Tag Archives: Cyber Incident Response

Get “Incident Response” Ready with Help from the DOJ

Being ready and able to effectively respond to a cyber incident is vital in terms of minimizing the resulting damages, but do you know what to do or where to look for assistance?

An effective response means having a plan before a cyber incident occurs. To help with your incident response planning efforts, the U.S. Department of Justice (“DOJ”) recently released a revised version of its “Best Practices for Victim Response and Reporting of Cyber Incidents” (Guidance). The DOJ’s Guidance was based on the real-life lessons learned by federal officials with input from private companies who managed cyber incidents.

The Guidance consists of four sections: Continue reading Get “Incident Response” Ready with Help from the DOJ

Justice Department Releases Cyber Incident Best Practices

The U.S. Department of Justice released a new guidance titled Best Practices for Victim Response and Reporting of Cyber Incidents. The report takes advantage of lessons learned by federal prosecutors during cyber investigations and prosecutors to provide a checklist of best practices. It is targeted towards smaller organizations with fewer resources and less experience with cyber security.

The Justice Department makes the following recommendations before a breach occurs:

  • Take inventory of the critical assets
  • Have an action plan in place
  • Have appropriate technology in place to respond
  • Have authorization in place for network monitoring
  • Ensure legal counsel is well-versed in cyber incident management
  • Ensure policies match the incident response plan
  • Establish relationships with law enforcement before an incident
  • Establish relationships with information sharing organizations

The report also highlights best practices for during and after a breach occurs. To review the report specifics, click here.