Our practice draws on the skills of BRG staff around the world, along with an extensive network of associates, including prominent academics, CPAs, experienced business leaders, former government officials, and seasoned consultants. We have the agility to assemble teams with the specific, nuanced talent and sector and geographic insight needed to address a particular problem and provide highly specialized and strategic advice.
Who We Are
BRG’s Cybersecurity & Investigations group is composed of highly qualified experts who have a diverse range of talents. Team members include former federal law enforcement agents who specialized in cyber-crime investigations, network security experts who focus on penetration testing and “red team” assessments, and a former Assistant US Attorney who pioneered cybersecurity enforcement as a federal prosecutor. Our experts spearheaded some of the most complex cyber cases ever pursued—including the investigation and prosecution of the leadership of the prolific hacktivist groups Anonymous and Lulzsec, as well as the owner and operator of Silk Road, a notorious $1.2 billion underground drug website—and have responded to and investigated over six hundred cyber attacks against organizations across a range of industries, including in the government, education, financial services, travel and entertainment, technology, media, healthcare, and consumer products sectors.
Our cutting-edge experience and multidisciplinary approach, together with BRG’s global footprint and resources, create an exceptional platform from which we can solve organizations’ most complex cyber problems.
We use decades of experience and a track record of creative, out-of-the-box thinking to provide solutions that are holistic in philosophy, practical in application, and sensitive to organizations’ operational concerns.
What We Do
Strategic Cybersecurity Consulting
We provide direct, clear, and objective advice to clients who seek to understand and mitigate their cyber risk. Our services include:
- Independent cyber risk assessments, controls analyses and compliance reviews pursuant to a range of industry and government standards, including those provided by the NIST Cybersecurity Framework, the HIPAA Security Rule, the Department of Defense’s Cybersecurity Maturity Model Certification, and Securities and Exchange Commission’s Office of Compliance Inspections and Examinations.
- Remediation of identified security gaps and implementation of best practices, including:
- Enhanced technical defenses
- Improved cybersecurity policies and procedures
- Strengthened incident response preparedness
- Data mapping and information governance consulting
Cyber Operations and Incident Response
We put our experience and practical awareness to work to provide rapid and successful solutions. Our services include:
- Incident Response
Speed is critical when dealing with a cyber incident. BRG’s global presence enables our incident response teams to respond quickly, regardless of geographic challenges. Our professionals provide rapid on-site deployment to conduct data breach investigations using technologies, methods, and practices that have been rigorously tested for defensibility before courts and regulators.
- Complex Cyber Investigations
Our security experts have world-renowned technical experience investigating a diverse range of cyber incidents and know firsthand the value of gathering facts and evidence in a systematic way suitable for investigation and, potentially, prosecution or other legal action. They have created pioneering investigative techniques to overcome the technical complexities of the most challenging cyber investigations.
- Security Evaluation
Our professionals focus on building a detailed understanding of its business objectives, technology infrastructure, and data, and the risks and threats specifically associated with that environment. They leverage years of experience responding to and investigating complex and sophisticated cyber incidents—and their deep knowledge of how cyber criminals operate—to identify, prioritize, and remediate weaknesses before they can be exploited.
Litigation Consulting
Our client support does not stop once a cyber incident has been contained. Our highly qualified team helps clients bridge the technical and legal gap when responding to post-incident litigation and regulatory inquiries. Services include:
- Technical root cause analysis
- Damage and loss consulting
- Forensic collection and analysis of electronic evidence, including computers, mobile devices, and cloud-based platforms and hosting services
Coordinated Consulting Services
BRG’s Cybersecurity & Investigations group offers a diverse array of expert consultative services that complement its foundational cybersecurity mission, including:
- Independent cyber monitorships
- Cyber due diligence
- Online intelligence and threat monitoring
- Cyber insurance consulting
- Bespoke cybersecurity solutions for individuals
- Cybersecurity training for employees, executives, and in-house security teams