On April 29, the Cybersecurity Unit of the U.S. Department of
Justice (DOJ) published a practical guidance document entitled "Best
Practices for Victim Response and Reporting of Cyber
Incidents." The guidance clearly warns businesses to
anticipate and prepare for possible cyber incidents.
Based on cumulative input from business leaders and federal
prosecutors, the DOJ guidance presents best practices that
companies should take before, during and after a cyber attack or
intrusion. In addition to having a solid breach response plan in
place before an attack, the DOJ recommends that companies identify
experienced legal counsel that they can call on in the event of an
incident, and remain on the alert after an event as residual
vulnerabilities may exist.
While the DOJ's list of steps to take to prepare for a cyber
attack or intrusion are helpful, the guidance is particularly
useful in showing what the DOJ expects a company to do in the event
of a cyber incident with regard to preserving evidence and
assisting with the subsequent investigation. Currently the DOJ
publication is only a guidance document, but companies would be
well advised to take heed as these best practices may eventually
become the standard expected practice.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.