working with law enforcement on cyber security strategies
DESCRIPTION
Join Cyber Risk Summit Speakers as they discuss the best practices in working with law enforcementTRANSCRIPT
Edit the text with your own short phrase.
The animation is already done for you; just copy and paste the slide into your existing presentation.
October 30, 2014 Don't be the next target
TO CATCH A CYBER CRIMINAL: TRENDS IN CYBER CRIME
Andreas Kaltsounis, Special Agent Defense Criminal Investigative Service Task Force Officer, Seattle FBI Cyber Task Force
Andrew Friedman, Assistant United States Attorney Western District of Washington
Craig Spiezle, CEO & Executive Director Online Trust Alliance
Timothy Wallach, Supervisory Special Agent, Cyber Task Force Federal Bureau of Investigation
Laws of Data
• Your company includes “covered information”
• You have regulatory requirement(s)
• You will have a data breach incident
• If you are unprepared it will cost you • Direct expenses
• Remediation
• Brand
• Business Shock
© 2014 All rights reserved. Online Trust Alliance (OTA) Slide 3
Lack of a Breach Plan
So Who You Gonna Call?
Open Dialog
•Contacting Law Enforcement • When, Who, Why, How
•Regulatory Requirements – • State, FTC, FCC, SEC ….. & International
• Incidents vs Attempts • The need for threat intel
Role of Law Enforcement
•What specific assistance can LE responders provide during or after an incident that adds value to an organization's incident response? What is outside the scope of LE?
Sharing Data & Results
• What should I share? - Attempts or only breaches
• What are the implications if a case is actually solved and prosecuted?
• Are cybercrime cases ever actually solved and prosecuted?
• What are the international jurisdictional issues? Do we need new laws?
• Can I get any remediation or recover any losses / damages?
Forensics – “Do Not Try This At Home”
Status of Federal Breach Legislation
• Two weeks ago President Obama stated, "Today, data breaches are handled by dozens of separate state laws, and it's time to have one clear national standard that brings certainty to businesses and keeps consumers safe."
Communications – Being Prepared
Summary
• Be prepared – develop your breach response plan.
• Develop, test and update your plans quarterly.
• Complete an audit of all systems, data stores and cloud providers.
• Include law enforcement in your incident response. Don't leave it until the emergency...it could result in unneeded delay.
• Develop a relationship with the appropriate Law Enforcement Agency in the next 72 hours!
• Validate your Boards “Risk Appetite”
Resources • Data Breach Response Readiness Guide https://otalliance.org/breach
• FBI Cybercrime Resources http://www.fbi.gov/about-us/investigate/cyber/cyber
• FBI Cyber Task Force; [email protected]; 206-622-0460
• InfraGard https://www.infragard.org/
• Internet Crime Complaint Center (IC3) http://www.ic3.gov/default.aspx
• U.S. Department of Defense http://www.defense.gov/home/features/2013/0713_cyberdomain/ http://www.dodig.mil/inv_dcis/pdfs/DCIS_CyberCrime.pdf
Contact Us
• Andreas Kaltsounis +1 206-913-4594 [email protected]
• Andrew Friedman [email protected]
• Craig Spiezle +1 425-455-7400 [email protected]
• Timothy Wallach [email protected]