Cyber PROTECTIon

Cyber Strategy and Implementation Incident Response Forensic Investigations CISO Interim Management Training

Cyber Crime is an Ever Increasing Threat

Cyber crime is an international issue that crosses country borders. In todays connected world, cyber attacks are inevitable carried out with increasing sophistication and scale by criminal gangs, hacktivists, terrorist organisations and rogue states. Alvarez & Marsal has cyber protection professionals working on security initiatives worldwide. Taking a strategic approach, while developing a holistic security programme, it also offers an effective incident response service to help rationalise spend to protect the brand. Businesses lose millions due to cyber attacks on their websites and networks, and employees are often targeted using information gained from social media. Some companies estimate they have lost more than 100 million as a result of a major incident. Businesses need to prepare to respond to this risk to protect brand and reputation, and avoid legal compliance issues and fines. While everyone is at risk, high-profile individuals such as politicians, celebrities and business leaders are increasingly being targeted. All individuals should be aware of the risks and manage their digital lifestyles carefully. An End-to-End Service from Requirements to Implementation Incident Response Forensic Investigations CISO Interim Management

Cyber Strategy Development Process

Gap Analysis Risk Assessment Programme Development

Implementation of Change Programme

Policy Process Monitoring Tools Training

Cyber risk should be a Board-level priority. There is an increasing risk of disruption to businesses from distributed denial of service (DDoS) attacks; increased risk of damage from loss of intellectual property; and data protection concerns relating to personal details of customers and employees. Regulators are becoming more aggressive in issuing fines, and the EU is proposing to introduce strict rules that include mandatory reporting of cyber breaches within short-time periods. Associated legal fees and management costs often spiral. Cyber risk cannot be solved with technology alone, as cyber criminals exploit the weakest link in the chain people. Certain business processes, employee behaviours and poor discipline in the use of technology increase the risk of a cyber attack. At the same time, IT departments are frequently ill-equipped and many lack the authority to manage cyber risk.

How We Can Help

Our experienced team routinely finds gaps in system security of which management may be unaware. We develop solutions for our clients unique situations, leveraging the skills and experience of the entire firm.

Incident Response
A&M can respond quickly to any cyber crisis; teams of Certified Information Systems Security Professionals (CISSPs) and Computer Emergency Response Teams (CERTs) are able to meet Incident Response (IR) requirements across Europe and abroad. The teams have managed the information security operations for large corporations and government institutions.

Forensic Investigations
A&M uses its deep forensic investigations experience to identify the causes of breaches or leakages. Who was involved? What was compromised? Where was the point of entry? When did the breach take place? How did it occur? Our experts gather the facts, submit Expert Reports and present evidence in Court, as necessary.

Case Studies
Our clients include FTSE 100 companies, public sector bodies, including regulators, law enforcement authorities, global and regional law firms, and their clients.

Incident Response
Following a breach of computing systems, a sovereign tax authority required assistance in creating an information security programme to protect taxpayer data. A&M developed policies, procedures and long-term recommendations for securing the sensitive information.

Chief Information Security Officer (CISO) Interim Management

A&Ms professionals can serve in interim management roles to lead security departments and initiatives. We can also help design the security organisation and recruit a team to support security needs.

Developing a Cyber Protection Strategy

Companies and individuals should plan ahead, instead of seeking assistance after a breach has occurred, to enhance security, detect risks early and successfully manage incidents. How A&M can advise senior management: Analyse current business and security strategy Identify regulatory requirements Review current vulnerabilities  Develop a comprehensive Cyber Protection Strategy sponsored by the Board Develop a programme of work

Forensic Investigations
Intellectual Property Theft A high profile global luxury goods manufacturer was hacked, and its design, manufacturing, and financial IP targeted. The thieves attempted to create counterfeit goods and bring them to market before the official launch. A&Ms investigation revealed a global system breach. As a result, a new Cyber Protection Strategy was developed, including a Security Programme, Architecture and data loss prevention perimeter and system changes. Fraud An online lottery was hacked by criminals with the intent of changing the outcome. A&M was asked to identify the source of the breach, put remediation measures in place, and also to establish appropriate process, monitoring and controls.

Implement a Programme of Changes Including:

Establish monitoring and response capability Business process changes Investment in tools Policy writing PR planning Legal advice, working in partnership with a law firm

CISO Interim Management

A multinational electronics manufacturer required the development and implementation of an information security programme to minimise the loss of its intellectual property. A&M served as interim CISO and provided a multi-year strategy involving staff, process and technology that was implemented throughout the corporation.

Cyber Training
We develop awareness and training programmes to foster a more secure culture, and mentor staff to enhance their ability to identify and respond quickly to any hostile event. We train experts from international law enforcement authorities and large accounting firms to provide forensic services and certify them on forensic tools related to cell phones, files servers and computers.

CYBER PROTECTION

Alvarez & Marsal (A&M) is a global professional services firm specialising in turnaround and interim management, performance improvement and business advisory services. A&M delivers specialist operational, consulting and industry expertise to management and investors seeking to accelerate performance, overcome challenges and maximise value across the corporate and investment lifecycles. Founded in 1983, the firm is known for its distinctive restructuring heritage, hands-on approach and relentless focus on execution and results. A&Ms Global Forensic and Dispute Services practice sets the standard for delivering results on critical matters. With an increase in the complexity of corporate investigations, regulatory enforcement actions, and high stakes litigation, that ability is more important than ever. From the boardroom to the

LEADERSHIP. PROBLEM SOLVING. VALUE CREATION.

courtroom, A&M professionals draw on their deep skills and experience in business investigations, litigation consulting, forensic technology, and expert testimony to provide clients with the solutions they seek to achieve their goals.

Follow us on:

For more information, visit www.alvarezandmarsal.com or contact forensics@alvarezandmarsal.com

2013 Alvarez & Marsal Holdings, LLC. All rights reserved.

www.alvarezandmarsal.com