Digital Assets and web3 Experience | Aon's Cyber Security

Digital Assets and web3 Experience Overview

The team of professionals at Stroz Friedberg, an Aon company, has significant industry experience in financial and forensic investigations, security testing, and intelligence services. Our team, compromised of former federal prosecutors, law enforcement agents, intelligence personnel, and experienced forensic analysts and penetration testers, have a deep understanding of the risks presented by the emerging digital assets and web3 sector and can customize solutions to help mitigate those risks.

Stroz Friedberg’s industry knowledge—combined with our extensive experience in digital forensics and incident response (“DFIR”), threat intelligence, security testing, and cyber governance advisory work—makes us uniquely positioned to help companies in this high-growth industry address and mitigate security and regulatory risks to their businesses.

Digital Assets and web3 Experience | this image depicts an overhead view of sideroads leading into a central town square and is meant to represent the holistic, cyclical approach to cyber security that is taken by Aon's Cyber Solutions.

Financial Investigations

Our investigators combine technical and accounting acumen to help financial firms with digital assets and web3 operations investigate the potential financial impact of security and technological incidents, including investigations involving loss quantification and financial misconduct.

Digital Forensics and Incident Response

Our DFIR team has broad experience investigating security incidents and addressing technical risks applicable to companies in the digital asset and web3 space, including security breaches, cryptocurrency theft, crypto mining, and ransomware and extortion cases. As a retained incident responder Stroz Friedberg helps companies to develop proactive incident response plans, enabling our DFIR team to respond quickly to security incidents.

Security Testing

Our security testing team has deep, sector-specific experience addressing key risks facing cryptocurrency and blockchain enterprises. We have conducted penetration tests of cryptocurrency wallets, custodian solutions, smart contracts, and custom blockchains as well as security reviews of applications using technologies such as multiparty computation and custom cryptographic protocols. Our assessments are often multi-phased and can include activities such as secure code review, dynamic testing, cloud security configuration review, threat modeling, and network penetration testing. Such assessments also have included tool-driven testing (e.g., static analysis, fuzzing) as well as manual review.

Intelligence

Our threat intelligence team conducts research and analysis across open sources, social media, and dark web to identify cyber-fraud trends related to digital assets, as well as tactics, techniques, and procedures used by threat actors in the cryptocurrency, blockchain, and NFT spaces. We enable private equity funds, venture capital firms, and other investors to assess investment risks and monitor regulatory updates to enable clients to adapt to the rapidly changing regulatory environment.

Key Contacts

Brian Lichter, Vice President, +1 202.981.2323, [email protected]
Eric Friedberg, Co-President, +1 212.981.6536, [email protected]