Forensic Services

After You Experience a Security Incident

HALOCK’s cybersecurity incident response experts are experienced with all facets of security incident response handling, detection of advanced malware, forensic examination, criminal investigations and crisis management — regardless of the event’s size or severity. Our early involvement in the crisis will help your organization navigate through the incident, minimize the impact and get you back to focusing on your organization’s purpose.

Whether you suffer a security breach, unexplained system failure, policy violations, information leaks, fraud, electronic threats, website defacement, monitoring alerts or other suspicious activity, HALOCK will assist you in stopping, analyzing and mitigating a security incident.

Security Breach Notification Consulting

When an organization has been breached, or had a significant failure of security controls, the organization must determine if notifying customers, partners, the authorities and/or the general public is required. In the event of a data breach, HALOCK can assist your organization in creating a cybersecurity incident response plan, a part of which is determining if and when notification is required.

Common scenarios that warrant some form of formal security breach notification include:

  • Personally identifiable information (PII) was lost on an unencrypted device or media.
  • PII was disposed of in such a way that makes it accessible to external parties.
  • Forensics show that data has been inappropriately extricated from your systems.
  • PII was accessible to systems that were breached despite the lack of reliable evidence of access to PII.

Modern Malware Threat Assessment

Are your systems infected? The sophistication of modern malware far exceeds the protections provided by basic firewalls and endpoint antivirus solutions. Using advanced techniques such as spear phishing, social engineering and a wide variety of other attack vectors, cybercriminals are likely to be in your systems long before they are ever detected. HALOCK utilizes industry-leading advanced malware detection technology and extensive security industry expertise to rapidly and accurately identify and report zero-day malware infections and advanced threats currently residing in your environment.

We undertake a modern malware threat assessment to help you:

  • Determine if advanced persistent threats (APTs) and malware are currently residing in your environment
  • Validate data theft concerns
  • Validate malware and APT containment
  • Validate malware eradication
  • Respond to a live incident or an outbreak in progress

Crisis Management — Beyond the Security Incident

Can you respond to a security crisis? Security incidents come in a variety of forms and have variable impacts on your organization. While the effect of some security events is minimal, others can explode into a very impactful security crisis.

A security incident becomes a crisis when one or more of the following factors are at play:

  • When lives are in imminent danger
  • When shareholder value is at risk
  • When the public image is at risk
  • When the organization’s reason for existence is threatened or greatly impacted
  • When espionage or state-sponsored targeted actions are suspected causes for the situation
  • When intellectual property or personally identifiable information (PII) may have been inappropriately extracted

HALOCK’s security incident crisis management services help organizations manage executive communication, prioritize actions and contain major security incidents quickly and with minimal impact. Our senior crisis managers will assist you in handling even the most challenging security event — giving you guidance and assurance when you need it most.

Contact Us