Digital Assets and web3 Experience Overview
The team of professionals at Stroz Friedberg, an Aon company, has significant industry experience in financial and forensic investigations, security testing, and intelligence services. Our team, compromised of former federal prosecutors, law enforcement agents, intelligence personnel, and experienced forensic analysts and penetration testers, have a deep understanding of the risks presented by the emerging digital assets and web3 sector and can customize solutions to help mitigate those risks.
Stroz Friedberg’s industry knowledge—combined with our extensive experience in digital forensics and incident response (“DFIR”), threat intelligence, security testing, and cyber governance advisory work—makes us uniquely positioned to help companies in this high-growth industry address and mitigate security and regulatory risks to their businesses.
Financial Investigations
Our investigators combine technical and accounting acumen to help financial firms with digital assets and web3 operations investigate the potential financial impact of security and technological incidents, including investigations involving loss quantification and financial misconduct.
Digital Forensics and Incident Response
Our DFIR team has broad experience investigating security incidents and addressing technical risks applicable to companies in the digital asset and web3 space, including security breaches, cryptocurrency theft, crypto mining, and ransomware and extortion cases. As a retained incident responder Stroz Friedberg helps companies to develop proactive incident response plans, enabling our DFIR team to respond quickly to security incidents.
Security Testing
Our security testing team has deep, sector-specific experience addressing key risks facing cryptocurrency and blockchain enterprises. We have conducted penetration tests of cryptocurrency wallets, custodian solutions, smart contracts, and custom blockchains as well as security reviews of applications using technologies such as multiparty computation and custom cryptographic protocols. Our assessments are often multi-phased and can include activities such as secure code review, dynamic testing, cloud security configuration review, threat modeling, and network penetration testing. Such assessments also have included tool-driven testing (e.g., static analysis, fuzzing) as well as manual review.
Intelligence
Our threat intelligence team conducts research and analysis across open sources, social media, and dark web to identify cyber-fraud trends related to digital assets, as well as tactics, techniques, and procedures used by threat actors in the cryptocurrency, blockchain, and NFT spaces. We enable private equity funds, venture capital firms, and other investors to assess investment risks and monitor regulatory updates to enable clients to adapt to the rapidly changing regulatory environment.
Key Contacts
- Brian Lichter, Vice President, +1 202.981.2323, brian.lichter@strozfriedberg.com
- Eric Friedberg, Co-President, +1 212.981.6536, eric.friedberg@strozfriedberg.com