Quick navigation

KPMG Technology Advisory

KPMG Cyber Security DETECT & RESPONSE Services

The response to and investigation of cyber attacks

Value Proposition

Problem

Are there malicious insiders in my organization, abusing their position and system access for any illegal purposes? How do I determine whether I’m subject to sophisticated attacks from criminal gangs, competitors or nation states? Is it possible to recover from Internet worms or malware that take over workstations and systems? What should we do if we don’t have the full capability to respond to a cyber-attack? How do I determine and prove the course of events of an attack? How do I prove the integrity and provenance of electronic data being used in investigative or litigation proceedings?

Solution

KPMG’s Cyber Response and Investigations teams work closely with clients to detect, contain and recover from cyber attacks; once this has been done, the teams investigate the origin of the attacks. Our digital forensic teams can provide a reliable, end-to-end digital forensic and expert witness services, from investigation strategy and planning, scoping and collection to analysis and presentation of material to court

Main Activities

Cyber-attack detection through network monitoring and sophisticated data analytics
Rapid response teams to contain, manage and recover from current cyberattacks, including rapid preservation of data for evidential purposes
Advanced digital forensics capability to gather, preserve and interpret large data sets, deleted or ephemeral data in order to prove a chain of events
Advanced digital forensics capability to gather, preserve and interpret large data sets, deleted or ephemeral data in order to prove a chain of events
Investigation into and reporting on cyberattacks for evidential or insurance purposes, and expert witness services