![Page 1: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/1.jpg)
Edit the text with your own short phrase.
The animation is already done for you; just copy and paste the slide into your existing presentation.
October 30, 2014 Don't be the next target
![Page 2: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/2.jpg)
TO CATCH A CYBER CRIMINAL: TRENDS IN CYBER CRIME
Andreas Kaltsounis, Special Agent Defense Criminal Investigative Service Task Force Officer, Seattle FBI Cyber Task Force
Andrew Friedman, Assistant United States Attorney Western District of Washington
Craig Spiezle, CEO & Executive Director Online Trust Alliance
Timothy Wallach, Supervisory Special Agent, Cyber Task Force Federal Bureau of Investigation
![Page 3: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/3.jpg)
Laws of Data
• Your company includes “covered information”
• You have regulatory requirement(s)
• You will have a data breach incident
• If you are unprepared it will cost you • Direct expenses
• Remediation
• Brand
• Business Shock
© 2014 All rights reserved. Online Trust Alliance (OTA) Slide 3
![Page 4: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/4.jpg)
Lack of a Breach Plan
![Page 5: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/5.jpg)
So Who You Gonna Call?
![Page 6: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/6.jpg)
Open Dialog
•Contacting Law Enforcement • When, Who, Why, How
•Regulatory Requirements – • State, FTC, FCC, SEC ….. & International
• Incidents vs Attempts • The need for threat intel
![Page 7: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/7.jpg)
Role of Law Enforcement
•What specific assistance can LE responders provide during or after an incident that adds value to an organization's incident response? What is outside the scope of LE?
![Page 8: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/8.jpg)
Sharing Data & Results
• What should I share? - Attempts or only breaches
• What are the implications if a case is actually solved and prosecuted?
• Are cybercrime cases ever actually solved and prosecuted?
• What are the international jurisdictional issues? Do we need new laws?
• Can I get any remediation or recover any losses / damages?
![Page 9: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/9.jpg)
Forensics – “Do Not Try This At Home”
![Page 10: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/10.jpg)
Status of Federal Breach Legislation
• Two weeks ago President Obama stated, "Today, data breaches are handled by dozens of separate state laws, and it's time to have one clear national standard that brings certainty to businesses and keeps consumers safe."
![Page 11: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/11.jpg)
Communications – Being Prepared
![Page 12: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/12.jpg)
Summary
• Be prepared – develop your breach response plan.
• Develop, test and update your plans quarterly.
• Complete an audit of all systems, data stores and cloud providers.
• Include law enforcement in your incident response. Don't leave it until the emergency...it could result in unneeded delay.
• Develop a relationship with the appropriate Law Enforcement Agency in the next 72 hours!
• Validate your Boards “Risk Appetite”
![Page 13: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/13.jpg)
Resources • Data Breach Response Readiness Guide https://otalliance.org/breach
• FBI Cybercrime Resources http://www.fbi.gov/about-us/investigate/cyber/cyber
• FBI Cyber Task Force; [email protected]; 206-622-0460
• InfraGard https://www.infragard.org/
• Internet Crime Complaint Center (IC3) http://www.ic3.gov/default.aspx
• U.S. Department of Defense http://www.defense.gov/home/features/2013/0713_cyberdomain/ http://www.dodig.mil/inv_dcis/pdfs/DCIS_CyberCrime.pdf
![Page 14: Working with Law Enforcement on Cyber Security Strategies](https://reader034.vdocuments.us/reader034/viewer/2022052601/5595a5e01a28ab81168b46da/html5/thumbnails/14.jpg)
Contact Us
• Andreas Kaltsounis +1 206-913-4594 [email protected]
• Andrew Friedman [email protected]
• Craig Spiezle +1 425-455-7400 [email protected]
• Timothy Wallach [email protected]