• Department of Justice Releases Cyber Security Best Practices
  • August 5, 2015
  • Law Firm: Vandeventer Black LLP - Norfolk Office
  • Cyber security is a hot topic in today’s news cycle. Whether it was the much-publicized Sony hack, or the very recent compromise of enormous amounts of highly sensitive U.S. government information, these types of incidents have been shown to be extremely costly to organizations. Today, private companies, large and small, cannot afford to fail to take the proper precautions in securing their own networks. A cyber attack can expose trade secrets, business strategies, and employees’ personally identifiable information. These attacks can lead to public embarrassment, lost profits, and litigation.

    Preparedness is well over half the battle. The U.S. Department of Justice has provided a quick and accessible guide to both protecting your organization from attack, and responding to a network breach.

    Below are some highlights of the D.O.J.’s recommendations:

    • Be prepared beforehand. Identify your most important and sensitive information and take the appropriate steps to protect it by ensuring that the technology in use is up-to-date, and that the appropriate authorizations are in place for network monitoring.
    • Develop a response plan in case a cyber attack does occur. This plan should contain actions to mitigate damage, collect and preserve evidence, and notify officials as well as customers and employees.
    • Build relationships with law enforcement, legal counsel, and private security groups before a network attack ever occurs.
    • Ensure you employ legal counsel who is well-versed in the many laws that are related to this area and has a working knowledge of cyber issues.
    • Follow procedures closely when a cyber attack occurs to ensure damage to your network is contained—do not use affected systems or seek retaliation.
    • Take advantage of the Cyber Incident Response Preparedness checklist that is included in this guide.
    These suggestions are only that—suggestions. However, as most businesses, regardless of size, move more and more to paperless record-keeping, cloud computing, and other digital means to carry out their operations, it behooves leaders to take the initiative and use all information at their disposal to get out in front of the hackers and corporate spies.