Home > Information Security, Security > Should I approach the Law?

Should I approach the Law?


frightened-monkey I was thinking, what if my network is brought down by an external intruder for a day who exploits a vulnerability on my firewall, brings down critical server and steal some important customer information? Now the questions is, Should I be calling the law enforcement to handle the security breach? or Should I call in external consultants to assess the damage? Will I be able to catch the intruder? How would I know that the intruder hasn’t shared the data with others? many… many questions…

First thing first, if I give the case to law enforcement to catch the culprit… things that boggle round my head are:

  • Case will never be in my control
  • Since the news may go public, reputation of the organization would take a bad hit…
  • Evidence collected may take longer time, not sure how much, to go to the court
  • If the attack happens through bots, highly difficult to track the culprit
  • Even if the culprit is identified and if the attacker is from other country, local country’s regulations get applied… again I’ve least control to assess the damage
  • (many more reasons)

This brings the question… Going to Law, as an organization ‘am hit very badly and my total control on the case is too minimal. So is it a wise decision to approach Shaky Law? or leave the matter completely, so that it doesn’t bring as much damage in terms of reputation as approaching the Law would bring in!!!

As an organization, I felt the importance of developing Incident Response Team, who are skilled and heads from different department, to respond to security incidents from now on. This will bring in lot of control to track the status of the case…

Adding to this I found the importance of allocating special budget for securing my network, conduct internal assessments periodically and bring in Security Awareness among the employees…

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: