Cyber-attacks and data security breaches are sadly becoming normal sights in news headlines. Even with all the coverage, companies may not know how to respond properly to such an attack, especially during the precious few hours after a breach is discovered.
Many organizations simply reach for the phone and dial 911, the logical response to a crime. Unfortunately, going through local dispatch can offer little help when a rapid, controlled response is needed. Cyber-crimes are usually handled by differing portions of law enforcement, so security experts recommend establishing a relationship with the proper department beforehand to avoid the time it takes to get them up to speed on your situation.
Even so, contacting the right agency or emergency response team can make a huge difference in your organization’s ability to shut out intruders, respond to the damage, identify suspects and potentially protect from future attacks. Here are five of the most important ones you can call:
1. Federal Law Enforcement for Your Region
Federal agencies operate out of regional hub offices throughout the U.S. in addition to smaller field offices spread out across suburban areas.
Knowing exactly which office has jurisdiction over your territory can buy back hours of time when responding to an emergency. Sometimes, the agency might not even be who you expect. For instance, the Secret Service handles a surprising amount of financial-related cases since they have an anti-fraud program with vast resources behind it.
Most cyberattacks will therefore fall under jurisdiction between either the regional FBI field office or a regional contact for the Secret Service. You can find the closest office to you by looking at this list of FBI field offices by metro area. Contacting them soon is recommended to find an agent or agent team who can help manage your cases and serve as your ongoing contact.
When cyber-crimes occur, the Internet Crime Complaint Center (IC3) is the place to report it. This organization was established as a method to intake complaints and reports regarding crimes occurring online. These crimes can include security breaches, harassment or suspected illegal activities taking place online. The IC3 can also handle complaints from anyone, even non-citizens.
3. Your In-House Security Team
Every organization should have cyber security policies and protocols to follow in the event of a breach. Security experts recommend going one step further by forming a council or team focused on providing guidance during disaster response. The team can be made of dedicated cyber security employees, or it can include a collaborative mix of IT, HR, executive leadership and other individuals.
No matter who you appoint to the team, make sure they are well versed in policies and example scenarios so that they can remain calm, collected and action-oriented even in the midst of an incident.
Most people have not heard of the U.S. Computer Emergency Readiness Team, or US-CERT, but every world region is expected to have a CERT office. These organizations specialize in forensic investigations following the aftermath of a cyberattack, helping reveal more information to victims in order to hopefully prosecute perpetrators while preventing future events.
You can report crimes or incidents to US-CERT on their website or by calling (888) 282-0870.
Contrary to their portrayal as slick, Euro-accented agents dispatched to oversee investigations, real Interpol agents serve as international liaisons between law enforcement agencies of various countries. Their primary role is to construct an international database on crimes, so when a cyberattack in rural Utah resembles an earlier attack in Belarus, Interpol may be able to help law enforcement piece together critical details.
Contacting them after a cyber-attack may be necessary since not all cyber incidents originate domestically.
Consider Managed IT Services and Consulting
Many organizations keep skeleton crew IT personnel on staff to handle small issues like frozen browsers and missing file backups. These piecemeal solutions are far from enough in the face of a cyber attack.
If you want to be able to mobilize your own response to an attempted or successful attack without adding a costly team to your payroll, consider managed IT services and consulting. With security consulting, 24 hour network monitoring and a thorough review of your current protective measures, organizations like U.S. Computer Connection can be the difference between a prepared response and effectively no response at all.
Contact us today to learn more about effective cyber incident response policies and how your organization can take charge of its security needs.