The Department of Justice Computer Crime & Intellectual Property Section (CCIPS) Cybersecurity Unit just released a guide on Best Practices for Victim Response and Reporting of Cyber Incidents alongside its remarks on the Division’s Cybersecurity Industry Roundtable. One of the goals of the Cybersecurity Unit was to work collaboratively with the private sector to help address cybersecurity challenges – this new best practices guide being one step in that direction.
Steps to Take Before a Cyber Intrusion or Attack Occurs
Having an Incident Response Plan in place can go a long way to reducing the costs associated with a data breach, both in fixed costs as well as the intangibles related to the loss of consumer trust. The best practices document includes information on:
- Identify your key data assets
- Have an actionable plan in place before an intrusion occurs (specific details in the document provided in this area), and ensure everyone is familiar with the plan
- Have appropriate technology and services in place before an intrusion occurs (off-site back-up, intrusion detection capabilities, data loss prevention (DLP) technologies, remote wipe options, server logging)
- Have appropriate authorization in place to permit network monitoring
- Ensure legal counsel is familiar with technology and cyber incident management to reduce response time during an incident (Related, see our post on How Lawyers Can Defend Against a Data Breach)
- Ensure organization policies align with your cyber incident response plan
- Engage with law enforcement before an incident
- Establish relationships with cyber information sharing organizations
- Respond to a computer intrusion / execute your incident response plan
Make an initial assessment of the nature and scope of an incident. People play a key role here in deciding if a breach has occurred and how it is handled, minimizing ongoing damage. This section also talks about the importance of recording a collection of information both to understand the breach and as evidence in later compliance or criminal investigations. Notification of breach to all parties – within the organization, law enforcement, and victims – is also detailed here.
The Guide also includes a checklist to help your organization prepare for a data breach. Contact us to learn how Absolute Software can help your organization navigate the choppy regulatory landscape and to mitigate the ever-increasing data security risks.