Embed Size (px)
Citation preview
October 30, 2014 Don't be the next target
TO CATCH A CYBER CRIMINAL: TRENDS IN CYBER CRIME
Andreas Kaltsounis, Special Agent Department of Defense, Inspector General Andrew Friedman US Department of Justice, Western District of Washington Craig Spiezle, CEO & Executive Director Online Trust Alliance Timothy Wallach, Supervisory Special Agent, Cyber Task Force Federal Bureau of Investigation
Laws of Data • Your company includes “covered information” • You have regulatory requirement(s) • You will have a data breach incident
• If you are unprepared it will cost you • Direct expenses • Remediation • Brand • Business Shock
© 2014 All rights reserved. Online Trust Alliance (OTA) Slide 3
Lack of a Breach Plan
So Who You Gonna Call?
Open Dialog
• Contacting Law Enforcement • When, Who, Why, How
• Regulatory Requirements – • State, FTC, FCC, SEC ….. & International
• Incidents vs Attempts • The need for threat intel
Role of Law Enforcement
• What specific assistance can LE responders provide during or after an incident that adds value to an organization's incident response? What is outside the scope of LE?
Forensics – “Do Not Try This At Home”
Status of Federal Breach Legislation
• Two weeks ago President Obama stated, "Today, data breaches are handled by dozens of separate state laws, and it's time to have one clear national standard that brings certainty to businesses and keeps consumers safe."
Communications – Being Prepared
Summary • Be prepared! • Develop, test and update your plans quarterly • Complete an audit of all systems, data stores and cloud providers. • Develop a relationship with the appropriate Law Enforcement Agency
in the next 72 hours! • Validate your Boards “Risk Appetite”
Resources
• Data Breach Response Readiness Guide https://otalliance.org/breach • FBI Cybercrime Resources
http://www.fbi.gov/about-us/investigate/cyber/cyber • InfraGard https://www.infragard.org/ • Internet Crime Complaint Center (IC3) http://www.ic3.gov/default.aspx • U.S. Department of Defense
http://www.defense.gov/home/features/2013/0713_cyberdomain/
Contract Us
• Andreas Kaltsounis [email protected]
• Andrew Friedman
[email protected] • Craig Spiezle +1 425-455-7400
[email protected] • Timothy Wallach
