According to the U.S Department of Justice’s Cybersecurity Unit, organizations can take the following precautions to minimize harm and expedite recovery.
• Identify the organization’s mission-critical data and assets.
• Develop an actionable, up-to-date incident response plan before an intrusion occurs.
• Have appropriate authorization in place to permit lawful network monitoring.
• Ensure the organization has legal counsel available that is familiar with technology and cyber incident management.
• Ensure the organization’s policies, such as human resources and personnel policies, align with its cyber incident response plan.
• Engage with federal law enforcement agencies before an incident occurs
• Establish relationships with cyber information sharing organizations, such as Information Sharing and Analysis Centers.
In addition, the Justice Department recommends that an organization’s response plan include the following steps as part of the incident response process:
Step 1: Make an initial assessment of the nature and scope of the incident.
Step 2: Implement measures to minimize ongoing damage from the incident.
Step 3: Record and collect information and evidence associated with the incident.
Step 4: Provide internal and external notifications regarding the incident.
More information about cybercrime is available at http://www.justice.gov/criminal-ccips/cybersecurity-unit
Pull quote: “It’s an area that’s all around us and it’s certainly an area that is expanding and touching everyone’s lives.” – Toby Galloway, Kelly, Hart & Hallman LLP.
Today’s office computers are veritable minefields where the wrong keystroke can expose corporate secrets and employee information.
Seemingly no day passes without Target, Citibank or other institutions reporting a new security breach, a trend that doesn’t exactly instill confidence in today’s workplace.
“There’s definitely an uptick to it,” said Toby Galloway, a partner with Kelly, Hart & Hallman LLP in Fort Worth.
Galloway knows firsthand the perils of the information age. The attorney specializes on internal investigations and focuses on federal enforcement, white collar defense and internal and governmental investigations.
With reported cyber-attacks mounting, Galloway keeps busy.
“It’s an area that’s all around us and certainly an area that is expanding and touching everyone’s lives,” said Galloway.
In 2014 alone, more than 317 million new variations of malware (malicious software) began circulating, according to reports by Symantec Corp., an information technology security company. Whether from malware, fraudulent email or other sources, security breaches can prove costly.
A single data breach can cost an average $3.8 million, according to the Ponemon Institute’s annual “Cost of Data Breach Study: Global Analysis” released in May. The figure represents a 23 percent rise since 2013. Ponemon is a Michigan-based privacy information resource.
Employees receiving notice that their personal information may have been exposed in the latest cyber-attack are now commonplace, intensifying the feeling of helplessness that pervades the workplace.
But all is not lost. With some foresight, companies can minimize the likelihood of a security breach should a cyber-attack occur.
“Companies are subject to attacks all the time,” Galloway said. “That may or may not result in a breach where private personal information is released.”
To reduce the risk, Galloway said companies must waste no time in responding to a cyber-attack.
“You want to be very swift in addressing a breach because your customers’ personal information may have been compromised,” Galloway said.
On the other hand, businesses should make sure a breach has occurred before reaching that conclusion.
“There are good reasons not to jump to conclusions,” said Galloway, pointing to corporate reputations that may suffer as a result of hasty action, for example.
“People sometimes have a sky-is-falling mentality and jump to conclusions that may or may not be warranted, so it’s important to act swiftly but not to panic,” Galloway said.