Information security events often occur during times when you least expect them. Information security events may be a result of internal events, in which employees caused information security events to happen as a result of their actions, or external, where external attackers managed to compromise the security of the origination.
Time is usually of the essence when an incident occurs, and an incident investigation should be performed as soon as possible to ensure that critical evidence is captured. Once captured, the evidence needs to be analysed to determine the impact of the incident.
In South Africa, POPI also dictates that information security events that involve the personal information of others need to be reported to the Information Regulator in South Africa. Furthermore, the affected parties need to be notified of the security incident.
Crimson Wall has a team of digital forensics specialists to perform specialised internal investigations and intrusion investigations. We follow industry-standard practises to determine the impact of a breach and to identify the assets that were compromised. With the help of our legal partners, we’ll also obtain the needed legal documentation required to unmask the identities of the perpetrators of the information security events. The evidence captured will be made available in a format suitable for internal disciplinary hearings or criminal investigations.