Delivering Comprehensive Expertise: Cybersecurity, Data Privacy & Communications

FTI Consulting is an independent global business advisory firm dedicated to helping organisations manage change, mitigate risk, and resolve disputes: financial, legal, operational, political & regulatory, reputational, and transactional. Individually, each practice is a leader in its specific field, staffed with experts recognised for the depth of their knowledge and a track record of solving seemingly insurmountable challenges.

Cyber attacks and the incidence of data breaches are skyrocketing around the world, as are the financial implications of these incidents. According to IBM Security's Cost of a Data Breach 2021 Report, data breach costs rose to more than £3 million (US$4.24 million), the highest average total cost in the history of the report. When personal data is compromised, the stakes are even higher. Around the world, data privacy regulations are ramping in enforcement –fines under the General Data Protection Regulation rose by nearly 40% in the last year and global data protection laws have added millions to the cost of corporate compliance. Investigating these incidents are costly, complex and can be highly disruptive to a business, and communications following them can make a significant impact on the reputational damage that results.

Effective incident response is paramount in mitigating financial and reputational setbacks, avoiding legal repercussions, and restoring trust. FTI Consulting experts understand the criticality of executing an immediate, decisive and multi-disciplinary response to limit long-term damage. Our incident response capability seamlessly integrates across existing mission-critical functions and is backed by expertise in responding to all types of threats and risk factors.

Our 360° Incident Response Services include a custom application of all fundamental incident preparedness and response components. Our client-centric approach maximises efficiency and effectiveness across every phase of the incident response lifecycle: Preparation, Detection & Analysis, and Containment, Eradication & Recovery.

WHY FTI CONSULTING

We are a leading provider of independent cyber, privacy, information governance, and risk management advisory services, coupled with a team of seasoned crisis communications professionals. We work in tandem with your organisation to develop and implement processes and tools to effectively prepare for and respond to a cyber incident or investigation.

Multidisciplinary Expertise

  • Intelligence-led, expert-driven, strategic approach to cybersecurity challenges
  • Core team from intelligence agencies, law enforcement, and global private sector institutions

Globally Positioned

  • Ability to respond anywhere in the world
  • Ability to staff the largest and most complex engagements and investigations
  • Relationships with the top global intelligence agencies, regulatory authorities, and private agencies

Integrated & Comprehensive

  • No other firm in the space has a crisis communications practice
  • Integration of FTI Consulting's expertise across the platform

Incident Response Services

Whether it's ransomware, business email compromise, a trusted insider, or foreign actor, we provide complete cyber incident response solutions, including preparedness and response planning, incident response, analysis, identification, containment, eradication, mitigation, system refinements, and ancillary mission support functions.

1298392a - Copy.jpg

Preparation

Being ready for cyber threats is fundamental to the success of your incident response programme. This phase involves establishing and training an incident response team and developing appropriate tools and resources you will need for each aspect of incident response. We work with your business to select and implement controls based on the results of our risk assessments to limit the number of potential incidents your organisation may face.

Detection & Analysis

Residual risk inevitably persists after controls are implemented. Early steps to identify, detect, and analyse threats facing your networks are key to developing effective containment and eradication strategies. Once an incident is identified, we combine the resources and tools necessary to determine the scope, impact, and appropriate response. These efforts determine the source of the incident and preserve necessary forensic artifacts.

Containment, Eradication & Recovery

This phase of incident response seeks to prohibit data from leaving networks and prevent further damage. Eradication is the removal of malicious code, actor accounts, or unnecessary access, as well as repairing vulnerabilities that may be the root cause of the incident. Once the incident has been contained and eradicated, recovery can begin. Through a post-incident assessment, we detail the cost, cause, and response for the incident, along with steps that should be taken to prevent future incidents.

Privacy Requirements

A data breach involving personal data can have a range of significant adverse effects on individuals. Our privacy experts help navigate complex breach notification requirements and design defensible workflows to support notification requirements to individuals and data protection authorities.

Strategic Communications

Cybersecurity incidents require thoughtful and timely communications. Our escalation planning takes a strategic view of response and messaging for the client's incident with rapid response team deployment providing clients with crisis communications advice direct to the Executive, Crisis or Incident Teams, supported by our centralised Crisis Office support.

Data Identification & Review

Data breaches can have long-lasting effects if they are not properly remediated. We regularly conduct reviews in multiple formats and languages, and our expertise ensures important information is not overlooked, allowing for remediation, regulation compliance, and accurate document preparation.

Complex Investigations & Litigation

Our team routinely tackles global, large-scale, and complex issues, that often stem from data privacy related concerns, and demand intricate solutions. We quickly unearth key facts and data sets to enable timely and strategic decisions in investigations, leading to cuttingedge and data-driven results.

  • Litigation Support
  • Quantify Damages
  • Expert Witness Testimony
  • Evidence Collection, Handling & Preservation
  • Forensic Analysis & Complex Modeling

Crisis Communications for Cybersecurity & Data Privacy

FTI Consulting's communications experts work around the clock to help clients develop and run their crisis management response as a strategic and cross-functional capability; delivered by a dedicated team of crisis experts with communications at its core. We manage all aspects of crisis communications around your cybersecurity or data privacy incident. We help our clients communicate proactively, transparently, and truthfully about any detected incident that needs to become public, and we actively develop messaging during the crisis.

