Your First Call for
Incident Management.

Smoother response. Faster recovery. Reduced costs. 

Responding to today’s cyber attacks can be confusing and complex. Many organizations aren’t sure where to start or need help putting together an effective response strategy.
We can help. 

Learn More

INCIDENT MANAGEMENT

Our Technical Advisors serve as an Incident Coordinator who will work with your team to clearly define the incident and develop the most effective response strategy. Once a plan is in place, your Technical Advisor will build the team of experts needed and manage all incident response efforts through to completion.

Business Recovery

Restore Business Operations
  • Access viability of backups
  • Restore, rebuild or decrypt impacted systems and applications
  • EDR depolyment
  • Help Desk Support

Containment

Mitigate the Ongoing Threat
  • Advise on effective containment strategies
  • implement containment mechanism such as password resets, malware blocks, network blocks and implementation of MFA

Forensic Investigation

Identify Root Cause/Unauthorized Activity
  • Collect forensic data to support investigations
  • Collaborate with forensics to modify response approach based on risk

Reinforce

Build a Secure, Resilient Environment
  • Ongoing MOXFIVE Advisory support
  • MOXFIVE Business Resilience offerings
MOXFIVE Technical Advisors bring security expertise, predictability and integrity to the response process.

BENEFITS OF MOXFIVE

  • Turnkey incident management solution
  • Seamless integration into existing technologies
    and processes
  • Coordinate efforts among internal and external parties
  • Innovative loss mitigation strategies
  • Manage and track overall response progress against stated timelines
  • Technical resource for attack victims

The MOXFIVE Process

Our Technical Advisors have a proven playbook for leading incident response efforts – helping you recover with speed and precision.

Intake

  • Obtain incident details and provide initial technical guidance. 

  • Focus on incident containment, data preservation, and business recovery.

Plan

  • Establish action plan with counsel, victim, and service providers.

  • Provide engagement flow and timing. 

Execute

  • Engage and deploy appropriate service providers and solutions at the appropriate time.

  • Monitor engagement progress and costs.

Advise

  • Conduct a 30 / 60 day follow up to discuss  recommendations and longer term risks.

  • Provide ongoing technical guidance upon request.

Business interruption (BI) represents 36% of the cost of a cyber breach, averaging a whopping $1.42 million per breach.

From IBM’s "Cost of a Data Breach" Report, 2019
MOXFIVE Take:  Business interruption costs are most typically impacted by the lack of proper guidance on the response and overengineered solutions that inadvertently delay recovery efforts. We can change that.

RECENT BLOG POSTS

Visibility in Incident Response: Don’t Chase Ghosts in Your IT Estate

To effectively respond to a cybersecurity incident, having complete visibility into all assets (endpoint devices, applications, user accounts) across your IT estate is a critical success factor for recovering quickly and minimizing business disruption.

Dispatch from the Front Line

In July 2019 we posted our inaugural blog and introduced our idea of how a Technical Advisor could help companies better manage the incident response process. Two years (and hundreds of incidents) later, we've learned many lessons that help our clients recover quickly and effectively.

Tabletops Improve Incident Response

Tabletops can help improve organizational awareness and streamline Incident Response efforts. Learn how they can help mature your security posture and develop your teams' skills.

Maximizing Red/Blue Team Effectiveness

Fusing the efforts of your red and blue teams by implementing a purple team approach enables analysts to cross-train, collaborate, and respond more effectively during an incident.

Recover, Then Upgrade - One Problem at a Time

Four questions to ask if you're considering adding an upgrade to an in-progress recovery effort.

Common Misconceptions of Business Recovery

Recovering from a cyber incident is a complicated and challenging process. Read our top 6 factors that can help determine whether the recovery process runs smoothly... or not.

When it Comes to Cybersecurity, Money Talks

Changes in the cyber insurance industry are driving a change in how organizations are investing in security.

In Times of Crisis: Focus, Plan, Ask for Help

Every pilot learns the mantra "Aviate. Navigate. Communicate." during their initial flight training. Easy to remember in a crisis and it helps remind the pilot of the order of priorities required to execute an optimal recovery.

Ransomware is a Mere Symptom, Extortion-Based Crime is the Disease

Has the rise of ransomware distracted us away from the true issue at hand? Encrypted files, corrupted applications, deleted backups, and ...

Assessing Risk in the Wake of SolarWinds Attack

Over the last couple of weeks, we have all watched the details surrounding the SolarWinds attack unfold. The full scope of the attack wil...

Targeted Containment — Less is More

Prioritize efforts, consolidate focus, succeed.

Ransomware Recovery Tales: Prepare for Battle

Does your organization have everything it needs to be prepared for a ransomware incident?

Ransomware Recovery Tales: The Battle of Netwalker

Threat actors can deploy, ransomware without the need to build or manage underlying infrastructure.

Assessing Risk: The “How” is Just as Important as the “What”

See how we assess an organization’s security risk and ability to prevent ransomware attacks.

Backups: Ahh! To Zzz 😴

Sleep Soundly with Good Backups!

Ransomware Recovery Tales: Protect the Kingdom

For every ransomware incident MOXFIVE has assisted with, the primary concern during recovery has been the health of the core infrastructure

The Key to Successful Business Recovery

MOXFIVE’s “Break Glass” Strategy to Recovering from a Ransomware Attack Ransomware events can be the worst experience for any person

Think Before you “Brick”

Over the last year, insurance carriers have looked for innovative ways to expand coverage. One such area is coverage around “bricking”. A...

Incident Response: Endpoint Agent All the Things?

Understanding the role of Endpoint Technology in Incident Response

The Next Phase in Cyber Insurance

Cyber claims have departed from lost laptops and basic malware claims and the industry is now realizing that it's less prepared to deal with

Let’s Talk.

Whether you need immediate help responding to an incident or are just trying to better prepare for one, we can help. Complete the form below and it will go directly to our Technical Advisory team.