Incident Response Managers are often lawyers with legal and privacy regulatory expertise. This is useful for incidents involving personal or non-public data, which potentially trigger regulatory and contractual obligations and can result in third party liability. Privacy lawyers can act as a legal advisor, under privilege, to determine your rights and obligations in the event of a cyber incident and help protect those rights and meet the obligations.

Forensic services are provided by digital investigators who piece together information to help a business understand the cause, scope and status of a cyber incident. They provide guidance on how to mitigate, stop or prevent further incidents. Due to their exposure to many cyber incidents they are a highly valuable addition to the incident response services.

In the event of an extortion or ransomware incident, consultants offering Extortion Services use forensic analysis techniques and software to investigate incidents, attempt to recover encrypted data and confirm that decryption keys work. Some may hold crypto-currency wallets and can assist with contacting the threat actors to bring the situation to a satisfactory conclusion.

PR Services help businesses respond to a cyber incident. They use their crisis communication expertise to help effective and appropriate communication with internal and external stakeholders. They can provide full support or can supplement existing capabilities, but they focus on messaging designed to keep a brand’s integrity and reputation unharmed.

Notification services help businesses alert individuals whose personal data is impacted by a data event in a timely and cost-effective manner. They use a notification service provider to notify large numbers of affected individuals quickly via multiple channels. Notification services will also complement other teams such as PR and legal to ensure that all messaging is appropriate for the audience, the sensitivity of the event, and that all legal and regulatory obligations are satisfied.

Credit monitoring services are services offered to individuals impacted by a cyber incident to protect them from the effects of their personal data being compromised e.g. web monitoring for their personal data or alerts if their credit scores change due to suspected fraudulent activity or identify theft.