A large international client had suffered a major nation-state attack as they went through an M&A process. The attack was managed internally, however the client wanted to ensure that the experience of the incident was not wasted.
Several critical suppliers and team members were impacted by the incident and impartiality and independence was a key driver of the review.
MDR Cyber conducted a detailed Post Incident Review (PIR) with the client's incident and executive teams.
The review looked at all stages of the internal response efforts as well as the implementation of internal policies and response plans.
The PIR process review highlighted both areas of good practice as well as areas of improvement. Our approach was tailored to ensure that lessons could be learnt and applied to all incidents, as the client was unlikely to be a target of nation state activity in the future.
The review provided both team members and critical suppliers a voice in the review of how the incident was handled, helping build and improve relationships across the business.
The detailed plan and recommendations provided could be fed directly into incident response plans and playbooks, as well as being used to further exercise the response capability.