Digital Forensics and Incident Response

Digital Forensics services provided by RSM

Digital Forensics and Incident Response

Computer and network security have become an important part of an organisation’s management control structure. Since most organisations rely on computer systems and related application software to manage and maintain their business information, it is critical that these organisations can ensure the confidentiality, integrity and availability of their data.

When a security incident occurs, an efficient, prompt response is critical to maintaining business operations and minimising the financial impact and reputational damage. It is essential to quickly detect, contain and respond to any threat in the organisation.

While response plans may already be in place, it requires expertise to provide the technical investigative and forensic support to these incidents. Be ready to deal with any cyber security incidents with a forensic expert from the Risk Consulting Incident Response services at RSM.

KEY CONTACTS

Darren Booth
National Head of Security and Privacy Risk Services

E: [email protected]
T:+61 3 9286 8158


How can we help you?

 Locate nearest office

Digital Forensics and incident response
Have a question about workplace health and safety laws? We can assist

Whether you need an experienced team to provide digital forensics investigations or response services at short notice, or assistance in developing your internal forensic and response capabilities, we’re ready to help.

RSM brings a comprehensive team with specialists that can address the needs of our clients.

Our consultants’ expertise centres around assisting clients with time-sensitive incident responses and helping to identify root causes to resolve incidents as expeditiously as possible.

Benefits

A detailed and thorough investigation will provide an organisation with an understanding of the incident’s lifecycle, focusing on the initial control weakness that allowed the attack, through to the trail of compromised systems and data.

RSM will provide a report detailing the investigation, along with recommendations on what could be implemented from a people, process and technology perspective to prevent the incident from reoccurring.

Have a question about workplace health and safety laws? We can assist

Who needs this digital transformation?

Organisations who have become victim of a security incident and are requiring an investigation to identify the root cause of the incident and what data and systems were affected.

The size of the incidents ranges from a single compromised email account to thousands of systems compromised with a very aggressive malware. Typically, our incident response matters run from a few to several hundred compromised systems.

Our focus is on data breach investigations, cyber security and incident response, digital forensic analysis, malware analysis, collection of Electronically Stored Information (ESI), ransomware and intellectual property theft matters. We undertake digital-related investigations on all types of media, ensure compliance with accepted computer forensic protocols and report on cases related to computer crime and digital forensics.

The types of incidents we typically encounter fall into a range of categories including:

  • Malware
  • Ransomware
  • Theft of intellectual property/trade secrets
  • Social engineering attacks
  • Lost or stolen devices
  • Compromised web-based email and file storage accounts

RSM is experienced in conducting ransomware assessments.

We can provide advice on how to manage and respond to a ransomware attack, supporting organisations at all stages from detection through to post incident review. We are also able to assist with simulating a real ransomware attack, assessing the configurations of your logging, monitoring and alerting systems and testing security controls, user susceptibility and incident response procedures.
Our core incident response staff are in Melbourne. We also have other technology and security personnel who participate in cyber incident response and ransomware matters located in Sydney and Perth.

Contact a workplace assurance specialist

Overview of digital technology services

Identifying and attempting to retrieve possible evidence from computers and related systems calls for a series of careful steps. Our team uses an approach designed to:

  • Identifying and attempting to retrieve possible evidence from computers and related systems calls for a series of careful steps. Our team uses an approach designed to:
  • Discover all files on the subject system including existing normal files, deleted yet remaining files, hidden files, password-protected and encrypted files
  • Recover discovered deleted files
  • Investigate the larger enterprise environment, including firewalls, security monitoring solutions, network devices and other systems critical to understanding the events at hand
  • Investigate the larger enterprise environment, including firewalls, security monitoring solutions, network devices and other systems critical to understanding the events at hand
  • Provide expert consultation or testimony as required
  • Reveal the contents of hidden, temporary or swap files used by application programs and the operating system
  • Access protected or encrypted files when possible and legally appropriate
  • Access protected or encrypted files when possible and legally appropriate
  • Develop an overall computer system analysis process, and a listing of all possibly relevant files and discovered file data
  • "Tabletop exercises" - a cyber security incident response tabletop exercise to better evaluate the effectiveness of an organisation’s current Incident Response plan and procedures, as well as to provide recommendations to overcome potential gaps. These exercises can be provided annually to ensure that your organisation is continuously improving its cyber security posture.
RSM offers Workplace health and wellbeing culture assessments

Now is the time for Risk and Cyber Security to work closer together

29 March 2022
Having worked across all of Asia Pacific in previous roles, RSM's cybersecurity and privacy specialist Ashwin Pal has seen and experienced how things are done broadly within the region. 

Protect the future of your business with security certification

2 December 2021
Cybersecurity is a real risk and one that needs to be considered and managed effectively in order to protect the future of your business. 

Staying on top of our Cyber Hygiene

1 December 2021
One of the implications of COVID on our digital lives is that we are now more online than ever before. 

RSM and Avertro forge a partnership to secure Australian businesses

26 October 2021
RSM Australia (RSM), one of the largest mid-tier accounting firms in Australia, are joining forces with Avertro, a sovereign Australian cybersecurity startup, in an industry-leading partnership that will improve the cyber resilience of Australian businesses.

Security of Critical Infrastructure Act 2018 (SOCI Act) – A Brief Overview

14 October 2021
No one will argue that the cyber threat landscape is changing rapidly for the worse.

Webinar: Anti-Fraud Resilience The Latest Innovations

7 October 2021
Roger Darvall-Stevens, Partner and Head of Fraud and Forensic Services, presented on recent significant changes to fraud and corruption control which could make a significant positive impact to your business to help reduce the cost of fraud and corruption and have a more robust fraud and corruption control system.

3 tips to protect your government agency from a ransomware attack

23 September 2021
Are you scared of being a victim of ransomware?

Crypto assets continue on their fast-paced evolution

20 September 2021
During the last couple of years, crypto assets have evolved and new players continue to appear in this space, while others - like the Libra from Facebook - appear to have vanished before their debut.

Fighting Insider Fraud: Using the Right Technologies

26 July 2021
Roger Darvall-Stevens, Partner and Head of Fraud and Forensic Services, met with the team at Fraud Today for an interview to discuss his latest global webinar on the topic of Fighting Insider Fraud: Using the Right Technologies. 

Why public entities and non-profits need to step up cyber security

19 July 2021
As the past few years have shown, no organisation is exempt from the dangerous and malicious actions of criminal cyber entities. 

Bootstrapping your IT infrastructure for under $5K

30 April 2021
Developing your internal information technology (IT) infrastructure correctly is an essential component for your business.

Small Business Cyber Security Guide

23 March 2021
In February 2021, the Australian Cyber Security Centre (ACSC) released a Cyber Security Guide tailored for small businesses.

Cyber security - what's old is new again

11 June 2020
User credentials of millions of users have been compromised over the years as a result of cyber incidents.

Real estate organisations are a new target as cyberthreats continue to grow

25 May 2020
With the magnitude of security and data breach cases highlighted regularly in the media, most executives of real estate companies are aware that they will likely become a victim of a cyberattack.

Pages