Cybersecurity Incident Response

Cybersecurity Incident Response

About Our Cybersecurity Incident Response Practice

Law & Forensics Cybersecurity Incident Response practice assists clients not only with devising the most effective strategy for handling and managing a cybersecurity incident but also with implementing measures across the organization that ensure your in-house team can effectively respond to and escalate information related to a cybersecurity incident internally and externally, to bring the financial and reputational damages brought by an incident down to a minimum.

Our team of consultants and IT specialists is skilled at analyzing enterprise IT environments and generating strategies that make business sense. Our experts will work with your organization’s key stakeholders to map out your business needs and create an effective action plan that aligns with your IT and operational environment. When it comes to cybersecurity – Law and Forensics help position organizations as active defenders against malicious activity in cyberspace, instead of passive reactors.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Incident Response Red Team Managed Services Testing and Auditing Consulting and IR Plan Development

Incident Response Services

Work with clients to identify a network infiltration by bad actors quickly, identify the origin of an attack, and devise a strategy to accelerate containment and eradicate the identified cybersecurity threats.
Collaborate with clients that want to stay ahead of the curve, by assessing their existing cybersecurity posture and working with executive leadership on improving internal reporting and escalation processes, develop adequate training programs and review existing technological solutions used by them to identify any gaps.

Incident Response for Managed Services Clients

Serve as an internal Incident Response Team (IRT) for organizations under a managed service contract providing a range of incident response services.
Work with legal, audit, information security, and information technology stakeholders and staff to augment the companies existing team.
Put boots on the ground and lead the incident response team members in an organization, as the incident evolves and when dealing with the aftermath.

Test and Audit Incident Response Programs

Work with organizations to assess their readiness in managing a cybersecurity incident, by reviewing existing incident response plans (IRPs), business continuity plans (BCPs) and other internal protocols and procedures to verify that they will allow the organization to react effectively.

Incident Response Plan Development

Review and update existing incident response plans against industry best practices.
Develop and update existing SOPs, work instructions, processes, and controls to account for the incident response plan per industry and organizational mandates.
Develop incident response plans that allow senior IT, audit, legal, and information security stakeholders recognize and deal with a cybersecurity incident like a data breach or cyber attack.
Work with the IT and information security organization to set up alerts from intrusion-detection, intrusion-prevention, and file-integrity monitoring systems

Case Studies by Industry

Agriculture

Industry/Sector: Agriculture

Type of Service: Create, Deliver, and Deploy an Incident Response Plan

Description: Retained by a multinational agricultural company to create an incident response plan. Efforts included:

- Created an incident response plan that allowed senior IT, audit, legal, and information security stakeholders to recognize and deal with a cybersecurity incident like a data breach or cyber attack, and deployed the incident response plan across the entire enterprise and tested it using tabletop scenarios.
- Ensured that the information security team was trained on how to regularly train the staff with incident response responsibilities and developing the appropriate reporting and escalation procedures in coordination with the IT, audit, compliance, and legal teams.
- Worked with the IT and information security organization to set up alerts from intrusion-detection, intrusion-prevention, and file-integrity monitoring systems.
- Assisted the legal and information security and technology stakeholders and staff with policy creation or modification to support the incident response plan.

Wealth Management

Industry/Sector: Wealth Management

Type of Service: Incident Response to a Data Breach

Description: Hired at the direction of general counsel to lead a team of cybersecurity experts from two of the biggest cybersecurity firms in the world to remediate a cyber incident. Efforts included:

- Utilized Forensic Scan, Law and Forensics patented cutting-edge cyber security incident response tools, to analyze devices in half the time of industry norms.
- Analyzed complex logs provided from hundreds of endpoints.
- Remediated the infected devices on time and under budget.

Insurance Services

Industry/Sector: Insurance

Type of Service: Incident Response to a Data Breach

Description: Hired by a national insurance brokerage firm to create an incident response plan to manage a cybersecurity incident. Efforts included:

- Created an incident response plan that allowed senior IT, audit, legal, and information security stakeholders to recognize and deal with a cybersecurity incident like a data breach or cyber attack.
- Worked with the information security team to assign certain employees to be available 24/7 to deal with incidences.
- Ensured that the information security team was trained on how to regularly train the staff with incident response responsibilities.
- Worked with the IT and information security organization to set up alerts from intrusion-detection, intrusion-prevention, and file-integrity monitoring systems.
- Developed and implemented a process to update and manage the incident response plan per industry and organizational changes.

Education

Industry/Sector: Education

Type of Service: Incident Response to a Cyber Incident

Description: Hired by lawyers at a large secondary institution to investigate and respond to cyber incidents. Efforts included:

- Forensically imaged and analyzed dozens of Macintosh computers.
- Identified data that had been exfiltrated.
- Assisted with restoring the computing environment.
- Drafted a report that our client used to compel a favorable outcome with the insurance carrier.

100’s of Incidents

responded to

50.3k Computers

analyzed

50+ Years

of collective experience and expertise

50.3k Mailboxes

examined by L&F

3.3k Social Media Accounts

analyzed

453 Expert Reports

written

Cyber Security Incident Response Practice Edge

Cyber Insurance for Law Firms: Understanding the Cyber Risk Policy and Key Considerations for Law Firm Policy Holders

Capabilities

Unique combination of skills, expertise, and experience working with organizations and various incident response tools to assist companies in responding to an incident. Our team has access to Forensic ScanTM, an exclusive, patented hardware and software incident response tool, that allows our team to identify threats and attacks anywhere between 3 to 10 times faster than our competitors. (link to Forensic Scan). We collaborate with our clients and share our controls, protocols, and SOPs, and offer guidance and training to ensure that our clients can readily maintain and support the solutions delivered.

Annual Review of Regulations of Bitcoin and Blockchain in the United States and Abroad

Competitive fees

Our fees structure is competitive, we offer clients success based, hourly and/or fixed fee arrangements while ensuring that each engagement is spearheaded by a knowledgeable and experienced senior team member of our team.

Expertise

Battle tested incident response team that has worked all over the globe offering immediate response to cyber incidents and data breaches ranging from the mundane to sophisticated attacks involving State actors. Efforts have included responding to cybersecurity and data breach incidents involve a single device to hundreds of devices and machines, liaising with law enforcement both in the United States and abroad during and post incident, augmenting companies existing cybersecurity systems and controls to mitigate future incidents, identifying sources of threats, using Forensic Scan proprietary patented hardware and software that allows our team to respond 30 to 50% faster than other incident response teams, and providing reports as needed to respond to regulatory, client, or insurance concern.

Review of Alternative Dispute Resolution Case Law in 2018

Quality Control

We deliver prompt solutions and thoughtful recommendations that rigorously meet or exceed industry best practices and meet the needs of our clients.