For more than seven years, Kivu has worked with the cyber insurance industry, developing new services, pricing models, and changing the shape of response vendor panels. Our services range from incident response for insurance clients, to tailored proactive services that decisively reduce the risk of breach. It’s no surprise that Kivu was nominated Advisen’s “Cyber Service Vendor of the Year” and “Cyber Risk Event Response Team of the Year” in 2015, 2016, 2017 and 2018. We understand that the cyber insurance ecosystem is a balance of value, responsiveness and client service. Kivu is a leader in developing remote response services, which allow breaches to be investigated and mitigated without the delay and expense of needing to put “boots on the ground.” At the same time, Kivu continues to implement innovative pricing models, including the first fixed-price ransomware response service.
- Approved by Cyber Insurance carriers and Managing General Agents
- Preferred Partner, Expert Legal Testimony
Since 2009, Kivu analysts have acted as trusted cyber advisors to attorneys throughout North America and Europe. Computer forensics is often the only means to conclusively prove or disprove a legal case. Our cases have involved cyber security and privacy class actions, theft of trade secrets, employment disputes, and regulatory disputes. Kivu understands the legal issues of privilege, spoliation, confidentiality and discoverability and the fact that anything could lead litigation. Our analysts have testified as experts in US, state and Federal court cases, in mediation, and before regulators. We act as third-party experts and escrow agents for the review and analysis of extremely confidential data. In addition to providing cyber forensics and data security services, we regularly present to law firms and industry groups (including the ABA and IAPP) on legal issues related to cyber – e.g., best practices in InfoSec, the treatment of digital evidence, and maintaining privilege during data breaches.
A professional service company’s focus on running its business may lead to exposure in infrastructure--a reason they are targeted by criminals. Kivu is experienced in serving the cyber security needs of law firms, architects and accounting firms. Our analysts are highly skilled in managing investigative cases involving theft of trade secrets and confidential data, employee misconduct, and fraud regarding W-2 and other tax information. Kivu also helps professional services companies assess the cyber threats that may impact their business, as well as take the pre-emptive steps necessary to mitigate that risk.
Kivu has a depth of practical experience providing pre-emptive risk assessments for and responding to cyber incidents among healthcare organizations and their business associates. We have provided the forensic analysis in dozens of healthcare data breaches, including some of the largest in the US. Our healthcare cases have ranged from major hospital breaches that made national headlines, to inadvertent disclosure of sensitive data by small business associates. Kivu works with covered entities and business associates to determine if a breach has occurred, identify the source or vector of the attack, and determine the extent of potentially compromised data. In many cases, Kivu’s forensic analysis has proven that Personal Health Information (PHI) was not compromised, or that the amount of PHI affected was significantly less than feared. In such cases, our clients have avoided unnecessary notification costs and public relations damage.
Kivu provides cyber response services and pro-active security assessments to a wide range of educational organizations, including: K-12 schools, community college systems, major universities, and teaching hospitals throughout the United States. We have provided expert risk management and prevention guidance, helping education institutions effectively prevent or mitigate incidents and cyber events. We are experienced working with the various means used to mitigate or transfer risk in education, including captives and insurance pooled through state special agencies. On numerous occasions, Kivu has worked with an educational institution’s internal personnel to determine whether a network intrusion has occurred, and the extent of the damage. Kivu personnel have worked on site, as well as from remote locations, allowing for quick, effective response. Kivu personnel have testified as experts and acted as Special Masters in litigation and disputes involving students’ personal and financial data, health plans, and the privacy of student education records under FERPA. We understand the complexities of working with the various stakeholders in education, including: teachers, students and employees.
Start-up and high growth businesses may not have not the staff or available funds to strengthen their systems and networks against cyber attack. Often, their need to focus on product may lead to limitations in infrastructure investment. With our origins and head office in San Francisco, Kivu has extensive expertise serving the cyber security needs of start-ups, technology businesses, and other high-growth companies. We recognize that no organization is immune to attack and that a company’s brand, reputation, intellectual property (IP), and trade secrets may be at risk. Kivu has often worked with companies to prevent or address IP theft. Kivu provides expert risk management and prevention services for start-up and high growth businesses. Our analysts assess an organization’s ability to respond to a security intrusion and identify the most practical measures it can take to improve its readiness. In the event of a real or suspected cyber incident, Kivu works with a company’s internal IT Department to determine whether an intrusion has occurred, and the extent of the damage. Kivu personnel can work on site, as well as from remote locations, allowing for quick, effective response.