Discreet, collaborative and thorough post-breach investigations
When a cyber attack results in a breach of cardholder data, the importance of your incident response can not be overstated. The speed and effectiveness of your actions will dictate how successfully you limit the damage, how much data is exposed and how quickly you can regain control of the situation.
If you are hit by a breach, you may be subject to a mandatory digital Forensic Investigation that has to be conducted by a qualified Payment Card Industry (PCI) Forensic Investigator (PFI).
Dionach, as a PFI, will assist with a rigorous and transparent review of the technical, physical or human vulnerabilities that led to the breach.
What we do
Dionach’s qualified PCI Forensic Investigators will work quickly, discreetly and collaboratively to help you restore a secure environment and support your investigation of what caused the data breach.
Using the latest digital forensic techniques we analyse your systems and processes to collect evidence as required.
- Clearly define objectives of engagement
- Obtain permission to access assets
- Assemble appropriate PFI team for engagement
- Agree client communication process
- Determine client knowledge of incident, and any actions already taken
- Identify evidence sources pertinent to the engagement
- Obtain evidence from assets within scope of engagement
- Analyse obtained data
- Ensure detailed record keeping
- Determine immediate actions to limit spread and prevent escalation
- Identify critical findings to client immediately
- Identify remediation steps to resolve incident and prevent recurrence
- Recommend, implement, or improve detection and prevention processes
- Validate resolution of incident
- Issue a preliminary incident response report to all relevant parties within 5 days
- Issue final PFI report to all relevant parties
- Provide post-incident meeting and follow-up support, if required
7. Retention or disposal of assets
- Return, retain or dispose of client assets as agreed during initial scoping, or required for legislative compliance
- Retain all evidence for 1 year unless otherwise required by applicable law
WHY CHOOSE DIONACH?
Dionach is one of just 22 companies worldwide to hold the status of PCI forensic investigator.
Our consultants are experts in payment card data breach investigations and can support organisations of all sizes.
We are vendor independent so you can be confident of the very best technical solution and unbiased remediation strategies.