Digital Forensics

Incident Response

Do you require experienced professionals to forensically recover digital evidence? CYFOR operate a team of forensic incident response specialists who operate on an international scale.

Incident Response

CYFOR have a fully security cleared Incident Response Team, who are comprised of ex-military and ex-law enforcement professionals who are on standby to respond to incidents. They are experienced in responding to search & seize orders, last-minute instructions and data recovery using forensically sound methodology. Operating internationally, we provide a fast and effective response to ensure the preservation of evidence, which is critical to the success of any investigation where digital evidence is scrutinised.

We follow a proven methodology in approaching each incident:

At CYFOR we understand the time-critical element of security incidents. Our experienced team of investigators are available 24 hours a day via our emergency response number (0800 169 4442) to respond to nationwide incidents.

CYFOR would also recommend that if an incident response policy isn’t in place, a readiness review is undertaken.  We would also propose that the organisation undertakes regular vulnerability assessments to minimise future security risks and provide information assurance.

  • Lock-down: Perform the actions necessary to prevent further damage to the organisation and mitigate business risk.
  • Preserve evidence: Forensically capture data on compromised or affected systems.
  • Investigate incident: Use forensic and information security tools to determine the source of attack and capture perpetrator.
  • Management report: Provide a full log of investigation undertaken and the results of this investigation.

Case study

CYFOR was contacted by a leading financial institution via our 24-hour emergency number to investigate a laptop containing highly sensitive data that had been stolen but subsequently recovered.

The implications of the data being compromised were huge to the business.  The business would have suffered from significant adverse media attention, clients would need to be informed and they were obliged to inform at least two regulators.  The overall cost and impact would have been significant and fines and damages could have been anywhere up to £500,000 and beyond.

The organisation instructed CYFOR to undertake an investigation of the recovered laptop.  As a result of our investigation, we were able to demonstrate that the data had not been compromised and the organisation were able to report this to their regulators.

Concluding Result

The investigation was concluded within 24 hours, reports were provided to the regulators swiftly demonstrating corporate governance and effective response on behalf of the client.  There was also no requirement to notify third parties as no data was lost.  The regulators were satisfied that the organisation reacted appropriately and diligently, therefore fines were reduced significantly.

The actual cost to the client – under £10,000

Maximum cost potential – £500,000 +

Contact our Incident Response Team today

Send an enquiry to our experts

After submitting an enquiry, a member of our team will be in touch with you as soon as possible

Your information will only be used to contact you, and is lawfully in accordance with the General Data Protection Regulation (GDPR) act, 2018.