|Main Archive Page > Month Archives > infosec-news archives|
By Kelly Jackson Higgins
Jan 25, 2011
Organizations rarely report breaches to law enforcement, but a new
grassroots effort exploring the creation of a nonprofit to bridge the
gap between law enforcement and security professionals hopes to change
Alerting law enforcement that your organization has been "owned" just
doesn't cut it because that will get lost in translation, says Nick
Selby, managing director of Trident Risk Management, who is spearheading
the formation of the nonprofit. "[But] If you say, 'My systems were
breached' in a way that the penal code describes it, and that you
suffered [X] dollars in damages, and customer records were exposed to
potential identity theft, now you've given the cops something they can
dig their teeth into," says Selby, who will discuss the latest on his
concept for the nonprofit at next month's BSides conference in San
Selby, a security consultant who was sworn in as a police officer last
year, says the key is to give businesses and law enforcement the ability
to better communicate and understand one another in the aftermath of an
attack. That way, a breached company calling local law enforcement would
provide up front the information investigators need, the proper forensic
evidence, and leads that will help them prosecute the case, for example.
"The private sector is great at investigative work. Law enforcement
doesn't know what to ask for unless you've worked with them for a
while," he says. "All we have to do is get what each other needs.
Cybercrime is not diminishing."
Most organizations suffering breaches that don't require public
disclosure don't call in law enforcement, mainly because they consider
it an exposure risk, as well as an effort with little or no payback. And
those that do have their own rules about reporting to law enforcement.
Some require nondisclosure agreements, and that's something the FBI
traditionally won't agree to. There's also the question of who to call
-- local law enforcement, the FBI, or the Department of Homeland
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.