Kroll

New York, NY, USA
1932
Apr 12, 2021   |  By Adam Jaffe
Understanding who you share data with and how they will utilize and protect it has never been more critical. Privacy and security continue to be a top priority for regulators around the world and organizations are advised to stay abreast and take appropriate measures to comply.
Apr 8, 2021   |  By Paul Jackson
In the high-pitched, relentless battle against cyberattacks, much of the attention and energy has been focused on technical solutions, regulatory compliance, and balancing risks with opportunities. What about corporate governance? What role does executive and board-level oversight play in ensuring robust cybersecurity … and what role should it play?
Apr 5, 2021   |  By Andrew Beckett
With most organizations receiving over 100 threat alerts every day and a reduction of endpoint visibility due to the shift to remote work, the ability to quickly detect and confidently respond to cyber threats has become a difficult challenge for organizations to undertake on their own.
Mar 24, 2021   |  By J. Andrew Valentine
In May 2020, Kroll was contacted by a purveyor of high-end meats after receiving several customer complaints of potentially fraudulent credit card activity. The fraud allegations were raised after several customers observed unauthorized transactions on their credit cards shortly after placing orders through the purveyor’s e-commerce website. Kroll quickly assigned one of their seasoned Payment Card Industry (PCI) forensics investigators to review and investigate the matter.
Mar 19, 2021   |  By David Klopp
David Klopp, Managing Director in the Cyber Risk practice of Kroll, recently spoke at the first session of PARIMA’s Confident Response Series 2021. The series aims to fine-tune incident response preparedness and help risk managers understand the latest tactics, techniques and procedures from the most successful cybercriminals, leading to deeper collaboration with business partners and mitigation of technical, legal and reputational risks.
Mar 16, 2021   |  By Jason Smolanoff
The lifecycle of a cyber security incident can be broken up into three stages: investigation, remediation and notifications/disclosures, the latter often being the most complex, time consuming and costly. Disclosure challenges are compounded due to breach notification laws that require initial statements before the investigation is completed and the incident is fully contained. They can also stem from improper interpretation of digital forensics findings.
Mar 10, 2021   |  By Simon Ashenden
COVID-19 has not only changed the way we live but also forced many changes to standard business processes. This article will explore some challenges around human resource (HR) hiring, offboarding and contracting activities. As companies in multiple jurisdictions continue to look for advice from state and federal authorities on COVID-19 safe work plans, this article offers some security considerations from a physical security as well as cyber security perspective.
Mar 5, 2021   |  By Nicole Sette
Zoho ManageEngine Desktop Central is an endpoint management solution offered by Zoho. A server running this software can push updates to managed systems, remotely control and lock them, apply access controls and more. In March 2020, a remote code execution (RCE) vulnerability was identified (tracked as CVE-2020-10189) in the ManageEngine software due to the deserialization of untrusted, user-controlled input in the getChartImage function of the FileStorage class within the application.
Feb 22, 2021   |  By J. Andrew Valentine
Having closed brick-and-mortar operations on March 16, 2020 for safety reasons, the nearly overnight shift to a purely e-commerce revenue model brought uncertainty. However, a rapid uptick in online sales provided a sense of relief, albeit short-lived. Our client became concerned when a closer look at the online transactions revealed an unusually large volume of electronic gift card purchases made using their private label credit card.
Feb 15, 2021   |  By Jason N. Smolanoff
A new year typically brings a renewed sense of optimism; however, 2021 brings with it promises of unparalleled challenges for board members as their role in cyber risk oversight and increasing organizational resilience has never been more important. Over the course of 2020, as organizations shifted already overburdened staff to build capacity to support remote working, threat actors aggressively exploited weaknesses exposed in the transition.
Apr 9, 2021   |  By Kroll
How much time are you spending manually parsing and sorting event logs? With EvtxECmd, digital forensics professionals can optimize Windows event log analysis through its unique mapping feature. Created by Eric Zimmerman, EvtxECmd can be called via the EZParser module in KAPE (another tool created by Eric Zimmerman) to process thousands of events in seconds and create structured CSV files that are much easier to read and manipulate.
Apr 1, 2021   |  By Kroll
