Incident Response : 0800 169 4442
Digital forensics incident response on an international scale
Following a security incident, seconds count and delays can have a severe impact on the finances and reputation of the company. It is also crucial that forensically sound methodology is used to investigate the cause of the security breach and any parties involved.
CYFOR have extensive capabilities to respond to an incident at a moments notice and on an international level. Our team of experts have travelled the world for clients needing the extraction and analysis of multiple forms of digital evidence.
Recent case study
CYFOR was contacted by a leading financial institution via our 24 hour emergency number to investigate a laptop containing highly sensitive data that had been stolen but subsequently recovered.
The implications of the data being compromised were huge to the business. The business would have suffered from significant adverse media attention, clients would need to be informed and they were obliged to inform at least two regulators. The overall cost and impact would have been significant and fines and damages could have been anywhere up to £500,000 and beyond.
The organisation instructed CYFOR to undertake an investigation of the recovered laptop. As a result of our investigation, we were able to demonstrate that the data had not been compromised and the organisation were able to report this to their regulators.
The investigation was concluded within 24 hours, reports were provided to the regulators swiftly demonstrating corporate governance and effective response on behalf of the client. There was also no requirement to notify third parties as no data was lost. The regulators were satisfied that the organisation reacted appropriately and diligently, therefore fines were reduced significantly.
Actual cost to the client – under £10,000
Maximum cost potential – £500,000 +
At CYFOR we understand the time critical element of security incidents. Our experienced team of investigators is available 24 hours a day via our emergency response number (0800 169 4442) to respond to nationwide incidents. We follow proven methodology in approaching each incident:
- Lock-down– Perform the actions necessary to prevent further damage to the organisation and mitigate business risk.
- Preserve evidence– Forensically capture data on compromised or affected systems.
- Investigate incident– Use forensic and information security tools to determine source of attack and capture perpetrator.
- Management report– Provide a full log of investigation undertaken and the results of this investigation.
CYFOR would also recommend that if an incident response policy isn’t in place, a readiness review is undertaken. We would also propose that the organisation undertakes regular vulnerability assessments to minimise future security risks and provide information assurance.
Our rapid reaction team has the following credentials:
- Full security clearance
- Forensic degree qualified
- Thorough knowledge of the ACPO guidelines (as followed in all investigations)
24 hour Incident Response Number: 0800 169 4442