1576 Sweet Home Rd, Buffalo, NY 14228

Incident Response

Incident Response and Crisis Management

GlobalSecurityIQ Incident Response services neutralize the threat, manage the crisis, minimize the impact on your business, and help you recover as quickly as possible. GlobalSecurityIQ offers a full suite of Incident Response services around preparation, detection, analysis, containment, eradication, recovery, and brand preservation.

Disaster Recovery Planning (DRP)

Companies need to be prepared to handle data breaches before they happen in order to minimize recovery time and impact to the business. Both Incident Response and DRP services can include policy creation, tabletop training exercises, and after-action studies.

Fractional CISO (CISOaaS)

Managing an Information Technology (IT) environment is a complex and time-consuming task. In order to keep your network running smoothly and as expected, IT staff and third-party IT providers are often unable to dedicate significant time or resources to cybersecurity.  It is stressful enough running an IT infrastructure, let alone having a deep knowledge in preventing ever-changing sophisticated cyber threats.

Hiring a full-time qualified Chief Information Security Officer (CISO) is extraordinarily costly; GlobalSecurityIQ can fill this gap in cybersecurity expertise in an affordable way with our Fractional CISO service (commonly known as CISO as a Service). As your Fractional CISO, GlobalSecurityIQ will manage your overall cybersecurity posture, oversee the implementation of cybersecurity risk mitigation recommendations found in the risk assessment, vulnerability scan, penetration test, or any other cybersecurity assessment performed, and provide monthly services (such as a risk assessment or employee training).

Ransomware Attacks

Ransomware attacks are extremely common. Hackers will take control of your sensitive data and hold it hostage until you pay the ransom. GlobalSecurityIQ offers the following services: 

  • Ransomware Protection
  • Ransomware Negotiation
  • Ransomware Removal
  • Ransomware Decryption

Cyber Intel and Threat Monitoring

Stay ahead of emerging threats with proactive defense solutions from GlobalSecurityIQ. No system can be completely secure but understanding the threat landscape and proper utilization of cyber threat intelligence can help safeguard your IT environment.

Extend your internal security posture with 24/7 monitoring. We partner with global leaders and innovators in cybersecurity to offer our clients customized Unified Threat Management (UTM) solutions. Our critical UTM services include ongoing vulnerability monitoring, endpoint coverage, advanced threat detection, security information and event management (SIEM) and log management, asset discovery, and data loss prevention.

Tabletop Drill/Exercise

Tabletop exercises are cybersecurity incident response drills that use realistic scenarios to prepare your team to respond to cybersecurity incidents quickly and efficiently. In the event of an incident, familiarity and comfort with incident response procedures could be the difference that constrains the effects of an attack.

GlobalSecurityIQ performs Department of Homeland Security Exercise and Evaluation Program (HSEEP) compliant tabletop exercises and features former FBI Agents and other law enforcement officials as key facilitators.

Business Email Compromise

Business Email Compromise (BEC), also known as Email Account Compromise (EAC) is a type of attack where malicious actors impersonate your C-Suite or other decision makers to execute a financial fraud scheme.

Instances of BEC attacks have increased substantially and in 2019, of the $3.5 billion of losses related to cyber-crime cases received by the FBI, an estimated $1.77 billion came from reports of BEC. The average loss for a victim of BEC is $75,000 per incident.  Having proven to be a lucrative attack strategy, malicious actors are increasingly motivated to continue executing BEC attacks.

How can we protect ourselves?

Contact us for an assessment!  GlobalSecurityIQ will partner with your organization to expand your employees’ ability to identify and handle a BEC email, harden your financial processes, and ensure verification mechanisms are in place and working properly.

We’ve suffered a Business Email Compromise, what should we do?

Immediately contact us for incident response and forensic services.  GlobalSecurityIQ will work with you to attempt to identify the malicious actors, recover your loss, and ensure no other losses or vulnerabilities exist (such as leaked data or a backdoor placed in your environment).  We will review how the compromise happened and work with you to implement sufficient controls to prevent a compromise in the future.

Identity Theft Protection

Cybersecurity incidents resulting in the leak of customer or employee data are all too common.  Unfortunately, these incidents often include personally identifiable (PII) or other sensitive information being accessed by malicious actors that could be used to commit identity theft.  Through our trusted network of partners, GlobalSecurityIQ offers comprehensive identity theft protection services to ensure your company and customers are safe from fraudulent attacks.

Automated Collection Services

For cyber incidents, GlobalSecurityIQ delivers forensically sound collection of artifacts from Windows laptops, desktop computers, and servers. This is achieved with our propriety GlobalSecurityIQ Incident Response Tool. Collected artifacts include, but are not limited, to the following:

•  All Windows Event Logs
•  Active Connections
•  Active Process List
•  Startup Objects
•  Listening Ports
•  Group Policy Objects

The SHA-256 algorithm is used to record the hash (unique identifier) of each artifact collected, ensuring that none of the artifacts collected have been tampered with and that each artifact is forensically sound and legally defensible.

Collection Time

Our tool, designed with efficiency in mind, greatly reduces the amount of time required to collect forensic artifacts that are necessary in the investigation of any cyber incident. Not only does the tool provide increased efficiency, it is substantially automated removing the possibility of user error or tampering.