For IT security professionals across the globe, building a relationship with law enforcement is pivotal when responding to a cyberincident, according to a panel Tuesday at the inaugural SC World Congress in New York.
“Pick up the phone and call an FBI agent,” John Iannarelli, supervisory special agent with the FBI said. “Build a relationship before you need them. Find out who your local representative is.”
Enterprises in the UK should also establish a relationship with law enforcement, said panelist Kevin Hyland, a senior investigating officer with Scotland Yard. We are there to provide you with a service, but we need to collaborate,” he said.
IT security professionals may be struggling to get buy-in from top-level executives for their cybersecurity initiatives. For those with that problem, the executives who might not care will generally listen to law enforcement, Iannarelli said.
FBI agents are willing to make time to talk to upper management about the importance of securing their networks, a small commitment when compared to the years it could take to investigate a cybercrime, Iannarelli said.
In the event of a cybercrime, it's understandable for an enterprise to want to shore up their network as quickly as possible, said panelist Edward Lowery, a special agent with the U.S. Secret Service. But, it's also important that law enforcement is involved early on to collect evidence.
When companies report a crime, the FBI is usually out there the same day, Iannarelli said. “[But] many times we are not hearing about crimes until 30 or 60 days after,” he said.
In addition, companies might be worried about the effect reporting an incident could have on their reputation, Hyland said. But if criminals end up going to prison, it could be good publicity, he said.
Harper Boucher, Interpol special representative to the United Nations, and Phyllis A. Schneck, founding chairman of the InfraGard National MembersAlliance and the vice president of cyberintelligence and critical infrastructure protection at McAfee, also participated in the panel.
See original article on scmagazineus.com
World Congress: As part of incident response, seek out law enforcement
By Angela Moscaritolo on Dec 10, 2008 10:08AM
Building a relationship with law enforcement is key and so is gaining executive buy-in for cybersecurity initiatives, an SC World Congress panel said Tuesday.
Got a news tip for our journalists? Share it with us anonymously here.