Incident Analysis & Cyber Investigation

When sensitive information is compromised, you must have an accurate diagnosis of the incident before you can develop an effective—and cost-efficient—recovery plan.

Once evidence has been preserved and collected, Kroll leverages our incident response expertise and threat intelligence capabilities to quickly identify and respond to vulnerabilities or attacks on your organization.

Get clear answers to your critical questions

With Kroll, you’ll have quick and definitive insight into the root-cause of the incident, as well as the extent to which your data was actually compromised. Our incident response team examines both physical and digital evidence to uncover important information about your data security incident, including:

• When did the security breach occur? Is it still happening?
• Where did it originate—internally or externally?
• How and why did the incident occur? For example, did a malicious intruder use malware to steal your data for financial gain, or did an employee accidentally disclose sensitive information via email?
• What was compromised—intellectual property, personal data, network operations, etc.?
• If personal information was exposed, who should receive a data breach notification?

Our computer forensic experts can determine whether digital evidence was erased or modified, uncover data history, recover data, recreate events and exchanges, search for keywords and dates, and authenticate data files. We combine computer forensic expertise with traditional investigative techniques, such as interviews and surveillance, to retrace the behavior of people who had access to protected information and identify security vulnerabilities, whether they exist in your network infrastructure or policies and procedures.

We’ll work closely with general counsel, senior executives, audit committees, or outside counsel at each stage to assure your objectives are met. If requested, we can assemble a case file for referral to a regulator or law enforcement agency.

Trusted intelligence. Scalable solutions.

Only Kroll has the breadth of resources to provide a full range of investigative solutions—from forensic data analysis to fraud and internal investigations—to best suit your incident needs and organizational goals. With Kroll, you’ll have access to a multidisciplinary team of experts who are among the industry’s top practitioners and have a proven track record of successfully defending expert findings. Adhering to industry best practices and forensic protocols, we’ll establish a clear picture of what did—or did not—happen, providing a sound basis for further business decisions related to the incident.