Incident Response to Cyber Attacks

COMMON CYBER ATTACKS

DATA BREACH

Many attacks on business networks are motivated by a desire to access and steal one of today’s most valuable commodities – information. 

This involves theft of confidential business data, intellectual property, financial information, personal information belonging to your customers or clients and any data that can be used to acquire money or sold to the highest bidder.

RANSOMWARE

The majority of cyber attacks occurring today are ransomware attacks. The attacker gains access to your IT network and then encrypts your entire network and backup, if possible.

A ransom is then demanded, to be paid in untraceable cryptocurrency. If you pay the ransom, the attacker provides you with a key to decrypt your data. These attacks shut down entire businesses and are incredibly costly. Many businesses fail altogether following a ransomware attack.

EMAIL FRAUD

Business email compromise is a form of fraud in which compromised email accounts are monitored by cyber criminals in an attempt to seize upon an opportunity to redirect funds coming in or going out.

There are many facets to this type of attack that makes it extremely effect. Construction companies, manufacturers, retail providers, lawyers and insurance companies are common victims.

24/7 Cyber Attack Response Line

Contact DFI Foreniscs if you are experiencing a cyber attack anywhere in the United States or Canada. Our team of specialists is waiting to respond to you.

Incident Response Planning

Why are we losing the fight against cybercrime?

Because failing to NOT make our businesses EASY TARGETS is making it easy for cybercriminals to target us.

We need to address this issue head on from the top of an organization to the bottom and accept the help of external professionals and specialists, as needed, such as:

cyber security professionals;

monitoring and detection providers;

lawyers;

communication specialists; and

digital forensics teams.

As cybercrime continues to become the greatest threat and risk to businesses ever, most leaders, executives and business owners are sure how to contend with it.

Cybercrime, like all business risks, must be managed appropriately and doing so requires a team of specialists to help your organization plan and prepare for the worst case scenario.  An ounce of prevention and planning is worth its weight in gold.  

What is an Incident Response Plan?

An Incident Response Plan is a formal document that is prepared for your business and sets out procedures to follow in response to a suspected or actual cyber attack. 

It is a “play book” that is followed during one of the most confusing, stressful and difficult experience that any management, executive or ownership team will ever experience while trying to run a business.

While IT systems and networks can and should be built and implemented securely, industry professionals know that “cyber security” is NOT AN IT PROBLEM

Statistics tell us that cyber attacks are incredibly costly and damaging.  In fact, more than half of businesses hit with a cyber attack go out of business altogether.  Fortunately, those that have a formal incident response plan and practice using it lower their risk of experiencing an attack and significantly reduce the impact and costs associated with one on their business.

True cyber security and incident response planning requires an entire business to shift their mindset and focus on the greatest threat to businesses today:

  • DATA BREACHES
  • RANSOMWARE
  • BUSINESS EMAIL COMPROMISE
  • DDoS ATTACKS
  • STATE-SPONSORED ATTACK

CHOOSE THE PLAN THAT'S RIGHT FOR YOU

Incident Response Plan

Custom Built IRP For Business With 10 or Less Employees
$828
$ 588 Year
  • Pre-arranged and signed agreements, retainer, engagement, NDA and confidentiality.
  • Custom built IRP delivered to client in PDF format (client responsible for physical/offline copy).
  • Visually represented map of IT network components and layout kept on file (updated annually) for speedy and efficient response.
  • Access to priority 24/7 emergency response number.
  • No call-out fee if response required (value of $750).
  • Preferred incident response rates of $125/hr vs. regular rate of $250/hr.
  • Preferred post-incident investigation rates of $125/hr vs. regular rate of $250/hr.
  • No-charge for first 8 hours of time, if response required (per year - no roll-over/accumulation of credits).
  • Exclusive monthly security and threat awareness bulletin.

Incident Response Plan

Custom Built IRP For Business With 11 to 50 Employees
$1788
$ 1188 Year
  • Pre-arranged and signed agreements, retainer, engagement, NDA and confidentiality.
  • Custom built IRP delivered to client in physical/bound form and electronic PDF format.
  • Visually represented map of IT network components and layout kept on file (updated bi-annually) for speedy and efficient response.
  • Access to priority 24/7 emergency response number.
  • No call-out fee if response required (value of $750).
  • Preferred incident response rates of $175/hr vs. regular rate of $250/hr.
  • Preferred post-incident investigation rates of $175/hr vs. regular rate of $250/hr.
  • No-charge for first $1,500, if response required (per year - no roll-over/accumulation of credits).
  • Exclusive monthly security and threat awareness bulletin.

Incident Response Plan

Custom Built IRP For Business With 51 to 250 Employees
$2988
$ 2250 Year
  • Pre-arranged and signed agreements, retainer, engagement, NDA and confidentiality.
  • Custom built IRP delivered to client in physical/bound form and electronic PDF format.
  • Visually represented map of IT network components and layout kept on file (updated bi-annually) for speedy and efficient response.
  • Access to priority 24/7 emergency response number.
  • No call-out fee if response required (value of $750).
  • Preferred incident response rates of $175/hr vs. regular rate of $250/hr.
  • Preferred post-incident investigation rates of $175/hr vs. regular rate of $250/hr.
  • No-charge for first $2,500, if response required (per year - no roll-over/accumulation of credits).
  • Exclusive monthly security and threat awareness bulletin.

POST-INCIDENT INVESTIGATION

Cyber attacks are more prevalent now than ever.  You may be attacked more than once and you must always be vigilant in managing the risk to your business.

Additionally, your business may be under a legal obligation to report these incidents to the Government or your clients.

Since your legal obligations following a cyber attack depend on the unique facts of your situation, you need to find out what happened.

Knowing all the facts following an attack will give you a crystal clear understanding of exactly what happened, allow you to get legal advice from a well qualified privacy lawyer and give you an opportunity to reevaluate your cyber security program to make any necessary changes to minimize future attacks.

MANDATORY REPORTING OBLIGATIONS

Canadian businesses are now under various Federal and Provincial obligations to report cyber attacks to the Government or their clients, depending on the nature of the attack and the information accessed by the hacker.

Would you want to call your clients to report a data breach?  

Most businesses would prefer to deal with the aftermath of a cyber attack internally rather than involving Government regulatory bodies or telling their clients that they failed to adequately safeguard important and private data.  

The damage to your reputation could be enormous.

Conducting a thorough post incident investigation allows you to determine the facts surrounding the cyber attack which allows you to learn your exact obligations to report the incident.