How To
An Online Extortion Crisis Response Plan
Here's one CISO's plan if he receives an extortionist's threat
By Scott Berinato
May 01, 2005 — CSO — Here's one CISO's plan if he receives an extortionist's e-mail. (The CISO works for a large company but requested anonymity so as not to become a first-time target of extortion attempts.)
- Contact general counsel and CIO executive team (and whomever else they deem appropriate), and jointly make assessment of the company's risks as well as the credibility of the threat. Discuss all possible factors that could magnify the risks (such as impending big executive news or an acquisition).
- Recommend contact with appropriate electronic crimes law enforcement officials (LEOs) for tactical advice and (hopefully) assistance. (For example, are we the first to ever get this threat? Are these known perps? Has there been prior experience with them or with this MO?)
- If top management agrees to involve external LEOs, begin an investigation jointly with LEOs. Formulate detection and response strategy with them to prepare to acquire and preserve evidence.
- If senior management declines to involve external LEOs, whether or not they decide to pay, then expect to be tasked to assemble a "red team" to search for and eliminate the vulnerabilities that make the threat credible, and take other steps to diminish risk of attacks.
- Simultaneously expect to be working with crisis management teams, and especially the investor relations and corporate PR staff, to prepare an official position for the media. If a U.S.-based company, consider the Sarbanes-Oxley implications of every decision. That means senior finance folks will also need to be involved.
- Warm up disaster and business continuity plans and providers depending on the nature of the threat, perhaps increase backups in frequency or type. (For example, go to full now
instead of incremental for critical systems at risk.)
-S.B.
Other stories by Scott Berinato
Data Center Directions Virtual Conference
Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.
The Surest Path to Effective and Efficient Compliance
In this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.
Prudential Financial Protects its Brand with Symantec Data Loss Prevention Solutions
FORTUNE 100 insurance leaders rely on Symantec.Information Security: Data Drains and How to Prevent Loss
Do you know where your confidential data is?Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands
Learn what the thought-leaders at PricewaterhouseCoopers have to say.7 Requirements of Data Loss Prevention
Incorporate best practices from many companies using DLP solutions.Ponemon Study: How Much Does a Data Breach "Cost"?
35 U.S. organizations that lost confidential information and had a regulatory requirement to publicly notify affected individuals are studied in this report.
- How Are Open Source Development Communities Embracing Security Best Practices?
- Using Likewise to Comply with PCI Data Security Standard
- Ponemon Study: How Much Does a Data Breach "Cost"?
- Managing SSL Security in Multi-Server Environments
- Maximizing Site Visitor Trust Using Extended Validation SSL
- The Latest Advancements in SSL Technology
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
Data Loss Prevention
-
November 13, 2008The Roosevelt HotelRegister now »
New York, NY 10017
(ISC)2 members can earn up to 6 CPE Credits
Reference priority code ONLINE and attend this program as our guest — that's a $295 savings!
