Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Enabling seamless user access without compromising security is a complex challenge. Gaurav Sheth, Cynthia Yang and Sorabh Chopra are helping to change that. As part of Kroll’s recently established team dedicated to Digital Identity, their focus is on transforming fragmented administration, manual processes and siloed identity solutions into mature programs.

This article provides an overview of Kroll’s investigation of the GARUDA C2 malware. Stay tuned for our upcoming white paper which will provide a deep dive into the malware’s architecture; command and control tradecraft; observed threat actor tactics, techniques and procedures; and actionable detection and mitigation guidance.

Author: Sadi Zane.

Operational disruptions, regulatory mandates and reputational risks now make data breach notification a strategic necessity. To ensure breach notification is truly impactful, it must be seamlessly integrated into an organization’s incident response plan, for timely, compliant and coordinated communication following cybersecurity incidents.

When a leading insurance and asset management company was impacted by a third- party data breach, it needed to act quickly and decisively to notify affected customers. Kroll’s elite breach notification, monitoring and call center services enabled the company to provide tailored information and support to more than 2.5 million people in just four months, as well as delivering in-depth tracking and reporting for complete visibility and assured regulatory compliance.

Each month, our Cyber Threat Intelligence team compiles data from our engagements to determine key industry trends. We look at the initial access methods threat actors are using to gain entry into a network, types of incidents most commonly impacting organizations, which sectors are being more heavily targeted, and which threat groups are most prevalent.

Industrial organizations face a new era of risk. As operational technology (OT) environments become more connected, the challenge of securing access and maintaining visibility continues to grow. In response, Kroll, Saviynt, Nozomi Networks and CrowdStrike have joined forces to deliver a unified solution that empowers organizations to protect their critical infrastructure without disrupting operations.

Despite cybersecurity representing a strategic and even existential risk to organizations today, stakeholder transparency and a strategic vision to manage it are often lacking. Too frequently, transparency is achieved only after a significant security incident. This is a problem.

Artificial intelligence (AI) adoption is fast becoming a strategic necessity for modern businesses. With adoption continuing at pace, a carefully considered strategy is essential for gaining or maintaining a competitive advantage, managing downside risk and addressing the continued regulatory, legal, ethical and operational complexities presented by AI.

A leading insurance and asset management company was hit by a large-scale data breach, impacting more than four million customer and employee records and resulting in widespread media attention. Through an accelerated response with emergency call center support, a dedicated support website and expedited notice mailing, Kroll’s Breach Notification services ensured the business was able to take quick and decisive action following this globally significant security event.