Blog Posts

A short list of things to keep in mind when dealing the ransomware decryptors.

Understanding what data has been affected and determining a notification plan is a critical aspect of incident response that comes with substantial costs and complexities.

Recovery is the “meat & potatoes” of the incident response process. In the 4th blog of our series, Understanding the Costs of Incident Response, we look at the three primary paths organizations can take to get back to business as usual, each with its own unique set of challenges.

In the second post of this series, we look at investigation costs. These are the first costs incurred and the investigation lays the foundation for the rest of the IR process.

In this series, we look at the various costs that may be incurred during a typical ransomware incident and discuss key security controls that can help organizations minimize the impact of a cyber-attack.

Jim Aldridge joins our partners at Airiam on their podcast to discuss parallels he sees between flying a plane and successfully preparing for and responding to cybersecurity incidents.

In Part Two of our blog with CrowdStrike, we share proven strategies and techniques for effective large-scale remediation efforts.

Our inaugural edition provides context around themes that impacted cybersecurity risk during the first half of 2022. Derived from providing forensics, recovery and resilience services through our platform, our goal is to provide a deeper understanding of the current cyber threat landscape and help organizations make better, more informed decisions.

When responding to a ransomware incident, making the right decisions is critical and can make the difference between an easier path or a harder one. In this blog, we tell the tales of two clients and lessons learned so you can avoid the hard path.

Picking a forensics provider is one of the first critical decisions you have to make when faced with a cyber incident. In this blog, we cover the capabilities to consider when evaluating a potential provider.

Security, like chess, relies on having a variety of strategies and tactics to use for countering your opponent. This blog offers a variety of options to consider when devising your own plans to outwit your adversaries.

Business Email Compromises (BECs) continue to be the one of the top attack vectors, costing organizations over $2.3 billion in 2021. In this blog, we share priorities and key methodologies for investigating these attacks.

Host-based microsegmentation offers a wide range of advantages over legacy counterparts allowing organizations to apply segmentation at much deeper granularity including host, user, or application levels.

Logs are critical sources for forensics investigations. This blog looks at various log sources and the key takeaways to consider when building the retention strategy that's best for your organization.

Our MOXFIVE Incident Managers are critical to every project we manage at MOXFIVE. Learn more about their role and how they enable everyone in the process to focus on what they do best.

Gaining access to Active Directory is often a goal of threat actors during an intrusion. In this blog, we look at two key workstreams that add security layers making it more difficult for threat actors to achieve this goal.

Using cloud-based services can help not only lift the burden of day-to-day IT and security tasks, but they can also provide a significant benefit when dealing with a ransomware attack.

Finding the right balance between containment, recovery and forensics workstreams is the key to faster and more effective incident response.

The lines between forensics and recovery can easily blur during incident response. Using an approach that delivers both in parallel helps minimize business interruption and get organizations back online more quickly.

Learn how MOXFIVE's platform-based approach to incident management drives increased efficacy and quicker resolution of complex challenges while also reducing costs and making life easier for all parties involved.

In July 2019 we posted our inaugural blog and introduced our idea of how a Technical Advisor could help companies better manage the incident response process. Two years (and hundreds of incidents) later, we've learned many lessons that help our clients recover quickly and effectively.

Recovering from a cyber incident is a complicated and challenging process. Read our top 6 factors that can help determine whether the recovery process runs smoothly... or not.

Every pilot learns the mantra "Aviate. Navigate. Communicate." during their initial flight training. Easy to remember in a crisis and it helps remind the pilot of the order of priorities required to execute an optimal recovery.

Prioritize efforts, consolidate focus, succeed.

Sleep Soundly with Good Backups!

MOXFIVE’s “Break Glass” Strategy to Recovering from a Ransomware Attack Ransomware events can be the worst experience for any person

Over the last year, insurance carriers have looked for innovative ways to expand coverage. One such area is coverage around “bricking”. A...

Understanding the role of Endpoint Technology in Incident Response