Helping clients protect and recover value through proactive cyber risk identification and management, and rapid action in response to a breach.
Helping clients to manage risk and regulatory compliance and respond to incidents of financial crime.
Uncover, analyse and clarify facts at the centre of disputes, frauds and other sensitive commercial matters.
Providing advisory and accelerated implementation services to the public and private sector.
Assists clients to grow, protect and recover value in their real estate portfolios.
Working with organisations to stabilise the business or to recover value on behalf of stakeholders.
We are Asia-Pacific’s trusted advisers in cybersecurity, financial crime, forensic, performance improvement, real estate and restructuring.
Our reach is global with offices across Australia, New Zealand, Indonesia and Singapore.
ESG is a fundamental part of the way we do business. We take tangible action to make a difference for our people, clients, and communities.
Driven by an entrepreneurial spirit and a different mindset, celebrate the firm’s 20th anniversary.
Cyber incident response
Our client became aware of a data breach disclosing highly sensitive customer information. The client used a commercial storage solution to share and exchange data internally and externally with authorised clients. Due to a misconfiguration made by untrained and inexperienced members of the internal IT team, extremely sensitive client data was inadvertently exposed and made publicly available. KordaMentha was subsequently engaged to provide independent investigation support to assist the board and executive team in identifying and quantifying the level of exposure the business had because of the incident.
The client was an international operation with multiple global clients (including government). One of our challenges was differentiating legitimate access to the exposed data and access by unknown and possibly malicious actors. Implementing our cyber breach workflow, we identified and engaged with the key stakeholders to obtain relevant information, isolate the breach and commence analysis. Leveraging our data analytics tools, we extracted and reviewed over 16 million log entries to pinpoint the unauthorised access. We assessed the nature of files subject to unauthorised access and investigated whether partially downloaded files might also have exposed confidential client and company information. Our team conducted a forensic analysis of several partially downloaded file types, which included zip files. We further leveraged the power of our document review platform, RelativityOne, to enable client review and categorisation of the sensitivity of potentially exposed documents. The results of our analysis equipped us to clarify our client’s level of exposure risk to the executive team. Our findings were then provided in an expert report to the legal team.
Media Release
9 April 2024
The worsening global geopolitical turbulence has seen an increase in client awareness and a resulting need for assistance with their sanctions co...
Blog
21 March 2024
The NIST framework has long been the world’s favourite cybersecurity risk management framework, but it’s taken a decade for it to be updated. Add...
19 March 2024
When it comes to anti-bribery laws, Australia has been decades behind the U.K. and the U.S. But new legislation passed recently means we’re catch...
News
18 March 2024
Restructuring expert Richard Tucker was featured recently in mining magazine Resources Review. His article tells the story of WA gold miner Spart...