Attacks/Breaches
10/23/2008
04:45 PM
Connect Directly
RSS
E-Mail
50%
50%

Data Breach? Who Ya Gonna Call?

Our latest CSI survey shows few organizations bring in law enforcement after an attack. That's bad policy.

Whether a data breach is accidental or the result of a targeted malicious attack, the results can be devastating to a company's financial stability and reputation. To compound the problem, many CIOs fear that reporting the incident will only make matters worse. In the 2008 CSI Computer Crime & Security Survey, only about one in four respondents said that they contacted a law enforcement agency in the wake of a breach. Most said they worry about negative publicity and that the authorities can do little to help deal with cybercrime.

It's reasonable to fear negative press. Sales may be adversely affected, and the public's confidence can be shaken. Furthermore, many states have enacted data breach notification laws that can cause a company's legal fees to mount. On the other hand, a decision not to come forward could work against you in court later, and law enforcement has sophisticated forensic and legal tools not available to private industry. However, reporting isn't as simple as it sounds. The President's Identity Theft Task Force has recommended the creation of national standards for data protection and data breach notification requirements that would pre-empt the multitude of existing state laws. The Task Force also recommended the establishment of a national identity theft law enforcement center to harmonize identity theft and data breach reporting. But as of this writing, neither of these recommendations has been acted on. Unfortunately, this makes reporting to law enforcement confusing, as there's no clear-cut hierarchy. In our report, we describe a methodology for reporting to law enforcement agencies that deal with cybercrime.

Return to the main story:
Forensic Teams Take On Hackers

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6335
Published: 2014-08-26
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and ...

CVE-2014-0480
Published: 2014-08-26
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL ...

CVE-2014-0481
Published: 2014-08-26
The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 uses a sequential file name generation process when a file with a conflicting name is uploaded, which allows remote attackers to cause a d...

CVE-2014-0482
Published: 2014-08-26
The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3, when using the contrib.auth.backends.RemoteUserBackend backend, allows remote authenticated users to hijack web sessions via vectors relate...

CVE-2014-0483
Published: 2014-08-26
The administrative interface (contrib.admin) in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not check if a field represents a relationship between models, which allows remote authenticated users to obtain sensitive information via a to_field ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.