Our Cyber Security Practice is pleased to be offering Breach Incident Response Services to our clients. We provide solutions and cost-effective methods tailored to meet the time-sensitive issues of clients impacted by a data breach or critical security incident.
For more information about our Breach Incident Response Services, please click here.
Alan Gray maintains a 24/7 Incident Response Team, ready to deploy on a moment’s notice. Once contacted, we mobilize a project-specific incident response team and work directly with our clients to identify the extent of the threat, execute an immediate containment strategy, and begin the investigation into the affected systems.
Our deployment strategy includes:
• Initial Incident Response Call to establish lines of communication and to determine the Scope of the Incident
• Use of remote technology to identify malicious breach activity and impacted systems and data
• Implementation of immediate measures to mitigate active attacks
• Mobilization of an on-site team to begin the investigative process
Our team conducts a comprehensive investigation into the breach to identify the extent of the breach, the systems and data stolen or at risk, and to collect evidence to be used for reporting and litigation as necessary.
Our investigations include:
• Method of Attack and Access to the system (external or internal threats)
• Network Traffic Analysis
• System Log Analysis
• Malware Analysis
• Impacted systems, user accounts, and applications
• Exposure of sensitive data
At Alan Gray, we understand the implications of exposure of sensitive information (PII or PHI) and implement robust tools and analytics to accurately quantify and document the extent of the breach or to prove that a breach did not occur or was limited in exposure.
Depending on the nature of the breach, Alan Gray assists with notice requirements, notice messaging, and communications with employees, corporate executives, and board members.
Based on the nature of the breach, corporate policies, and system configurations, Alan Gray prepares and assists our clients with the implementation of a remediation plan tailored to the particular client, system vulnerabilities and breach incident(s).
At the conclusion of our investigation, Alan Gray prepares an investigative report and remediation report. The investigative report provides evidence needed to respond to regulators, corporate entities, customers, and potentially injured parties in litigation.
Our reports include:
• Attack Timeline and systems affected
• Nature of attack (Malware, SQL Injection, unauthorized access, etc.)
• Affected computers, user accounts, and applications
• Extent of exposure of sensitive information or proof of limited or no exposure