What is it and why and why may you need it?
In the event of a Cyber Security investigation, a vital part of the response process is represented by data acquisition and recovery to support comprehensive forensic analysis.
As soon as we agree a brief for a forensic investigation with the customer, we deploy a team of digital forensics specialists on-site to conduct data acquisition, creating a forensic copy of your digital media and the data held on it. The forensic evidence is safely copied, transported and stored in a secure environment, whereby digital forensic analysis can then begin. At PGI, we use our in-depth knowledge and advanced equipment to carry out fast,
effective and highly efficient data imaging and acquisition methods to protect an organisation from both present and potential threat actors and can identify potential malware. We ensure that only the necessary data is acquired and work with the customer to understand that threats are understood and potential risks are mitigated during and after the investigation process.
How does PGI carry out Digital Forensics?
PGI Cyber performs Digital Forensics, the process of investigating the actions performed on a digital system after collecting data through forensic data acquisition. Once data acquisition has been completed, we reconstruct user actions and system events that can help us identify artefacts such as the introduction or existence of malware, storing or distributing of files or malicious communication.
How do we report our findings?
PGI Cyber can provide findings in a number of ways. Depending on the requirement for law enforcement or not, it is best practice to treat every case as if it will one day go to court. We adhere to ACPO Guidelines whereby we take detailed notes, photographs and software verifications during each stage.