A cyberattack can be an unnerving incident for any organization. Having reinforcement and assistance from your corporate attorney, law enforcement and insurance carrier can prove extremely helpful. To provide legal protections to your company your attorney should be called first followed by law enforcement and your cyber coverage carrier.
According to the Police Executive Research Forum, 42 percent of local departments have a computer or cybercrime unit. Even if yours doesn’t, they can provide valuable advice and next steps.
Your corporate attorney, police and carrier can help coordinate the required reporting to federal and state entities, which is often necessary as cybercrime typically involves criminals in another part of the country or world. Two of the most frequently involved federal agencies are the FBI and Secret Service.
The FBI recommends reporting any breach if it:
- May impact national security, economic security, or public health and safety.
- Affects core government or critical infrastructure functions.
- Results in a significant loss of data, system availability, or control of systems.
- Involves a large number of victims.
- Indicates unauthorized access to, or malicious software present on, critical information technology systems.
- Violates federal or state/local/territorial/tribal (SLTT) law.
The very nature of cybercrime means most incidents will check at least one of the above boxes.
The full scope of an attack and all details are not needed to report an incident. Basic questions you may be asked initially include contact information, details about the affected systems, the suspected point of vulnerability, and when/how the incident was detected. Over time, you will be asked to provide details of your response and any available logs.
While it takes time to work your way through any security breach, the sooner you contact your corporate attorney, law enforcement and your cyber carrier the sooner you’ll have access to additional expertise. Don’t wait.