The Hartford’s Cyber Resources

Partnering for Success

With a web of evolving threats, the best defense is a good offense. The Hartford’s Cyber team has the industry expertise, tailored solutions, and resources to ensure that when disaster strikes, businesses are prepared.
Search our library of marketing materials, thought leadership articles and webinars to learn how to minimize cyber risk and build an effect defense strategy.
 

Third-Party Vendors

The Hartford knows that responding to a cyber attack is only part of what your clients need when it comes to cyber protection. The Hartford has relationships with numerous leading vendors who can provide security-privacy services, referred to as our CyberChoice First Responders.SM

Legal

Mullen Coughlin
John Mullen
610-608-8785
Breach Hotline: 844-943-3847
 
Constangy, Brooks, Smith & Prophete, LLP
Sean Hoar
503-459-7707
Breach Hotline: 877-382-2724
 
McDonald Hopkins
James Giszczak
248-220-1354
Breach Hotline: 855-643-2821
 
Marshall, Dennehey, Warner, Coleman & Goggin
David J. Shannon
215-575-2615
 
Wilson Elser, LLP
Anjali Das
312-821-6164
Breach Hotline: 877-292-3710
 
Pierson Ferdinand, LLP
Stuart Panensky
732-996-2451
stuart.panensky@pierferd.com
Breach Hotline: 833-737-7444
cyber@pierferd.com
 

 

Notification Services and Call Center

Epiq
Aideen Gaffney
503-313-1020
 
Experian
Ryan Coyne
949-402-5378
Breach Hotline: 877- 534-7032
 
TransUnion
Nate Spurrier
480-490-9305
 
IDX
Todd Hindman
512-712-2270
 
Kroll Associates, Inc.
Hillary Parkins
615-924-7932
Breach Hotline: 877-300-6816
 

 

Computer Forensics

Arete Incident Response
Lynn Peachey
908-635-1677
Breach Hotline: 866-210-0955
 
Kivu Consulting, Inc.
Andrew Davis
484-645-3018
Breach Hotline: 855-548-8767
 
Arctic Wolf Incident Response
Kevin Kiser
608-571-2525
Breach Hotline: 608-509-4445
 
Booz Allen Hamilton
Brendan Rooney
703-541-9781
Breach Hotline: 888-266-9478
 
Ankura
Brent Riley
540-848-5404
Breach Hotline: 800-496-0089
 
Kroll, LLC
Devon Ackerman
201-463-6897
Breach Hotline: 877-300-6816
 
Charles River Associates
Bill Hardin
773-415-3076
Breach Hotline: 866-272-2923
 
Stroz Friedberg
Jeffrey Jansen
610-246-6033
Breach Hotline: 800-519-2743
 

 

Credit Monitoring and Identity Protection Services

Experian
Ozzie Fonseca
949-567-3851
Breach Hotline: 877- 534-7032
 
IDX
Todd Hindman
512-712-2270
 
Kroll Associates, Inc.
Hillary Parkins
615-924-7932
Breach Hotline: 877-300-6816
 
TransUnion
Nate Spurrier
480-490-9305
 

 

Public Relations and Crisis Communications

Fleishman-Hillard, Inc.
Cody Want
646-895-3235
 
JadeRoq
Jason Maloni
202-834-9677
 

Cyber Media Opportunities

The latest news and insights from The Hartford.
 

Webinars

Learn about emerging trends and how we can help mitigate potential damage featuring The Hartford Cyber Team and our partners.
 

 

Cyber Terms 101

The world of cyber security can be confusing to navigate. Developing a better vocabulary can give you a stronger foundation to help mitigate risks. Below is a list of some common cyber key terms.
Business Email Compromise is a type of email cybercrime scam in which an attacker targets a business to trick an employee into sending money or divulging confidential company information. 
Business Interruption occurs when a company has a direct business income loss and extra expenses incurred due to a computer network outage. Dependent Business Interruption refers to a company’s loss of income because of an interruption in service from a third-party service provider.
Bricking refers to computers, servers, or other network equipment which becomes unusable due to malware or another form of cyber attack. 
Cryptojacking is type of cybercrime that involves the unauthorized use of computers, smartphones, tablets, or even servers by cybercriminals to mine for cryptocurrency. This is typically done by installing malware on the victim’s computer that uses their processing power to mine cryptocurrency without their knowledge or consent.
Common Vulnerabilities and Exposures (CVE) is a list of publicly disclosed computer vulnerabilities. CVE Identifiers assign each vulnerability a unique formal name, such as CVE-2023-34300. Each CVE receives a severity rating from 0-10, using the Common Vulnerability Scoring System (CVSS), which allows businesses to prioritize responses and resources according to threat level.
Domain-based Message Authentication, Reporting & Conformance (DMARC) is an email authentication protocol designed to give businesses the ability to protect their email domains from unauthorized use and email spoofing. DMARC extends two existing email authentication mechanisms known as Sender Policy Framework (SPF), which allows a business to specify who is allowed to send email on behalf of their email domain, and Domain Keys Identified Mail (DKIM), which allows a business to sign an outbound email in a way that allows email recipients’ email providers to verify its authenticity.
Multi-Factor Authentication (MFA), also referred to as two-factor authentication, makes it more difficult for hackers to access an account by requiring a user to provide at least two different credentials. The most common types of MFA include something you know (e.g. password/PIN), something you have (e.g. a physical access card), and something you are (e.g. biometrics such as a fingerprint).
Patches are software and operating system (OS) updates that address security vulnerabilities within a program or product. A “zero-day” attack occurs when a software vulnerability isn’t known or discovered before a corresponding patch is made available.
A port is a virtual point where network connections start and end. Ports are software-based and managed by a computer's operating system. Port 3389 for Remote Desktop Protocol (RDP) is one of the most exploited ports by cyber criminals.
Ransomware is a type of malicious software that prevents users from accessing their data or systems until a ransom is paid.
Social Engineering is the tactic of manipulating, influencing, or deceiving a victim to gain control over a computer system, or to steal personal and financial information. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. The most common type of social engineering is phishing, in which a cybercriminal utilizes an email to masquerade as a legitimate business or reputable person in order to trick a user into clicking a malicious link or email attachment or taking another action such as revealing their password.
Wire Transfer Fraud occurs when a scammer poses as a trusted source, usually a vendor, company, or family member, and requests an immediate wire transfer of funds. The fraudster will often indicate an urgent need for the funds, often claiming an emergency, to emotionally manipulate the victims into sending the payment.