In partnership with The Non-Executive Directors Association (NEDA) Our three-part webinar series on the current risk landscape and emerging threats/opportunities features speakers from Kroll, NEDA, and a range of experts and seasoned non-executive directors (NEDs). Reputation is everything, and as we contemplate life beyond COVID-19 crisis management, Kroll executives have been considering a range of contemporaneous risks that should be on every board’s agenda. They’re even evaluating how failure to consider these risks can impact a company’s corporate reputation.
Mar 31, 2021   |  By Kroll
The pandemic has resulted in changing infrastructure for providing training to employees in this work from home limitation of large gatherings environment. This episode will feature a special guest to discuss how we partner to bring the highest level of security training to our clients – in a high-tech manner that we believe is best in class and exceedingly useful in today's environment.
Mar 29, 2021   |  By Kroll
Our two-part roundtable webinar series on the future of the global art market, features guests from Hauser & Wirth, HMRC, Demif Gallery and The Society of London Art Dealers. Presented by Gareth Fletcher of Sotheby’s Institute of Art, the series explores change and transformation in the art market, from new technologies, ways of viewing and buying art, and market supervision, to digital art crime, the rise of African artists, and the illicit trade in art and antiquities.
Mar 25, 2021   |  By Kroll
Hear insights from Nick Doyle, Managing Director in Kroll’s Security Risk Management practice, as he discusses 2021 security trends including travel, building and supply chain security.
Mar 22, 2021   |  By Kroll
Our two-part roundtable webinar series on the future of the global art market, features guests from Hauser & Wirth, HMRC, Demif Gallery and The Society of London Art Dealers. Presented by Gareth Fletcher of Sotheby’s Institute of Art, the series explores change and transformation in the art market, from new technologies, ways of viewing and buying art, and market supervision, to digital art crime, the rise of African artists, and the illicit trade in art and antiquities.
Mar 8, 2021   |  By Kroll
When incidents or traumatic events occur, there are a set of investigative techniques and methodologies that need to be deployed quickly and with the right expertise. In this episode of Kroll’s Security Concepts, three of Kroll’s investigative experts Marco De Bernardin, Francesca Castelli and Nick Doyle come together to discuss their experience with the lifecycle of investigations.
Mar 5, 2021   |  By Kroll
Industry veterans Brian Lapidus and David White recently hosted a 40-minute dive into data breaches, how to expedite your response and what to expect when facing a breach of sensitive data, regardless of how it happens. The session was followed by live Q&A. Together, Brian and David have responded to thousands of data breaches worldwide and supported over 300 million customers safeguard their identity.
Feb 24, 2021   |  By Kroll
New vision. Same team. More clarity for organizations with complex challenges. Kroll is the world’s premier provider of services and digital products related to governance, risk and transparency.
Feb 19, 2021   |  By Kroll
Stefano Demichelis, Managing Director in the Business Intelligence and Investigations team at Kroll, a division of Duff & Phelps, recently spoke at a webinar organized by LegalPlus Asia. In this webinar, he shared his views on trade-based money laundering (TBML) and the implications for corporations.
Apr 5, 2021   |  By Kroll
As per data published by the Office of the Australian Information Commissioner, the healthcare industry in Australia accounted for 22% of notifiable data breaches between January to June 2020, which was more than any other industry. Cybercriminals continue to target this industry due to the vast amounts of highly sensitive personal information (such as Medicare numbers, credit card information and medical insurance numbers) that is stored by healthcare providers.

Kroll is the world’s premier provider of services and digital products related to governance, risk and transparency. We work with clients across diverse sectors in the areas of valuation, expert services, investigations, cyber security, corporate finance, restructuring, legal and business solutions, data analytics and regulatory compliance. Our firm has nearly 5,000 professionals in 30 countries and territories around the world.

Kroll experts provide rapid response to more than 2,000 cyber incidents of all types annually. We help countless more clients with eDiscovery and litigation support (including expert witness services); managed detection and response services for both active threats and as an integral part of network security; notification solutions, including multilingual call center support; and proactive services, including general and threat-focused risk assessments, response planning, tabletop exercises and more.

Our experts are able to deliver best-in-class endpoint security through our managed detection and response solution, Kroll Responder. Responder handles every step, with 24x7 managed detection and response services fueled by threat hunting and superior incident response.