Digital Forensics Incident Response Services

01223 298 338

Harness the years of experience of 3B Data Security’s team of highly skilled Core PFIs, incident responders and digital forensic investigators to help your organisation.

Whether you have:

Cyber Incident Response and Forensic Data Breach Investigation Services

Cyber Incident Response & Forensic Data Breach Investigation

3B Data Security staff have extensive experience in this area, having been involved in investigating payment card data breaches for the acquiring banks and credit card schemes since 2007, which is prior to the Payment Card Industry Security Standards Council (PCI SSC) taking responsibility for the PCI Forensic Investigator (PFI) programme from Visa (QIRA) and MasterCard (QFI).

Read More

During this time, the scope, scale, and complexity of attacks have evolved, and as the Security landscape moves, the hackers move with it, often circumventing and exploiting the new security controls implemented by the IT security professionals.

3B Data Security staff have a wealth of experience and expertise, having been exposed to a plethora of different incident response scenarios and forensic data breach investigations - ranging from a cottage industry business run from a home garage to multi-national cross-border blue chip organisations.

Other examples include utility providers, financial service institutions, insurance underwriters, hoteliers, hosting companies, level one merchant retailers, payment service providers, online retailers, gambling/gaming companies, and motor manufacturers. We have also worked with and for law-enforcement agencies, the Information Commissioner’s Office (ICO), and with legal/litigation teams within law firms and solicitors.

Staff members have been certified under the CREST Cyber Security Incident Response (CSIR) scheme and hold the CREST Certified Incident Manager (CCIM) accreditation. In addition, they have also been certified as Core PCI Forensic Investigators (PFI) and Qualified Security Assessors (QSA) by the PCI Security Standards Council.

If you have a cyber security incident, believe you are under attack or have been compromised, then call us immediately for assistance on 01223 298 338 or email us at

If you want to take a more proactive and pragmatic approach whilst benefitting from the knowledge and years of experience which the 3B Data Security team possess, then why not speak to us about our Cyber Security Incident Response Retainer Service (CSIRRS). CSIRRS will help arm and prepare your business or organisation with the skills and resources needed to react and respond to a cyber security incident efficiently as it provides you with a 24/7 on-call support helpline, pre-agreed consultancy rates and methodologies, signed contracts and legal documents, and proactive security reviews and information sharing sessions.

Read Less

Cyber Security Incident Response Retainer Service (CSIRRS) & Digital Forensic Retainer Service (DFRS)

Cyber Security Incident Response Retainer Service (CSIRRS) & Digital Forensic Retainer Service (DFRS)

Is your organisation equipped with the resources and expertise to deal with an urgent cyber security incident or forensic investigation? Do you know which systems store your sensitive data, or how to deal with the continuity of evidence? Can you make the correct decisions for the business whilst ensuring you act in a timely but independent and transparent manner? Are you governed by industry regulators, standardisation bodies, legal contracts, or even law enforcement agencies? Will they wish to see the reasons behind the steps you took, the decisions you made, and the conclusions you drew? Will you or your organisation be penalised, fined or face litigation if it all goes wrong?

Read More

What would your customers say if they found their data posted on a hacker forum and believed you were the source?

Would you know how to respond if the 10 o’clock news called you for a statement on your data breach?

If you have any doubt to even one of the answers above, then you need sign up to 3B Data Security’s Cyber Security Incident Response Retainer Service (CSIRRS) immediately.

After many years dealing with all types of cyber security incidents and urgent forensic investigations, 3B Data Security have formulated a proactive incident response retainer service that aims to resolve many common problems faced by organisations suffering a data compromise. In effect, you learn from all the mistakes made by others before you.

The service is tailored to your organisation and allows you to rest easy knowing help is always on hand and proactive measures are taken to help reduce risk in advance. The service includes:

The advantages to your business or organisation include:

If you want to focus on running your business and not on reacting to a forensic or cyber incident, proactively improve the response and investigation process, learn from others’ mistakes, and protect your reputational brand and your customer relations, then sign up to the Retainer Service.

Read Less

PCI Forensic Investigator (PFI) Services

PCI Forensic Investigator (PFI) Services

3B Data Security are one of only a handful of globally approved PCI PFI companies certified by the PCI SSC and payment card brands to help merchants recover from and forensically investigate a compromise of cardholder data. Whether you are eligible for a PFI Lite investigation, or need assistance with a (full) PFI Investigation, 3B Data Security is perfectly suited to resolve the situation for you.

Read More

Alongside this, 3B Data Security is an approved PCI SSC Qualified Security Assessor Company (QSAC), which enables us to perform PCI Compliance consulting, and provide advisory and audit services to help merchants obtain certification against the Payment Card Industry Data Security Standard (PCI DSS).

Senior team members have been Qualified Security Assessors (QSA) since 2008 and have been investigating cardholder data compromises for Visa and MasterCard since 2007, then subsequently becoming Core PCI Forensic Investigators (PFIs) when the PCI Security Standards Council formed the PCI PFI Program in 2011.

Staff have investigated hundreds of cardholder data breach investigations for all types of organisations large, medium, and small, in numerous different environments with ever changing technologies. Additionally, the knowledge, experience and relationships gained from being a part of the payment card industry for this length of time helps to distinguish 3B Data Security as a trusted, credible and reliable PCI partner.

If you have suffered a PCI data breach, if you need to obtain or maintain PCI Compliance, or simply want to benefit from our years of knowledge in conducting data compromise investigations, then get in contact and we can help you.

We also act as a PFI Expert Witness to assist the litigation process and impart our knowledge to assist the situation for civil disputes or appeals. Having spent time within the criminal prosecution and court system, combined with the expert knowledge of the PFI process, makes us a natural partner to assist when required.

