-
Risk Advisory
Security for your business
-
Digital advisory & IT consulting
Mastering digitalisation together
-
Operational Advisory
Solidifying and supporting transformation
-
Deal Advisory
We’ll advise you on national and international transactions
-
Valuation & economic and dispute advisory
We’ll value your business fairly and realistically
-
Financial Advisory
Optimising financial structures
-
Tax for businesses
Because your business – national or international – deserves better tax advice.
-
Tax for financial institutions
Financial services tax – for banks, asset managers and insurance companies
-
Employment law
Representation for businesses
-
Commercial & distribution
Making purchasing and distribution legally water-tight.
-
Inheritance and succession
Don’t leave the future to chance.
-
Financial Services | Legal
Your Growth, Our Commitment.
-
Business legal
Doing business successfully by optimally structuring companies
-
Real estate law
We cover everything on the real estate sector, the hotel industry, and the law governing construction and architects, condominium ownership, and letting and renting.
-
IT, IP and data protection
IT security and digital innovations
-
Mergers & acquisitions (M&A)
Your one-stop service provider focusing on M&A transactions
-
International business
Our country expertise
-
Entering the German market
Your reliable partners.
Responding to cyber-attacks
Digital forensics and incident response (DFIR) are subdivisions of cybersecurity. It is essential for companies to respond to a cyber-attack forensically in order to fend off the next attack and to emerge from it in a strengthened position. This is not only crucial to avoid future attacks and to identify attackers but also to fulfil legal requirements. A response also lays the groundwork for any insurance claims.
Immediate measures in a cyber-attack – incident response
Incident response (IR) is an organised process to overcome and manage the effects of a cyber-attack. When an incident occurs, it is crucial to keep calm and to document the incident precisely. Note down what happened, when it happened and which systems were affected. Then inform your IT team, or if you don’t have one, an IR service provider. It is important not to attempt to go into crisis mode and try to deal with the impact of the attack by yourself. This can make the situation worse and destroy evidence.
An IR service provider should be contacted if the situation gets out of control or if internal resources are not sufficient to cope with the incident effectively. An IR service provider can also provide support with crisis management issues, such as negotiations with attackers and communication with the authorities as well as with data protection issues such as stolen data.
How do preventive measures support cybersecurity?
Effective IR also includes preventive measures. These include:
- regular security audits
- staff training, and
- implementing security policies.
An IR service provider can help to implement and manage these measures. Prevention is often less expensive than having to react to a cyber-attack.
As an independent IR service provider, Grant Thornton will give you direct assistance on this number: +49 800 170 1000.