Preserving digital evidence is essential for forensic investigations, insurance claims, and potential legal proceedings.

• Secure affected devices and servers
• Preserve system logs, access records, and network activity
• Create forensic images before altering systems
• Ensure evidence is preserved with proper chain of custody
• Involve a Techno-Legal Advocate to guide both the legal and technical aspects of evidence handling

If the incident involves financial fraud, payment diversion, or unauthorized transactions, immediate escalation is necessary.

• Notify banking partners immediately
• Attempt to freeze or reverse fraudulent transactions
• Document transaction timelines and communications
• Engage legal advisors and a Techno-Legal Advocate to assist with escalation and documentation

Certain cyber incidents may require reporting to law enforcement agencies or regulatory authorities depending on the nature of the breach.

• File appropriate cybercrime complaints where necessary
• Prepare documentation of the breach timeline and impact
• Ensure legal compliance with reporting obligations
• A Techno-Legal Advocate can assist in preparing legally defensible incident documentation

Cyber breaches can quickly become reputational crises if communication is not handled carefully.

• Coordinate internal communications with legal and management teams
• Avoid premature public disclosures before facts are confirmed
• Prepare a controlled communication strategy for customers and partners
• Ensure messaging aligns with legal advice and incident response strategy