Read Less

Incident Response Consulting, First Responder Training and Table Top Exercises

PCI DSS & PCI Forensic Investigator (PFI) Services

Whether you need help writing an incident response plan for your business, reviewing existing security response policies and procedures, or need help ensuring your staff are adequately trained to respond, 3B Data Security has the experience that can help you.

Read More

We offer tailored first responder and breach management training to both technical and management level staff, based upon industry best practise and years of conducting real incident response investigations. The training gives an insight to what will happen when an incident occurs and how you should respond, but more importantly, you will be educated with lots of preventative advice, best practise and real-life response hints and tips.

Do you want to learn, practise, and play out your incident response policies and plans? Perhaps test your staff’s reaction to an incident or simply see what could happen within your organisation (if) when you do get hacked, but do not want to wait for the hackers to do it for real?

Then utilise the years of knowledge 3B Data Security has in helping businesses react and recover from real life hacking incidents by undertaking a number of ‘mock’ incident response table top exercises. You will be lead through a number of incident scenarios, and as they play out, your people, processes and technologies will be tested in a controlled environment in order to highlight any discrepancies so they can be evaluated, educated and remediated, without the time-critical pressures you face whilst dealing with an actual incident at the same time.

We also offer a Computer Incident Response Public Relations (PR) Planning and Preparation Workshop which helps the business prepare the right PR responses to an incident, find gaps in the current PR Action Plan, and deduce a list of playbook scenarios that may need to be considered for creation or amendment. These could be anything from how and when to inform Law Enforcement agencies, first line support / call centre staff, internal development staff, the media, website updates, social media posts, third-parties, acquiring banks, or regulators.

Read Less

Digital Forensic Investigations

Digital Forensics Investigations

Digital Forensics is at the core of many of the services which 3B Data Security has to offer. Our staff have given evidence on forensic cases and acted as expert witnesses in court, often liaising with legal counsel and lawyers to turn the often complex world of digital evidence into clear, concise and easily understandable information.

Read More

3B Data Security staff have conducted both civil and criminal forensic investigations, including intellectual property theft, HR / employee misconduct, computer misuse, fraud, money laundering, terrorism, cyber-crime/hacking, malware, and financial litigation.

In addition to traditional forensic investigations, 3B Data Security have worked with insurance companies to validate their claims management process, conduct pre-assessment and risk validation for policy underwriters, and conduct forensic training courses for corporate IT teams.

In our experience, most digital forensic investigations are initiated reactively, unexpectedly and are often very urgent and time critical. It is with this in mind that the proactive Digital Forensic Retainer Service (DFRS) has been created to help deal with these points and balance the unknown urgency of an incident, and increase the ability for the forensic investigation to be conducted as efficiently and quickly as possible so the best outcome can be established. This includes understanding the gaps and weaknesses in the policies and processes, educating staff and first responders, agreeing all the commercials, legal documents and logistics in advance of any potential incident or forensic investigation requirement.

The time saved in understanding the methodologies, agreeing the terms and conditions, or simply just knowing who to call could be the difference between a satisfactory conclusion and losing the evidence, losing the case, losing finances, and even losing the business’s reputational brand.

If you do not have a forensic readiness policy, then you are unlikely to be prepared for dealing with any cyber incident; also, your organisation may be prone to significant liabilities if it is unable to collect digital evidence to the required standard during civil proceedings or for regulatory compliance. 3B Data Security’s forensic readiness plans are bespoke assessments written for your business needs. We will supply you with robust plans to ensure that you have a fully auditable trail for evidence collection in the event of an information security incident. This process will identify what electronically stored information might potentially be relevant, factoring that this data may be stored in several different locations on different media types, and is almost certainly duplicated numerous times.

Read Less

eDiscovery – eLitigation Support & Information Governance

Digital Forensics Investigations

We provide support to corporate clients, regulatory bodies, government organisations, and the legal sector, who may be involved in dispute resolution or regulatory investigations. We are instructed by clients from a range of industries and can offer bespoke solutions to meet client litigation support requirements.

Read More

With the continued exponential growth and availability of both structured and unstructured data, it is important that businesses have a strategy to effectively manage the full data lifecycle to mitigate the risk if there is an electronic discovery requirement; effectively balancing the risk that information presents with the value that information provides.

Data theft is a significant issue for any business; we are frequently instructed by our corporate clients who have had company data stolen by current or former employees who leave to either work for a competitor or set up their own company. We provide a wide range of investigation options, from intellectual property theft through to partnership and contract disputes; our specialist forensic investigators gather digital evidence to establish what data may have been stolen and the methodology, with appropriate recommendations to prevent similar occurrences.

Once an electronic discovery requirement is identified then data must be preserved against inappropriate modification or destruction. A forensic collection, using specialist tools, is often the most appropriate way to preserve data that may be needed for disclosure. The collection has to be performed correctly, depending on the situation, or the evidence presented may be contested.

Our digital forensic investigators are experts in complex global data collections and can extract and preserve data from all types of digital devices, both current and legacy technology, often under difficult local circumstances. We understand the legal requirements of imaging digital devices, especially in cases where investigations or disclosure may be required.

Partnering with Nuix, one of the leading eDiscovery processing, review, analytics, and predictive coding technologies, enables us to rapidly and accurately search, process and manage large quantities of data. This processing stage allows the data to be indexed in preparation for the electronic discovery process to begin; any data that is deemed not relevant can be culled from the dataset so it is not processed, therefore reducing costs.

From collection through to production, we have the solutions and experience to effectively manage any disclosure and a full range of review challenges.

Read Less