DOJ Releases Data Breach Response Guidance | Practical Law

DOJ Releases Data Breach Response Guidance | Practical Law

The US DOJ has released guidance advising companies on the best practices for victim response and reporting of cyber incidents.

DOJ Releases Data Breach Response Guidance

Practical Law Legal Update 9-611-4185 (Approx. 3 pages)

DOJ Releases Data Breach Response Guidance

by Practical Law Intellectual Property & Technology
Published on 01 May 2015USA (National/Federal)
The US DOJ has released guidance advising companies on the best practices for victim response and reporting of cyber incidents.
On April 29, 2015, the Cybersecurity Unit of the DOJ Criminal Division released Best Practices for Victim Response and Reporting of Cyber Incidents (guidance), which is intended to assist companies in developing a response plan for reacting to a cyber incident, like a data security breach. The guidance was drafted by the DOJ's Cybersecurity Unit and offers perspective from federal prosecutors who have handled cyber investigations and prosecutions.
The guidance advises organizations to:
  • Identify which data, assets and services warrant the most protection and to develop an incident response plan accordingly.
  • Have an actionable plan in place before an incident occurs.
  • Have appropriate technology and services in place before an incident occurs.
  • Obtain appropriate authorization permitting network monitoring.
  • Familiarize legal counsel with technology and cyber incident management to reduce response time during an incident.
  • Ensure organization policies align with the cyber incident response plan.
  • Establish relationships with:
    • local federal law enforcement offices; and
    • cyber information sharing organizations.
The guidance also provides organizations with:
  • A step-by-step plan for responding to a cyber incident.
  • Tips for what not to do in the event of an incident.
  • Suggestions for how to proceed after an incident.