Commercial Cyber Investigation

In 2017, you were one-hundred times more likely to be the victim of a cyber crime if you lived in California as in Wyoming. Also in 2017, Canadians were three times more likely to become cyber victims as Italians. And the over-60 crowd in 2017 lost five times as much money to cyber criminals as younger people in their twenties. These statistics, and many more, are included in the FBI’s fine Internet Crime Report, created based on nearly 800 complaints received per day.

So, the great news is that our FBI is incredibly busy, doing its best to keep up with an ever-growing number of cyber complaints. The bad news, however, is that neither the FBI nor any other organization could possibly keep up with such an overwhelming number of complaints. I know they do their best – and they deserve our gratitude for pedaling the bike faster than ever – but your chances of getting direct FBI assistance if your company has been hacked is spotty at best.

I was thinking of this cyber challenge while enjoying some cappuccino on Fulton Street last week with principals from LIFARS, a New York City-based forensic response and investigation firm. Founded by Ondrej Krehel, a veteran of Stroz Freidberg and IDT911, the company focuses on filling in the cyber investigative and remediation gaps that arise between business victims and our law enforcement teams who simply cannot get to every call that comes in.

“We provide a range of incident response, cyber forensics, and resiliency services,” explained industry veteran Steve Lubchansky, VP of Sales and Alliances for LIFARS. “This includes dealing with ransomware and bitcoin issues, which are both very common complaints, as well as the full range of cyber incidents that modern businesses of all sizes experience on a day-to-day basis.”

I asked for some examples of typical customer case studies that LIFARS addresses – and I must say that the stories Steve shared were intriguing. I heard about (without names) a financial services company terrified about a serious ransomware crisis; another company thinking they might have a WannaCry incident but having something worse; an investor falling victim to a nation-state attacks; and on and on. I downed two coffees listening.

The flexible delivery model at LIFARS is something I see more and more of, in our industry; that is, the company maintains a modest full-time staff and manages a bench of professionals who can be brought into an engagement based on their experience, availability, and interest. The Chertoff Group has been following this flexible consulting model successfully for many years – and this is increasingly becoming a standard for cyber consulting teams.

I also asked about whether LIFARS follows a common consultation model, and Steve offered a reasonable perspective: “We are a smaller firm, so we can afford to be flexible,” he said. “We maintain a uniform investigative methodology, but we are happy to be agnostic about response platforms and we will take advantage of whatever technology our clients might have deployed. This allows us to respond quickly and to develop solutions that are customized for each unique client.”

Before an incident hits, develop a relationship with a trusted advisor like LIFARS. Having an incident response retainer in place or a relationship with a response firm will allow you to quickly respond should a cyber incident occur. The FBI can be called, but their case load and the size of your breach determines the response. A local relationship will give you the speed to getting your business back online as quickly and safely as possible. Companies like LIFARS, can also help you strengthen your cyber resiliency.

Cyber breaches are not something we really want to think about, but take the time today to develop relationships now, so you are prepared later. Share your thoughts in the comments below.