Cyber incident response

One contact, for an immediate response
Wherever you are in the world, whatever time of day or night, you have for immediate help. We’re never offline - our team is global and always ready to respond.

One complete crisis management team, managed by Kennedys
Whatever threat you face, we coordinate and manage a team to handle every aspect of your response and recovery. That includes IT forensics, network recovery, crisis communications and local legal and regulatory advisors. We have local offices and partner businesses all around the world, ready to respond quickly. We’ve managed teams that have responded to crises spanning more than 200 countries and affecting millions of people. With just one point of contact - Kennedys.

Legal and regulatory advice, from the people who know how
During a cyber incident, you’ll need to answer some big questions. Where are the legal risks and exposures? What regulatory issues apply in each country? Who do we need to notify? Using our global network of legal and regulatory advisors, we’re here to help. Following the triage process, which will consider the immediate implications and challenges, our team will then coordinate local firms and advisors to get on top of the specific on-the-ground challenges.

Helping you recover, after the immediate crisis has calmed down
After the immediate threat is over, we’ll help you manage and minimise the impact of the fall-out. This includes building your resilience against future threats, as well as managing any ongoing litigation and claims. We’ll work together to put in place strong data policies and procedures - perhaps one the biggest exposures you’ll face from a financial and regulatory perspective. And, as a specialist in insurance and litigation, our global legal teams can help you manage any ongoing litigation.

Pre-incident advice, support and training
Our pre-incident services aim to shield organisations from cyber risk from all directions. Our multi-faceted approach includes advising at board level (having direct conversations with the board and shaping policy) through to table top exercises (to highlight and address any potential vulnerabilities). Additionally, we advise clients on preparing detailed breach response plans and we run response scenarios, in order to ensure that organisations take the correct approach following a cyber-incident.

Incident management
When an incident occurs, we can quickly get specialists engaged, and on the ground if required. Our lawyers will guide you hour by hour, day by day until you are back up and running again. Additionally, we can help make sure vital evidence is preserved to help manage any potential claims arising from the incident.

Legal advice
Our experience in crisis support means we’ll help you with all legal and regulatory issues arising from an incident. This includes providing notice to regulators and responding to their questions on investigations, dealing with contractual implications with partners and customers and responding to claims should they arise. By engaging our team from the get-go, we’re able to help ensure that legal privilege is maintained to protect the communications and ensure confidentiality.

Forensic investigations
Understanding the scope and cause of the incident is critical for legal and regulatory purposes, as well as for ensuring the incident does not happen again. We will identify and engage a team of experienced forensic investigators who can identify exactly what occurred. We also help to engage vendors in the most efficient way to make sure that legal privilege is maintained wherever possible.

IT restoration
Our tried-and-tested network of IT recovery vendors cover all corners of the world. We will identify and engage a team of experienced technicians who are not only appropriate to the scale of the business and network infrastructure, but also have the strength and depth to get your policyholder back to business quickly.

PR and reputation management
It’s critical to manage communications, to protect your brand, reputation and share price. Our third party PR and crisis comms contacts are with you to control the story - from defining the narrative and handling media calls, to drafting statements and issuing press releases.

Intelligence services
Our intelligence team uses geo-fencing technology to monitor mainstream and social media, so you can adapt your PR and strategic responses.

An incident can occur anywhere. But the impact can be felt everywhere. We’re a truly global team, ready to help you respond to and recover from threats, across borders, wherever you do business and wherever your clients and customers feel the effects.

Our cyber incident response service covers over 160 countries remotely, through our own office network, partnership firms and associate offices. We utilise our worldwide coverage and deep local connections to ensure that our clients get the urgent support they require, in the jurisdictions they need, all under one roof.

We are one of the only firms capable of delivering a coordinated and streamlined incident response service in all of the world’s major jurisdictions.

Once the immediate incident is under control, we’ll help put you in a stronger position against future threats.

After the fact, many clients find underlying issues with the way they manage data. We’ll help you put in place strong international data policies and procedures, to help you mitigate one of the biggest financial and regulatory exposures you’ll face.