EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Cyber incidents: How best to work with law enforcement

David H. Laufman, Sean Newell, Stephen Reynolds and Mike Buchwald

Cyber Security: A Peer-Reviewed Journal, 2017, vol. 1, issue 2, 102-115

Abstract: Cyber intrusions now affect businesses and organisations of all sizes and in all sectors and industries. The United States Department of Justice employs a whole-ofgovernment approach to investigate, disrupt and deter malicious cyber activity. We work with other law enforcement agencies; the intelligence community; civil, administrative and regulatory agencies; and the military to draw upon each partner’s unique expertise and resources, and to use whichever combination of tools will be most effective in responding to and countering a particular threat. Meeting the cyberthreat requires the help and cooperation of the private sector as well. When deciding whether to notify law enforcement of a cyber incident, organisations weigh the anticipated benefits of a proactive approach against legal, business, reputational and other practical concerns. This paper explains why working with law enforcement is the smart choice before, during and after a cyber intrusion or attack. We can help victims understand what happened; we can share context and information about related incidents; we can ensure a proper investigation and preservation of evidence; we can assist victims in dealing with regulators; and we are uniquely situated to work with other parts of the federal government to respond with possible criminal prosecution, economic sanctions, diplomatic pressure, intelligence operations and military action. Although primarily directed towards victim organisations, we hope this paper helps answer questions that all organisations’ leadership and counsel may have as they decide how their response may affect their business or mission, whether they are witnesses (eg internet service providers) or victims.

Keywords: cyber security; cyber incident response; government cyber response; law enforcement cyber response; cyber information sharing; cyber intrusion; cyberattack (search for similar items in EconPapers)
JEL-codes: M15 (search for similar items in EconPapers)
Date: 2017
References: Add references at CitEc
Citations:

Downloads: (external link)
https://hstalks.com/article/4177/download/ (application/pdf)
https://hstalks.com/article/4177/ (text/html)
Requires a paid subscription for full access.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2017:v:1:i:2:p:102-115

Access Statistics for this article

More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications
Bibliographic data for series maintained by Henry Stewart Talks ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:aza:csj000:y:2017:v:1:i:2:p:102-115