...
Once a problem has been identified, we assess. Assessment may involve conversations with users, deep analysis of log data, and identification and forensic investigation of affected systems. In complex cases, we may engage third parties, for example, cybersecurity firms with expertise in the area where we've experienced a compromise.
...