Incident Response and Planning Strategies When Notifying Law Enforcement   [open pdf - 873KB]

"As cyber incidents rapidly spread across the nation's financial and critical infrastructure an effective response requires close coordination from multiple stakeholders affected by the incident. The purpose of this document is to provide insight from the United States Secret Service Electronic Crimes Task Force on law enforcement's response as a stakeholder investigating cyber intrusions. Although there are a number of previously published incident response resources (articles, brochures, manuals and other printed materials, etc.) readily available, we are simply providing steps to consider when notifying law enforcement. A well-defined and organized response to a cyber incident requires a team effort. Getting the right people involved is essential to properly responding, coordinating, mitigating, and investigating your incident. Although law enforcement is just one of several stakeholders needed for a response strategy, our objective is to assist with the prevention, detection, and aggressive investigation of attacks on our nation's financial and critical infrastructures. The following three steps are intended to guide organizations when notifying law enforcement."

Public Domain
Retrieved From:
Secret Service: http://www.secretservice.gov/
Media Type:
Help with citations