As integrated members of an organisation's core incident response team, we work together to assist our clients by:

  • Providing on the ground, around the clock crisis communications support for active breach matters
  • Developing an all-inclusive cybersecurity incident communications playbook to help the organisation communicate accurately, swiftly, and intentionally to control the narrative and mitigate business and reputational risks before and after a breach is disclosed
  • Creating thoughtful, cross-stakeholder messaging and coordination with legal teams on reviews and approvals to protect privilege
  • Coaching stakeholder-facing executives and employees on messaging delivery and navigating difficult conversations in the heat of a crisis
  • Managing all aspects of media relations and utilising our well-established relationships with cybersecurity specific reporters as well as tier one business and technology reporters
  • Leveraging our digital media tools to provide breaking news alerts on both traditional and social media channels as well as comprehensive media monitoring reports to keep leadership abreast of coverage
  • We work with external call centre providers or with your in house capabilities to provide data breach notification and response services; developing the materials and handling the escalation of issues

1298392b - Copy.jpg

Data Privacy & Notification Support Services

Conducting effective breach notifications to regulators and data subjects requires an understanding of the risk and impacts to individuals that the breach poses. The types of personal data must be analysed in accordance with global privacy laws. This can be complex and nuanced when it comes to unstructured data such as email or loose file data.

  • Rapidly identify where personal or sensitive personal data may reside across a wide array of data types and languages with FTI Consulting's proprietary search methodology with pre-built complex pattern matching
  • Automated detection of high risk/ sensitive categories to inform and prioritise notification strategy
  • Analytics powered specialised managed review and research services to scale and accelerate notification response
  • Applied machine learning to accelerate review and mapping of critical and sensitive data
  • Support and management for breach notification to data subjects
  • Engineer and deploy tailored, advanced analytics capabilities to leverage artificial intelligence, machine learning, and data mining technologies

1298392c - Copy.jpg

Complex Investigations & Litigation

Our team routinely tackles global, large-scale, and complex issues, that often stem from data privacy related concerns, and demand intricate solutions. We quickly unearth key facts and data sets to enable timely and strategic decisions in investigations, leading to cutting-edge and data- driven results.

Litigation Support

Our team supports clients facing high-stakes litigation, including class action data privacy cases, arbitration and compliance investigations, and regulatory scrutiny.

Expert Witness Testimony

Our testifying experts have decades of experience, which is needed to be effective and demonstrate confidence during testimony and in written submissions, and to verify results and findings.

Evidence Collection, Handling, & Preservation

Our team provides cyber readiness and incident response support using expert services, methodologies, and tools that help companies and their legal advisors understand technology dependent issues.

Forensic Analysis & Complex Modeling

We have proven success at uncovering the facts and getting to the bottom of complex incidents using creative approaches. Our experts have the ability to untangle and understand cybersecurity attribution to determine what exactly happened. Using extensive experience and state-of-the-art tools, our team recovers, searches, and analyses massive amounts of data at the speed demanded by litigation.

Data Breach Class Action

Data Breach Class Action We are well-suited to handle complex, class action cases that require a multidisciplinary approach to dispute resolution. Our team plays a pivotal role for clients by:

  • Conducting an initial exposure assessment
  • Quantifying damages and business valuations
  • Providing industry-savvy settlement advice, largescale case processing, sound scoring, and settlement compliance review

Uniquely Equipped to Solve Complex Problems

  • Rapid response and surge capabilities anywhere in the world within 24 hours
  • 450+ dedicated cybersecurity experts, data privacy, and incident responders
  • Independent credentials led by executives with decades of experience at the highest levels of law enforcement and intelligence agencies
  • World-class communications team can provide immediate and scalable messaging and engagement support should a communication issue arise following an investigation

Our Experience

CASE STUDY

Large Insurance Provider Suffers Ransomware Attack

FTI Consulting was engaged by one of the largest, publicly traded insurance providers in the world after experiencing an unprecedented ransomware attack that brought down numerous critical functions, including corporate email and the company website. We immediately established communications workarounds and a strategy for reaching stakeholders during the network disruption. The crossborder team developed dozens of communications materials and managed inbound inquiries aroundthe-clock from stakeholders including agents, brokers, vendors, suppliers, media, regulators, and employees. Our efforts positioned the company as transparent and forthcoming, while preserving their coveted credit rating, and helped them continue to serve clients amid a prolonged network outage.

CASE STUDY

High-Profile Software Company Has Data Compromised

FTI Consulting was engaged by a U.S.-based software company in response to a massive cyber attack impacting nearly 20,000 organisations. The company required assistance to rapidly review and identify sensitive personal information across compromised global email accounts. Following breach notification obligations to the EU data protection regulator and data subjects impacted, we analysed and identified the types and severity of personal data compromised. We implemented a robust, proprietary privacy analytics methodology to identify and prioritise the most sensitive data, which resulted in 100K+ documents reviewed in multiple languages, and 37K documents with sensitive data. Our efforts saved the client time and significant expense by eliminating manual review of 1.9 million documents (95% reduction).

CASE STUDY

International Telecommunications Provider Experiences Data Breach

FTI Consulting was retained by a major telecommunications provider, following a data breach that impacted more than 900,000 data subjects. This drew a significant regulatory attention and litigation, likely to result in a group litigation order. We began our investigation by determining specific events which led to this data breach, analysing what technical and organisational measures were in place before the incident, and if a client's third-party provider was responsible. Our expert analysis identified negligent activity by one of the client's service providers, which had the potential of a multimillion-pound difference to the client's liability. Further, our report provided sufficient detail and background to allow the ICO to close their investigation with no adverse findings.

CASE STUDY

U.S. Regional Bank Compromised Via Third Party

FTI Consulting was engaged by one of the largest, publicly traded regional banks in the U.S. in response to a supply chain attack. We developed robust scenario planning and created a comprehensive playbook for communicating to key stakeholders in preparation for the release of the bank's data by threat actors, as well as provided guidance on best practices for triaging stakeholder requests. We also assembled a team of financial and crisis communications professionals to advise on investor relations, regulatory engagement, and communications with government sponsored entities. Our efforts have positioned the client to respond to a series of likely scenarios should the incident become public and the data is leaked.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.