Incident response

Helping clients to prepare for cybersecurity incidents and respond effectively.

KordaMentha delivers proactive incident preparedness assessments, plans and testing that help clients develop and enhance their incident response programs, laying the groundwork for successful incident response and recovery. We help clients prepare for cybersecurity incidents and educate them on how to respond effectively, should a cybersecurity incident occur.

In the event of a breach, our certified and experienced incident response team is ready to deploy rapidly to protect clients and assist them to recover. Once the threat is secured and business continuity is achieved, we can conduct detailed and thorough incident response investigations, analysing the underlying facts and circumstances to ensure the breach vector cannot be further exploited. We provide our clients with an understanding of the incident’s lifecycle, detailing the initial control weaknesses that facilitated the incident through to the trail of compromised systems and data.

If required, we can provide in-depth forensic analysis to determine how and why the incident occurred or eDiscovery to identify and deliver electronic information as part of an investigation. Forensic analysis and expert reporting may assist with legal, cyber insurance, regulatory or law enforcement obligations.

How we can help you

Our certified professionals have the capability and experience to assist with incident response planning and testing, and rapid delivery of an incident response service to immediately protect and recover value at risk.

Incident preparation

KordaMentha develops proactive incident response programs that position an organisation to effectively manage a cybersecurity breach. We review existing incident response policies, plans and playbooks, and conduct interviews with relevant stakeholders. This allows us to understand the organisation’s people, processes and technology, and develop a program that prepares the organisation for cybersecurity incidents.

Contact us >

Incident response

Our rapid response immediately contains an incident, identifying the point of breach and working with clients to ensure the vulnerability is remedied. We help clients understand the incident’s lifecycle, focusing on initial control weakness that facilitated the incident through to the trail of compromised systems and data.

Contact us >

Expert Reporting, litigation support, eDiscovery and financial loss quantification

With our extensive in-court experience, we understand the risk and pain points in managing incident response investigations from data collections through to any formal reporting requirements. Our experts are often called upon to provide oral and written testimony to ensure the investigation is robust, defensible and will withstand scrutiny. If a cyber attack causes financial loss, our forensic accounting specialists can be appointed to quantify the loss resulting from the attack or network interruption.

Contact us >