The ever-increasing frequency of the many varieties of cybercrime and data theft demands a new level of vigilance for companies that wish to protect their critical digital assets. Cyber intrusions are becoming more regular, more sophisticated, and more precarious. Our multi-disciplinary team includes experienced cyber security investigators, former federal and state prosecutors with deep cybercrime-related experience, former members of the Federal Bureau of Investigation, forensic accountants, and data intelligence analysts. Exiger harnesses the collective experience and expertise of this group to help clients combat and prevent a multitude of cyber risks, including attacks on computer systems, business email compromise schemes, mail spam and phishing, cyber-bullying, the use of stolen credit cards, and other types of online scams and fraud.
Our experts anticipate threats, close gaps in vulnerability, and repel and investigate sophisticated attacks.
Exiger’s team strictly adheres to industry standards and judicially recognized tools and procedures to capture and preserve data for further examination. We implement a chain-of-custody protocol to ensure that the data will be admissible in legal proceedings. Our team’s experienced cyber forensic professionals have collected data from disparate sources in a wide range of matters, with data sizes varying from a single thumb drive through scores of hard drives and servers.
Once the data is captured, our team of skilled investigators, forensic accountants, lawyers, and project managers will come together to provide our clients with a number of different services, including:
- Performing look back reviews of the existing fraudulent activity and leveraging powerful data analytics to identify commonalities and risk areas;
- Determining the identity of cyber intruders or other bad actors;
- Developing recommendations for targeted fraud controls; and
- Implementing sustainable and scalable solutions to combat fraud in the future.
Exiger’s team can also assist clients by performing audits, risk assessments and testing to identify areas of concern that require updating or implementation. They will come together to protect the integrity of a company’s information assets at every level of the data lifecycle. Our experts have experience anticipating likely threats, closing gaps in vulnerability, and repelling sophisticated attacks.
We perform a wide range of network assessments, including:
- Vulnerability Assessments: These assessments involve detailed testing and analysis of the client’s network and the systems on that network. The goal of the testing and analysis is to identify weak spots and vulnerabilities that require updating or implementation.
- Penetration Testing: Exiger’s team conducts both internal and external penetrations testing. External testing focuses on attacks “from the outside” by testing a network’s Internet-facing assets. Internal testing focuses upon testing the overall security posture from within an organization’s network. Both are important to ensure a network’s security. While threats to networks and data are often perceived to originate from outside of an organization’s network, studies have demonstrated that such threats are just as likely to come from the inside.
- Application Security Testing: These tests focus on the security of computer programs running on a client’s network. The goal of the testing is to evaluate whether or not the controls put in place to limit users’ access to data are effective and proper, and to ensure that the applications have been secured against external threats. Application security was once an afterthought in the application development process. However, as applications become more and more accessible over internal and external networks, protection from vulnerabilities has become increasingly important.
- Policy and Procedure Review: A strong, well-written network security and incident response policy is paramount to ensuring the security of a network. Exiger can assist by reviewing existing policies and procedures and suggesting corrections or additions, or by writing a new set of policies. Additionally, policies and procedures can be reviewed or analyzed by interviewing employees and effectively testing their knowledge of and compliance with the existing policies.