Case Studies

Below are some recent stories about how we’ve helped our clients solve complex forensic and cyber security challenges.

Computer Forensics – Theft of Intellectual Property

We were contacted under urgency by an organisation that was concerned a senior employee had stolen key documents containing intellectual property and joined a competitor.

We firstly copied a number of devices including Apple laptops and Microsoft Windows desktops, along with network and cloud data.

We determined that data had been intentionally deleted. Using advanced forensic tools and procedures, we located sufficient evidence to support the client in their legal action against the ex-employee and other key parties.

Forensic Examination of Mobile Devices

Our client was undertaking an employment investigation. They required forensic expertise to copy and examine data on mobile devices.

On receipt of the devices, we determined that additional security measures had been activated by the clients IT providers which prevented full access to the data. With the assistance of the IT providers, we worked around the security measures and then obtained the forensic images.

Using advanced forensic software, we processed the forensic images to locate artifacts relevant to the investigation.

The outputs were provided in a format where our client could conduct further searching and filtering of the dataset, in a legally admissible manner.

Cyber-attack Incident Response

Our client became aware of a potential data breach within its IT environment. We immediately assisted by:

  • providing Incident Response services
  • reviewing user account configurations
  • forensically collecting electronic evidence
  • examining the electronic evidence to determine the cause and impact of the breach
  • introducing specialists to the client including legal, security, public relations and technology experts
  • liaising with the cyber insurance providers

Cyber Incident Response Simulation

Our client recently published a new Incident Response Plan. They wanted to test and simulate the plan by conducting a tabletop exercise to ensure it was sufficiently robust.

We firstly reviewed the plan and provided our initial feedback, which would be incorporated back into the plan at the completion of the tabletop exercise.

We then worked with various stakeholders across the business to firstly train them on the workings of a cyber simulation. Using specialist tools, we then drafted documents and other materials to be used during the cyber incident simulation in order to make it realistic.

Following a series of meetings over several months, we then facilitated the cyber simulation. On completion, we provided a performance improvement plan for their review and implementation.

Electronic Document Review Support

In this matter, we assisted our client and their agents in the collection, processing and review of electronic documents in relation to an investigation it was undertaking.

The document review resulted in the collection of around 10 Terrabytes of data. Using targeted filtering and advanced document review techniques, we filtered out around 90% of the data. We then facilitated the review of these documents using advanced electronic document review platforms.

Insolvency Appointment

Our client was appointed to an insolvent business. We assisted in the identification of at risk data and then immediately proceeded to copy the documents required by the receiver.

As much of the data was located in the cloud, and no offsite backups were available, we expedited the download of data and secured it for inspection at a later time if required by the receiver.

We then facilitated the secure destruction of confidential information from the devices in order to prepare them for sale.

Cyber Security Function

Following the resignation of a security manager, we assisted a Chief Information Officer interview candidates for the role provide providing cyber security expertise.