

Time is of the essence when dealing with a Security Incident response. Steps need to be taken immediately to protect critical data and systems. The incident and how it happened needs to be identified, stopped and the damages assessed. Some companies wait too long to engage experts in their response allowing valuable evidence to disappear. Contact us to speak to one of our experts.

Privacy Breach

Sensitive personal information has been lost, such as in the theft of an unencrypted laptop, or you have proof that personal information is in the hands of those who should not have it. This may lead to threats of extortion or is already being used in identity theft schemes to defraud others of their money. What are your obligations under Federal Privacy laws? You need to take immediate steps to mitigate the risk and liability to your company.

tony-yeung-32219-unsplash.jpg

Containment - Stopping the breach

It goes without saying, that you will be judged more by how you managed the breach than the underlying reasons of why the breach happened. What you knew, when you knew it and how you managed it and what steps you took to contain it are all paramount in how you will be judged. Let our experienced professionals guide you through the process.

tony-yeung-32219-unsplash.jpg
 

Root cause and steps for prevention

One of the most difficult parts is determining the root cause. Was it sloppy processes or inadequate controls? One of the questions we are often asked is “Did one of my staff assist the bad guys”. We can review your Information Systems security protocols, incident response, disaster recovery as well as audit controls to discover where the leaks are and implement steps to prevent other occurrences.

Finding the source

Finding the source will go a long way to determining the root cause. In one case we were involved in, an IT employee was blackmailed into opening up the firewall allowing access to the corporate servers from the outside. It was not long before the entire network was compromised. It is essential to not only find the source, but to put controls in place so that this situation cannot be repeated.