Identify and protect critical assets by aligning cyber risk management strategy with corporate culture and risk tolerance

The digitization of almost every aspect of business, combined with the increased connectivity of people, devices, and organizations, has created a complex security landscape, leaving enterprises vulnerable to cyber risk.
Stroz Friedberg is a specialized risk management firm built to help clients solve the complex challenges prevalent in today’s digital, connected, and regulated business world

To achieve cyber resilience, organizations must commit to a continuous process of evaluation and improvement. Stroz Friedberg and Aon offer a full range of services to help you approach cyber as an enterprise risk.

The cyber threats facing organizations are evolving rapidly and can quickly endanger a company. No matter how mature your existing security program is, we can help you maximize the resilience of your enterprise.

The digitization of almost every aspect of business, combined with the increased connectivity of people, devices, and organizations, has created a complex security landscape, leaving enterprises vulnerable to cyber risk. Across industries organizations are engaged in a series of battles in a cyber war against multiple and unexpected adversaries—ranging from organized crime rings to nation states and terrorist groups, online vigilantes, and hacktivists. And cybersecurity risk is not only external, but internal too, with increasingly complex insider threats to a company’s trade secrets and employee safety.

Cybersecurity is no longer just an issue for the IT department—it’s a business imperative that demands attention from executives throughout an organization, and the Board.


Cyber resilience is an organization’s best defense against today’s cyber risk. What is cyber resilience? It’s preparation for a potential business disruption caused by cyber attacks. It’s an ability to detect external threats and internal vulnerabilities. It’s adapting and growing when the inevitable attack scenario unfolds. Resilient companies recognize that cyber risk is today’s new normal and stay one step ahead of threats to proactively protect themselves, their customers, partners and vendors against devastating attacks.

Stroz Friedberg’s cyber resilience team is a trusted adviser to the world’s most sophisticated organizations—a collection of the brightest minds in cybersecurity, with expertise in incident response, security science and digital forensics—who work proactively to minimize cyber risk, and respond in real time to contain issues and crisis situations.

Our multidisciplinary team tackles the most complex, time-sensitive, and far-reaching situations found at the intersection of law, technology, investigations, and science. Our teams have deep scientific roots: we are elite forensic analysts, computer scientists specializing in malware decryption, decoding and reverse engineering, Certified Information Systems Security Professionals, and Information Privacy Professionals. We are ISO 27001 (Cyber) certified across multiple service lines (cyber resilience and digital forensics)  in seven U.S. cities and the UK, where we have also obtained Cyber Essentials certification. Additionally via our Gotham Digital Science subsidiaries, we are certified to offer the industry leading CREST (the Council of Registered Ethical Security Testers), STAR (Simulated Target Attack and Response), and CBEST cybersecurity testing services. We also have unique experience with law enforcement. We are former members of the FBI and CIA, former attorneys from the Department of Justice, as well as internationally respected former prosecutors, litigators, regulators and members of law enforcement.

We work seamlessly with company leaders, including the board, and their staff, helping to bridge internal divides that can weaken an organization’s security posture. We offer tailored, practical solutions that align with an organization’s business objectives, both protecting and propelling the enterprise forward.

We don’t believe in routine, check-the-box compliance exercises and our work doesn’t end with making recommendations. We implement our strategy to help our clients continuously improve their defenses by judiciously applying available budget to people, process and technology investments. We can also monitor digital assets and real-time threats, with the integrated ability to activate our cyber response team when needed.

We’ve worked on proactive and reactive security for some of the largest, most high-profile organizations in the world. We assess an organization using evidence-based security science and remediate any vulnerabilities uncovered. We also help shift the cybersecurity mindset from reactive to proactive, developing holistic cyber incident preparedness plans.

When the inevitable occurs, our industry leading incident response teams help limit a company’s exposure in the aftermath, utilizing top intelligence and digital forensic methods to respond to a breach anywhere in the world. Our experienced computer scientists and forensic professionals frequently serve as expert witnesses in front of some of the best attorneys in the United States—and back up their findings convincingly in court. We have strict and rigorous controls over the handling and preservation of digital evidence, and as a result, evidence collected by Stroz Friedberg has never been deemed inadmissible. We often provide case-making testimony for our clients.

Our approach
  • We collaborate to understand both your near-and long-term business priorities, how we can add value to your organization, and help you respond to changing market dynamics.
  • We jointly author a plan to define how we will work together, outline our commitments to you, and define how we will measure our success.
  • We seek your input on how we are doing both through informal feedback sessions and annual surveys.
  • We follow through on our plan, executing with excellence and tracking outcomes.



Commentary, new discoveries, and innovative ideas right to your inbox.

Stroz Friedberg

Sorry! You are using an older browser which is not supported by this website.

Please download one of these free browsers to enjoy all our website has to offer:
Firefox, Chrome or Internet Explorer.