Incident Response In Practice
22nd April 2010
Last night CYFOR received a call via our emergency number for an immediate incident response to a potentially serious security breach for a leading corporation.
A laptop had been stolen from the corporate which contained unencrypted data of a sensitive nature. The laptop case also contained the login details. The laptop was found, however, they needed to establish whether the sensitive data had been accessed.
This was a potential disaster for the corporate and they were preparing to contact third parties to inform them of a security breach. They called our emergency number and within an hour CYFOR was able to dispatch two forensic investigators to their site to respond to the incident.
We created a forensic image of the laptop in order to preserve the data and were then able to establish whether anyone had logged onto the laptop. We were also able to investigate whether the sensitive data contained on the laptop had been copied to any external media.
The CYFOR investigators worked through the night to achieve a positive result for the client and as a breach had not occurred, were able to prevent the corporate contacting third parties which could potentially have damaged their reputation.
Within 8 hours of receiving the initial call, CYFOR had completed the investigation and got the result the corporate wanted…now that IS incident response!