Search for:

The Cybersecurity Unit of the US Department of Justice recently published guidance on “Best Practices for Victim Response and Reporting of Cyber Incidents.” The guidance is available here.  The document aims at assisting organizations in preparing a cyber incident response plan and responding to a cyber incident. It was drafted for smaller organizations but it is also useful for larger organizations with more experience in handling cyber incidents. The DOJ recommends that organizations should take the following steps before a cyber intrusion or attack occurs:

  1. Identify your “crown jewels”
  2. Have an actionable plan in place before an intrusion occurs
  3. Have appropriate technology and services in place before an intrusion occurs
  4. Have appropriate authorization in place to permit network monitoring
  5. Ensure your legal counsel is familiar with technology and cyber incident management to reduce response time during an incident
  6. Ensure organization policies align with your cyber incident response plan
  7. Engage with law enforcement before an incident
  8. Establish relationships with cyber information sharing organizations

Once a cyber intrusion or attack occurs, the DOJ recommends the following:

  1. Make an initial assessment
  2. Implement measures to minimize continuing damage
  3. Record and collect information
    • Image the affected computer(s)
    • Keep logs, notes, records and data
    • Records related to continuing attacks
    • Notify people within the organization, law enforcement, the Department of Homeland Security and other potential victims

  The Guidance also contains a section on “Don’ts” in connection with cyber intrusion and attacks:

  1. Do not use the compromised system to communicate
  2. Do not hack into or damage another network

At the end of the guidance, the recommendations are summarized in a helpful checklist.


Doug Tween is the Chair of Baker & McKenzie’s White Collar Practice Group and heads the firm’s New York Litigation Department. He is a trial lawyer who represents clients in their most important and sensitive matters, and brings extensive courtroom experience to the defense of companies and individuals in white-collar criminal and regulatory investigations, as well as complex civil litigation and class actions. He has been described in Law360 as “a litigator you fear going up against in court,” and was previously Baker & McKenzie's nominee as "Litigator of the Year" in The American Lawyer's Litigation Department of the Year competition. He has been recognized as a Notable Practitioner by Chambers and Partners and by Super Lawyers as a New York Super Lawyer. Mr. Tween is also Chair of the Cartel and Criminal Practice Committee of the American Bar Association’s Antitrust Section, a Non-Governmental Advisor to the International Competition Network, the Chair of Baker & McKenzie's Global Cartel Task Force, and a member of the Firm's North America Competition Law Steering Committee. From 1990 to 2005, Mr. Tween served as a Trial Attorney with the US Department of Justice Antitrust Division. He was one of the US government’s most highly honored antitrust trial attorneys, having received the Attorney General’s Distinguished Service Award, the Antitrust Division Award of Distinction, and numerous other citations.


Write A Comment