About Our Cybersecurity Incident Response Practice

Law & Forensics Cybersecurity Incident Response practice assists clients not only with devising the most effective strategy for handling and managing a cybersecurity incident but also with implementing measures across the organization that ensure your in-house team can effectively respond to and escalate information related to a cybersecurity incident internally and externally, to bring the financial and reputational damages brought by an incident down to a minimum.

Our team of consultants and IT specialists is skilled at analyzing enterprise IT environments and generating strategies that make business sense. Our experts will work with your organization’s key stakeholders to map out your business needs and create an effective action plan that aligns with your IT and operational environment. When it comes to cybersecurity – Law and Forensics help position organizations as active defenders against malicious activity in cyberspace, instead of passive reactors.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Incident Response Services

  • Work with clients to identify a network infiltration by bad actors quickly, identify the origin of an attack, and devise a strategy to accelerate containment and eradicate the identified cybersecurity threats.
  • Collaborate with clients that want to stay ahead of the curve, by assessing their existing cybersecurity posture and working with executive leadership on improving internal reporting and escalation processes, develop adequate training programs and review existing technological solutions used by them to identify any gaps.

Incident Response for Managed Services Clients

  • Serve as an internal Incident Response Team (IRT) for organizations under a managed service contract providing a range of incident response services.
  • Work with legal, audit, information security, and information technology stakeholders and staff to augment the companies existing team.
  • Put boots on the ground and lead the incident response team members in an organization, as the incident evolves and when dealing with the aftermath.

Test and Audit Incident Response Programs

  • Work with organizations to assess their readiness in managing a cybersecurity incident, by reviewing existing incident response plans (IRPs), business continuity plans (BCPs) and other internal protocols and procedures to verify that they will allow the organization to react effectively.

Incident Response Plan Development

  • Review and update existing incident response plans against industry best practices.
  • Develop and update existing SOPs, work instructions, processes, and controls to account for the incident response plan per industry and organizational mandates.
  • Develop incident response plans that allow senior IT, audit, legal, and information security stakeholders recognize and deal with a cybersecurity incident like a data breach or cyber attack.
  • Work with the IT and information security organization to set up alerts from intrusion-detection, intrusion-prevention, and file-integrity monitoring systems

Case Studies by Industry

Industry/Sector: Agriculture

Type of Service: Create, Deliver, and Deploy an Incident Response Plan

Description: Retained by a multinational agricultural company to create an incident response plan. Efforts included:

    • Created an incident response plan that allowed senior IT, audit, legal, and information security stakeholders to recognize and deal with a cybersecurity incident like a data breach or cyber attack, and deployed the incident response plan across the entire enterprise and tested it using tabletop scenarios.
    • Ensured that the information security team was trained on how to regularly train the staff with incident response responsibilities and developing the appropriate reporting and escalation procedures in coordination with the IT, audit, compliance, and legal teams.
    • Worked with the IT and information security organization to set up alerts from intrusion-detection, intrusion-prevention, and file-integrity monitoring systems.
    • Assisted the legal and information security and technology stakeholders and staff with policy creation or modification to support the incident response plan.
100’s of Incidents

responded to

50.3k Computers


50+ Years

of collective experience and expertise

50.3k Mailboxes

examined by L&F

3.3k Social Media Accounts


453 Expert Reports


Cyber Security Incident Response Practice Edge

Cyber Insurance for Law Firms: Understanding the Cyber Risk Policy and Key Considerations for Law Firm Policy Holders


Annual Review of Regulations of Bitcoin and Blockchain in the United States and Abroad

Competitive fees


Review of Alternative Dispute Resolution Case Law in 2018

Quality Control