The Hartford’s Cyber Resources

Partnering for Success

With a web of evolving threats, the best defense is a good offense. The Hartford’s Cyber team has the industry expertise, tailored solutions, and resources to ensure that when disaster strikes, businesses are prepared.
Search our library of marketing materials, thought leadership articles and webinars to learn how to minimize cyber risk and build an effect defense strategy.

Third-Party Vendors

The Hartford knows that responding to a cyber attack is only part of what your clients need when it comes to cyber protection. The Hartford has relationships with numerous leading vendors who can provide security-privacy services, referred to as our CyberChoice First Responders.PE


Mullen Coughlin
John Mullen
Breach Hotline: 844-943-3847
Constangy, Brooks, Smith & Prophete, LLP
Sean Hoar
Breach Hotline: 877-382-2724
McDonald Hopkins
James Giszczak
Breach Hotline: 855-643-2821
Marshall, Dennehey, Warner, Coleman & Goggin
David J. Shannon
Wilson Elser, LLP
Anjali Das
Breach Hotline: 877-292-3710
Pierson Ferdinand, LLP
Stuart Panensky
Breach Hotline: 833-737-7444


Notification Services and Call Center

Aideen Gaffney
Ryan Coyne
Breach Hotline: 877- 534-7032
Nate Spurrier
Todd Hindman
Kroll Associates, Inc.
Hillary Parkins
Breach Hotline: 877-300-6816


Computer Forensics

Arete Incident Response
Lynn Peachey
Breach Hotline: 866-210-0955
Kivu Consulting, Inc.
Andrew Davis
Breach Hotline: 855-548-8767
Arctic Wolf Incident Response
Kevin Kiser
Breach Hotline: 608-509-4445
Booz Allen Hamilton
Brendan Rooney
Breach Hotline: 888-266-9478
Brent Riley
Breach Hotline: 800-496-0089
Kroll, LLC
Devon Ackerman
Breach Hotline: 877-300-6816
Charles River Associates
Bill Hardin
Breach Hotline: 866-272-2923
Stroz Friedberg
Jeffrey Jansen
Breach Hotline: 800-519-2743


Credit Monitoring and Identity Protection Services

Ozzie Fonseca
Breach Hotline: 877- 534-7032
Todd Hindman
Kroll Associates, Inc.
Hillary Parkins
Breach Hotline: 877-300-6816
Nate Spurrier


Public Relations and Crisis Communications

Fleishman-Hillard, Inc.
Cody Want
Jason Maloni

Cyber Media Opportunities

The latest news and insights from The Hartford.


Learn about emerging trends and how we can help mitigate potential damage featuring The Hartford Cyber Team and our partners.


Cyber Terms 101

The world of cyber security can be confusing to navigate. Developing a better vocabulary can give you a stronger foundation to help mitigate risks. Below is a list of some common cyber key terms.
Business Email Compromise is a type of email cybercrime scam in which an attacker targets a business to trick an employee into sending money or divulging confidential company information. 
Business Interruption occurs when a company has a direct business income loss and extra expenses incurred due to a computer network outage. Dependent Business Interruption refers to a company’s loss of income because of an interruption in service from a third-party service provider.
Bricking refers to computers, servers, or other network equipment which becomes unusable due to malware or another form of cyber attack. 
Cryptojacking is type of cybercrime that involves the unauthorized use of computers, smartphones, tablets, or even servers by cybercriminals to mine for cryptocurrency. This is typically done by installing malware on the victim’s computer that uses their processing power to mine cryptocurrency without their knowledge or consent.
Common Vulnerabilities and Exposures (CVE) is a list of publicly disclosed computer vulnerabilities. CVE Identifiers assign each vulnerability a unique formal name, such as CVE-2023-34300. Each CVE receives a severity rating from 0-10, using the Common Vulnerability Scoring System (CVSS), which allows businesses to prioritize responses and resources according to threat level.
Domain-based Message Authentication, Reporting & Conformance (DMARC) is an email authentication protocol designed to give businesses the ability to protect their email domains from unauthorized use and email spoofing. DMARC extends two existing email authentication mechanisms known as Sender Policy Framework (SPF), which allows a business to specify who is allowed to send email on behalf of their email domain, and Domain Keys Identified Mail (DKIM), which allows a business to sign an outbound email in a way that allows email recipients’ email providers to verify its authenticity.
Multi-Factor Authentication (MFA), also referred to as two-factor authentication, makes it more difficult for hackers to access an account by requiring a user to provide at least two different credentials. The most common types of MFA include something you know (e.g. password/PIN), something you have (e.g. a physical access card), and something you are (e.g. biometrics such as a fingerprint).
Patches are software and operating system (OS) updates that address security vulnerabilities within a program or product. A “zero-day” attack occurs when a software vulnerability isn’t known or discovered before a corresponding patch is made available.
A port is a virtual point where network connections start and end. Ports are software-based and managed by a computer's operating system. Port 3389 for Remote Desktop Protocol (RDP) is one of the most exploited ports by cyber criminals.
Ransomware is a type of malicious software that prevents users from accessing their data or systems until a ransom is paid.
Social Engineering is the tactic of manipulating, influencing, or deceiving a victim to gain control over a computer system, or to steal personal and financial information. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. The most common type of social engineering is phishing, in which a cybercriminal utilizes an email to masquerade as a legitimate business or reputable person in order to trick a user into clicking a malicious link or email attachment or taking another action such as revealing their password.
Wire Transfer Fraud occurs when a scammer poses as a trusted source, usually a vendor, company, or family member, and requests an immediate wire transfer of funds. The fraudster will often indicate an urgent need for the funds, often claiming an emergency, to emotionally manipulate the victims into sending the payment.