Today I attended a meeting where a Special Agent of the United States Secret Service’s North Texas Electronic Crimes Task Force discussed the role of law enforcement in responding to hacking / data breach incidents and provided an overview of the steps the Secret Service often takes in investigating such incidents. The Special Agent passed out this 4 page Incident Response and Planning Strategies When Notifying Law Enforcement that explains in detail the following 3 steps to guide organizations when notifying law enforcement:
Step #1 – Know who to involve in your initial response (and yes, hiring outside legal counsel is one of the points)
Step #2 – Containing the problem while investigating the incident
Step #3 – Collecting and reporting the facts
This guidance from the Secret Service is important because the Secret Service is primarily responsible for investigating many cyber crimes, including the Computer Fraud and Abuse Act. A pdf of the handout can be downloaded HERE and is reproduced below.