Does your organization know what to do if law enforcement came knocking on your door?

Go to the profile of Scott Augenbaum
Scott Augenbaum on Aug 14, 2019 • 3 answer
• 0
During my career as a Special Agent with the FBI, responsible for handling Cybercrime issues, I had to break the news to dozens of companies they were the victim of a data breach. A majority of the time these companies didn’t have a good plan in place on what was the next step. It was never a good day when I had to break the news. Would your organization know what to do if the law came knocking?


Honestly, we have work to do to be prepared for such a situation. Our organization knows to direct the news and the messenger to our Legal and IT teams. Both teams know how to understand the message and findings, understand impact to consumers and us, inform our cyber security insurer & exec branch, and prepare for response and corrections. We are in the process of defining our process regarding who all to call first, record incident details, in parallel stop the bleeding, inform customers, fix the issue and build prevention procedures to avoid a bad day like this etc. We have made progress; we aren't just there yet.

I'd love any advice from you, Scott, and others on what you recommend organizations should do to prepare for such a situation, and areas to work on to prevent having a bad day.

Go to the profile of Chirag Shukla
Chirag Shukla on Aug 14, 2019
• 3

Similar to Chirag, we have improvements to do with our planning and preparedness. Where we have done some things - we have policies in place to know how to react, what we need to do, notifications with regards to breach, and our Privacy/Compliance team puts efforts in to understand national and international laws. We use this to improve our overall readiness, such as hard drive encryption and other measures.

Another thing that we've been doing is tabletop exercises. We've been conducting about 1 per quarter with different scenarios. We include IT, HR, and Legal, plus any necessary individuals with focus on our exercise topic. We use this to improve our processes and better overall preparedness.

Go to the profile of Ken Smith
Ken Smith on Aug 14, 2019
• 3

Great question from Scott and a great reminder that every organization needs to be prepared for this situation. While larger organization have security, communications and compliance positions, many smaller companies do not. Regardless the risk of a cyber breach has no boundaries. Your first defense is having good established information security controls along with heightened awareness of all employees. Even with these best practices, a breach can and likely will happen. I agree with other IT Pack members that this scenario is not an IT issue. It’s a business issue. And as such the business needs to embrace the reality and include all aspects of the business to prepare and protect the organization. Table Top exercises are a great way to discuss and determine how a plan can be executed and where gaps exist. I also recommend that every organization have a third party cyber security organization working with them. These companies are focused on cyber and extend a 24x7 watch of your data and your enterprise. Something that most companies don’t or cant do. Also don’t forget about cyber liability insurance. This new type of coverage is very affordable and can pay for itself many times over in the event of a serious cyber breach. Bottom line is to be prepared, stay informed and perform drills, and leverage the expertise of a cyber security partner.

Go to the profile of Dave Robinson
Dave Robinson on Aug 20, 2019
• 0