Cybersecurity Incident

Checklist

Cybersecurity Incident Response  Determine whether incident justifies escalation  Begin documentation of decisions and actions  Engage experienced legal counsel to lead pro-

cess, determine privilege vs disclosure tracks  Notify and convene Incident Response Team  Notify cyber insurance carrier  Engage forensics to mitigate continued harm,

“Target has demonstrated . . . that the work of the Data Breach Task Force was focused not on remediation of the breach . . . but on informing Target’s in-house and outside counsel about the breach so that Target’s attorneys could provide the company with legal advice and prepare to defend the company in litigation that was already pending and was reasonably expected to follow.” In re Target Corp. Customer Data Breach Litigation

gather evidence, and investigate  Assess scope and nature of data compromised  Preliminarily determine legal obligations  Determine whether to notify law enforcement  Begin preparing public relations message  Engage notification / credit services vendor  Notify affected business partners

“Firms must adopt written policies to protect their clients’ private information . . . they need to anticipate potential cybersecurity events and have clear procedures in place rather than waiting to react once a breach occurs.” S.E.C. v. R.T. Jones Capital Equities Mgt.

 Investigate whether data has been “breached”  Determine when notification “clock” started  Remediate and protect against future breaches  Confirm notification / remediation obligations

“You don’t drown by falling in the water; you drown by staying there.” -Edwin Louis Cole

 Determine proper remediation services  Obtain contact information for notifications  Prepare notification letters, frequently asked

questions, and call centers  Plan and time notification “drop”  Implement public relations strategy  Administrative reporting (i.e., SEC)  Implement Cybersecurity Risk Management

Program

Cybersecurity Risk Management

For more information, please contact: Shawn E. Tuma Cybersecurity & Data Protection Partner Direct: 214.472.2135 | Mobile: 214.726.2808 [email protected] Blog: www.shawnetuma.com

Program

Scheef & Stone, L.L.P. is a full service business law firm providing clients with litigation, transactional, technology, and intellectual property services with expertise in business cyber risk areas of cybersecurity, data protection, privacy, and computer fraud. ATTORNEY ADVERTISING

© 2016 Scheef & Stone, L.L.P.

www.solidcounsel.com

Cybersecurity Incident Checklist.pdf

Cybersecurity Incident Checklist.pdf. Cybersecurity Incident Checklist.pdf. Open. Extract. Open with. Sign In. Main menu. Displaying Cybersecurity Incident ...
Download PDF
1MB Sizes 0 Downloads 136 Views
Report

Recommend Documents

cybersecurity professional - ISACA
With CSX, business leaders and cyber professionals can obtain the .... work with senior management to maximize organizational .... Like ISACA on Facebook:.
Cybersecurity - CUE.pdf
Ongoing safety resources to mitigate cybersecurity threats ... denial of service (DDoS) attack. which stops electronic ... Page 4 of 27. Cybersecurity - CUE.pdf.
Cybersecurity - Snell & Wilmer
Sep 30, 2016 - 25% of all of the data breaches that we hear about and ... when there is a data breach or cyber. DANIELLE ... no matter how small or large, can.
Cybersecurity - Snell & Wilmer
Sep 30, 2016 - the last ten or fifteen years. Let's start ... and social engineering. To level set the ... it will help harden your networks ... (UAT) into a unique all-STEM institution that marries the best ..... part of larger systematic campaign.
Incident Report
Feb 24, 2009 - The root cause of the problem was a software bug that caused an ... we monitor our systems 24 x 7, we have engineers available to analyze.
Google Apps Incident Report
Nov 15, 2010 - Prepared for Google Apps Customers ... Apps customers on November 15, 2010. ... your business and continued support during this time.
Google Apps Incident Report
Feb 27, 2011 - Google Engineering reverted the storage software update, and halted ... better identify this class of bug during the software development cycle.
Google Apps Incident Report
We understand this service issue has impacted our valued customers and users, and we apologize to everyone ... At 6:12 AM PDT, a bug in a thirdparty software update caused a partial failure of a Google network router in ... escalated the software iss
Weekly Incident Summary
Jul 26, 2016 - scene staff met with building personnel who advised that both the alarm and burglar .... Please check our webpage for further updates.
Google Apps Incident Report
Mar 18, 2013 - service disruption was an issue in the network control software. Actions and Root Cause Analysis. At 6:09 AM PT, a portion of Google's network ...
Google Apps Incident Report
Mar 17, 2014 - Issue Summary. From 8:35 AM to 12:10 PM PT, Google Talk, Google Hangouts (including Chat and Video), Google. Voice, and the Google App ...
Google Apps Incident Report
Apr 17, 2013 - The following is the incident report for the Google services access ... Talk, Google Sync, the Admin panel, and the Cloud Console, and to a ...
Google Apps Incident Report
Mar 19, 2013 - Applications using the Google Drive and Docs APIs also returned errors. ... We thank you for your business and continued support. Sincerely,.
Google Apps Incident Report
Feb 27, 2011 - Google Engineering reverted the storage software update, and halted further deployment. Restoration Process. While analyzing the issue and its root cause, Google Engineering also worked on the process to restore users' accounts. At 6:0
Google Apps Incident Report
Apr 17, 2012 - Prepared for Google Apps for Business customers. The following is the ... Enhance internal documentation for configuration management.
Reducing Systemic Cybersecurity Risk - OECD
Jan 14, 2011 - such as satellites, cellular base stations and switches. ..... may also be difficult: investigations can be technically challenging and cross national.
Reducing Systemic Cybersecurity Risk - OECD.org
Jan 14, 2011 - patches to operating systems and applications; the deployment of anti-malware, firewall and intrusion detection products and services; the use ...
Google Apps Incident Report
This misconfiguration prevented changes to existing customer data for upgraded users. ... Eliminate the need for server restarts to recover from this type of error.
Google Apps Incident Report
At 7:50 AM PT | 16:00 UTC November 15, Google Calendar Engineering brought a system of servers ... your business and continued support during this time.
Reducing Systemic Cybersecurity Risk - OECD
Jan 14, 2011 - views of the OECD or of the governments of its member countries. ...... seeking to punish downloaders of copyright material, against the .... to focus more on the process of analysing risk rather than simply having a long list ... abou
Google Apps Incident Report
Dec 10, 2012 - Actions and Root Cause Analysis. Background: The load balancing software routes the millions of users' requests to Google data centers.
Google Apps Incident Report
Google Apps Incident Report. Google Docs Outage - September 7, 2011. Prepared for Google Apps for Business customers. The following is the incident report ...
incident form.pdf
Loading… Whoops! There was a problem loading more pages. Whoops! There was a problem previewing this document. Retrying... Download. Connect more apps... Try one of the apps below to open or edit this item. incident form.pdf. incident form.pdf. Ope
Google Apps Incident Report
Google Apps Incident Report. Gmail Outage - September 23, 2011. Prepared for Google Apps for Business customers. The following is the incident report for the ...