Digital Forensics & Incident Response

Kroll’s elite cybersecurity leaders respond to more than 3,000 cyber incidents ever year. Our team has the resources and expertise to support clients through the entire incident lifecycle to ensure they can have peace of mind in a time of crisis.

Explore Cyber Risk

Case Study – Insider Threat Investigation

Watch Michael Quinn, a managing director in our practice, recount an insider threat investigation his team conducted.

Case Study – Insider Threat Investigation

Kroll’s client – a global software company based in Europe – received an email from anonymous source claiming it had access to sensitive data, including personally identifiable information, confidential financial records, and IP source code for a subsidiary. The sender demanded a ransom of one million euros in bitcoin and gave the client two weeks to pay before the data would be leaked.

Kroll’s team of forensic investigators determined that someone inside the company was source of the infiltration. We identified the individual responsible and gathered essential information to assist with a prosecution.

For more details, read the full case study.

Trial-Tested Litigation Support

Our litigation support team coordinates with our incident responders to optimise the investigation process and facilitate both remote and onsite data collection to deliver potentially case-changing insights.

Unique Threat Intelligence Expertise

Experts on Kroll’s incident response team have worked at some of the world’s top intelligence agencies – including the Hong Kong Police Force (HKPF), FBI, DOJ, Europol, and GCHQ – and hold more than 100 different industry certifications.

Client-Friendly Incident Response Retainers

Kroll offers incident response retainers designed to provide both peace of mind and maximum flexibility. Our retainers give clients access to our elite digital forensics and incident response capabilities as well as a range of proactive services to ensure they get tangible value.

Cyber Insurance Preferred Partner

Kroll has a dedicated team to help clients navigate any relevant insurance and legal channels. We also have extensive relationships with more than 60 leading cybersecurity insurers around the world.

Talk to a Cyber Expert

Kroll is ready to help, 24x7. Use the links on this page to explore our services further or speak to a Kroll expert today via our 24x7 cyber hotlines or our contact page.

Cyber Hotlines

Connect With Us

Frank Marano

Associate Managing Director

Cyber Risk

Secaucus

+1 2019789127 Frank Marano

Stay Ahead with Kroll

Incident Response Plan Development

Today, you learn your company is experiencing a serious cyber incident. It could be a ransomware attack, a hacked O365 email account, the theft of PII or PHI, data exposure from misconfigured network settings. What is the first step you should take?

Incident Response Plan Development

Incident Response Tabletop Exercises

Kroll’s field-proven incident response tabletop exercises provide a customised test of every aspect of an organisation’s cyber response plan.

Incident Response Tabletop Exercises

Optimised Third-Party Cyber Risk Management Programmes

Manage risk, not spreadsheets. Identify and address cyber threats in third-party relationships to ensure compliance with regulations such as NYDFS, FARS, GDPR, etc.

Optimised Third-Party Cyber Risk Management Programmes