Cyber Breach Investigations and Digital Forensic Services FAQs
An Incident Response Company aims to assist with containment of a cyber breach as well as undertake the forensic investigation in an effort to determine the immediate extent of a ‘hack’. This includes assessing whether there was a loss of confidential data to an unauthorised individual (exfiltration) or whether the compromise affected critical infrastructure or web applications. The incident response team can also help with assessing the impact and consequence of the breach to calculate the financial, reputation or business loss involved.
To contain a data breach, you need to follow an industry set of steps and procedures relevant to the infrastructure (such as Office 365) or application (web based or cloud) that was subject to the breach and ensure access is restricted and closed from unauthorised or outgoing gateways. This usually involves setting up a network perimeter, implementing immediate password changes, introducing multi-factor authentication for all privileged users and assess the state of back ups that are available to ensure they are not compromised.
The costs of a data breach investigation will vary from organisation to organisation, and is heavily dependent on the amount of resources required to conduct the forensic analysis. The average cost of a data breach investigation in Australia might range from between 1 day to 20 days of consulting.
We do provide templates, checklists and sample policies and procedures for download, including sample incident response plans. You just need to contact us.
Gridware’s cyber forensic team can begin work on a breach with 15-30 minutes of being notified. Our capabilities runs across our Sydney, Melbourne, Brisbane offices as well as other capital cities, Gridware’s cyber forensic team can issue an immediate assessment and action plan to contain a breach in under 6 hours. For greater Australia, we have a minimum service level agreement (SLA) target response of 24 hour.