Cybersecurity

In today’s increasingly connected world, your organization faces a number of high-security risks. Identity theft, network hacking and ransomware could occur any time and expose your company’s vital information.

BKD’s cybersecurity team can help your organization develop a plan to protect against unforeseen attacks. Whether you want to prepare for the worst, respond to a breach or remedy weaknesses in your systems, BKD can assist.

Prepare

Cybersecurity Risk Assessment

A cybersecurity risk assessment is the foundation of a strong cybersecurity program. Without a good understanding of your cybersecurity governance, processes and technology, you risk giving cybercriminals the keys to your critical information assets.

A cybersecurity risk assessment identifies possible threats to your business. Our process addresses cybersecurity risk in the context of business risk and uses generally accepted frameworks such as National Institute of Standards and Technology Cybersecurity Framework, ISO 27001, Federal Financial Institutions Examination Council, etc. The assessment includes:

  • Analyzing critical assets that store or transmit sensitive data (data-flow analysis)
  • Identifying security requirements and potential threats
  • Determining infrastructure, systems and process vulnerabilities
  • Identifying process maturity and implementation status

Advanced Threat & Vulnerability Testing

We help identify vulnerabilities and weaknesses in your network that can subject your information assets to hacking. We apply tools and techniques commonly used by hackers, identity thieves and disgruntled employees. Depending on your needs, we may perform these tests:

  • Network Scanning – Port scanners determine existing devices, open ports and services operating on these ports—a beginning step for full penetration testing.
  • Vulnerability Scanning – Network hosts, services, operating systems, applications and related vulnerabilities are located using a highly automated scan based on a database of vulnerabilities.
  • Penetration Testing – Network and vulnerability scanning are combined with the human element of verification of vulnerabilities—a process that emulates a true hacking approach. External penetration testing simulates internet-based attacks while internal penetration testing simulates attacks by disgruntled individuals who breach your network’s perimeter defenses.

Advanced Social Engineering

Social engineering—often referred to as one of the greatest security risks—is the practice of obtaining confidential information through user manipulation.

Our team helps you prepare for these types of attacks with simulated pretext phone calling, spoofing, phishing and physical access attempts and the use of malware and counterfeit websites for security testing. We assist you in evaluating your organization’s security posture, testing your incident response plan and raising employee awareness.

Respond

Incident Response

Our incident response service typically involves using digital forensic technologies and procedures to assess the attack and determine its origin. This may include an assessment of whether employees inadvertently—or even intentionally—assisted with the attack. The incident response team also will test for the possibility that data was exfiltrated during the breach. Steps you can take to contain the breach and determine its scope include:

  • Isolating the affected system to prevent further release of data or encryption in the case of a ransomware attack
  • Reviewing/activating auditing software
  • Preserving pertinent system logs
  • Creating backup copies of altered files for secure keeping
  • Identifying systems that connect to the affected system
  • Preserving affected systems such as personal computers and servers for investigation
  • Retaining an external forensic expert to assist the investigation
  • Documenting conversations with law enforcement and taking necessary steps to restore the system’s integrity

Each breach is different and may require some or all of these steps. The key to a successful response is to effectively deploy the procedures once the breach has been discovered. This will help reduce the potential loss and preserve evidence needed to examine the breach.

Incident Analysis & Investigation

BKD’s cyberforensics professionals extract and analyze physical and digital evidence to help identify and document key incident information, e.g., date, time, cyber actors (insider versus outsider), threat actor tactics, techniques and affected systems and accounts or data. Our investigations involve analysis of computer activity logging controls to help determine accessed, infiltrated or removed data. This is followed by an in-depth examination to help determine the extent and nature of compromised data, e.g., personally identifiable or protected health information and other confidential or proprietary information, such as trade secrets.

Business Continuity Resilience (BCR)

Preparing for a crisis could mean the difference between the survival and failure of your business. We help your organization develop a plan that will help you recover your business operations if adverse events occur. Our consultants help lead you through these steps:

  • Identify critical business processes, key employees and other vital resources
  • Identify threats and their likelihood
  • Assess business effect of threats
  • Develop strategies to mitigate and recover from a disaster
  • Educate employees through training and exercise
  • Periodically review, test and update the plan

Remediate

Depending on the nature of the breach and vulnerabilities identified, BKD can help your organization address unmet needs, e.g., creating policies and procedures or developing user awareness programs and conducting training.

Chief Information Security Officer (CISO) Services

Faced with the seemingly overwhelming task of protecting an enterprise from cybersecurity attacks, management may not be sure where to begin. BKD’s chief information security officer (CISO) advisory services can help organizations jump-start their cybersecurity program by identifying and prioritizing potential risks as well as developing a robust security plan.

Building on a cybersecurity risk assessment, experienced BKD personnel can help the management team:

  • Create a cybersecurity plan to address the identified risks and exposures and establish institutional awareness and a shared commitment to protect information. This planning encompasses a range of activities:
    • Review existing documentation
    • Define the scope and boundaries of the information technology (IT) security plan
    • Identify and document key roles and responsibilities to support IT security
    • Create required documentation and reports
    • Develop a remediation implementation plan
    • Deliver an executive briefing of the plan
  • Identify reasonable, cost-effective solutions to remediate risks from the cybersecurity risk assessment
  • Provide recommendations for setting and maintaining standards and practices to manage the confidentiality, availability and integrity of assets and data
  • Provide guidance regarding prioritization of infrastructure investments that affect information security
  • Share knowledgeable, timely guidance on IT and cybersecurity risk matters. The individual will have the expertise to help provide an independent perspective, free from service provider or vendor bias and influence.

Cindy Boyle

Partner

Cindy Boyle

Partner

Financial Services
Not-for-Profit & Government

400 W. Capitol Avenue, Suite 2500
P.O. Box 3667
Little Rock, AR 72203-3667 (72201)

Little Rock
501.372.1040

Ronald Hulshizer

Managing Director

Ronald Hulshizer

Managing Director

Financial Services

Two Leadership Square South Tower
211 N. Robinson Avenue, Suite 600
Oklahoma City, OK 73102-9421

Oklahoma City
405.606.2580

Jan Hertzberg

Director

Jan Hertzberg

Director

1901 S. Meyers Road, Suite 500
Oakbrook Terrace, IL 60181-5209

Chicago
630.282.9500

“In my 40+ years in health care I have never encountered disruption as serious as the ransomware that struck Woodlawn Hospital. The BKD team dispatched to address this attack included forensics and IT risk services specialists. I was impressed by their professionalism and respect as they interacted with and interviewed our staff and identified risk areas. The team demonstrated a high level of competency in helping us resolve this highly concerning and disruptive situation.

The reports BKD forensics and IT Risk Services developed were data-driven, factual and actionable. Woodlawn used those reports as a tool for the organization to identify low, moderate and high risk areas, and we developed effective corrective plans to improve our processes. This resource also was useful to our board as part of the education plan developed to identify and address vulnerabilities and security concerns.

The BKD forensics and IT Risk Services teams were professional, timely and accessible. Their instruction helped Woodlawn develop training to better inform our various systems teams of vulnerable points of entry and how to take effective safeguards to reduce risk of future ransomware attacks.”

— Dave Cholger Chief Financial Officer
Woodlawn Hospital
Rochester, Indiana


BKD LinkedIn BKD Twitter BKD Youtube BKD Google Plus