Cyber Services

Cyber Services

The GDFM Cyber Services provide a comprehensive offering. Some of these areas will, by their nature, feature within the Cyber Maturity Assessment but additional services are also offered. This enables clients to request a bespoke package to address their specific requirements.

The development of a Cyber Response Plan is critical to enable effective incident management and the associated technical response. The GDFM Cyber Response Plan follows a structured methodology to assist in recovering business continuity. The process will assist in the initial triage, categorisation and allocation of incident roles. It is important to understand in advance of the incident the internal and external stakeholders who need to be considered. Closely aligned to the response plan is the recovery plan.

Following the initial response and the resolution of the incident, recovery and business continuity needs to be a priority. Once systems have been returned to a normal operating state, other administrative considerations need to be addressed. These include supplementary regulatory reporting, legal matters, media and PR issues. A post incident review is good practice to learn from the response plan and adjust the approach for future incidents. An extension of this would be to create a ‘play-book’ to guide staff through the required action in more detail for a specific incident type.

Criminal forums are quite often criminal ‘marketplaces’ where various illegal commodities are offered for sale. They can include counterfeit goods, compromised payment card credentials, drugs, firearms etc. Some of these marketplaces are openly available and some are closed environments. GDFM has access to the open and some of the closed marketplaces. This access can assist in identifying compromised intellectual property amongst other commodities. Further investigation can be undertaken to better understand the perpetrators of the activity.

There are a multitude of cryptocurrencies available for legitimate trading. Cryptocurrencies are also a currency of choice for cybercriminals. They use them as a means to secure ransom payments and to pay for items within criminal forums. They are also frequently used to pay for ‘cybercrime as a service’. It is possible to track payments through blockchain analysis in some instances. GDFM has the capability to conduct these investigations to address client requirements.

Open-Source Intelligence Investigations (OSINT) is a powerful research tool to gain publicly available information and intelligence regarding any type of entity. These techniques can be used to investigate virtually any person or company. The techniques provide free resource or a low cost of entry to a wealth of information. GDFM have successfully used these techniques to assist in profiling high-net worth individual’s exposure on the internet together with investigating unethical and illegal company activities.