24x7 Incident Response

Kroll Cyber Risk experts respond to over 3,000 security events every year. We manage incidents of all types, complexity and severity for organizations across diverse industries. You can count on Kroll’s unique frontline experience not only in a crisis, but also for proactive planning and mitigation strategies. We are among the top service providers preferred by major cyber insurance companies and offer client-friendly incident response retainers for peace of mind.

Fast and Efficient Deployment via Onsite and Remote Incident Response Capabilities

Whether your incident is the result of a malicious hacker or accidental exposure by an employee, Kroll can help now. Our global network of certified security and digital forensic experts can deploy remote solutions quickly and/or be onsite within hours to help you contain the situation and determine next steps.

Our incident response investigations follow the Kroll Intrusion Lifecycle, a step-by-step guide to the attack patterns our experts have observed through thousands of investigations each year.

Kroll is a leading provider of end-to-end cybersecurity, digital forensics and breach response services, and will help you make informed decisions at every stage, from proactive preparation to consumer notification and remediation. Our goal, working alongside your counsel and insurance carrier, is to smoothly guide you to recovery — one that leaves you standing in the best defensible position, reputation intact, and where business can proceed with minimal disruption.

Kroll Intrusion Lifecycle

Kroll Offers a Continuum of Services for the Multifaceted Nature of Incident Response

• Incident Response Planning: Enhance your organization’s ability to respond to cyberattacks with Kroll’s wide range of assessments, tabletop exercises and intelligence.
• Intelligent Endpoint Detection and Response: Employing a powerful combination of technology and people, this sophisticated solution enables you to detect and respond swiftly to credible threats.
• Cyber Threat Intelligence: Our team aligns Kroll’s technical threat intelligence, analytical research and investigative expertise to improve visibility and effectively hunt and respond to threats.
• Data Collection and Preservation: In the event of an investigation or litigation, Kroll offers cost-effective solutions to identify, isolate and preserve electronic data using forensically sound methodologies.
• Data Recovery and Forensic Analysis: Kroll’s investigators are among the most knowledgeable subject matter experts practicing today; whether data was intentionally deleted or manipulated, they are able to analyze the clues left behind to quickly and defensively uncover critical information.
  • For example, see Managing Director Devon Ackerman’s presentation on analyzing business email compromise (BEC) and insider threat cases, based on two years’ worth of collection of forensics and incident response data in Microsoft’s Office 365 and Azure environments.

• Malware and Advanced Persistent Threat Analysis and Remediation: Kroll’s forensic experts analyze malware to determine how it works and identify the scope of impact on your systems.
• PHI and PII Identification: By providing you with a master notification list that clearly identifies the types of PHI or PII involved, we can help you avoid costly over-notification while still delivering targeted messages and remediation services to those affected.
• Data Breach Notification Services: Protect your brand and reestablish trust with the individuals impacted by a data loss by matching the response to the harm caused by a breach.
• Incident Remediation and Recovery Services: Expedite system recovery and minimize business disruption, with services including device and server reimaging, active directory rebuilding, network segmentation, hardware upgrades or replacements, patch management and network hardening.
• Strategic Communications: Deftly navigate a host of risk and reputational landmines caused by a cyber crisis with a full suite of strategic communications support for incident response, preparedness and training. 
• Malware Analysis and Reverse Engineering: Further understand any code-related event through our in-depth technical analysis of benign and malicious code.

Kroll in Action

Containment and Remediation of Cyberattack That Compromised Personally Identifying Information (PII)

Client: Major Company in U.S. Transportation Industry

Client Problem

The client contacted Kroll late on a Friday afternoon that it had suffered a cyberattack. The organization, which served a large national and international clientele, needed to contain and remediate the incident. It also would need to notify persons whose PII had been compromised and report the incident to regulators. 

Fortify Your Response Capabilities

Threats are growing in volume and sophistication and come from multiple directions. Leverage the frontline experience of our incident response and digital forensics team for multifaceted and confident response anywhere, anytime.