Time
7 hours 36 minutes
Difficulty
Advanced
CEU/CPE
7

Video Description

This lesson discusses the benefits of information sharing: · "Knowing is half the battle" · Aids in threat identification · Provides threat warning · Builds relationships · Protects the public and other organizations

Video Transcription

00:04
So we've talked about the requirements of notifying law enforcement, notifying customers and essentially notifying the person designated by DHHS of these
00:15
data breaches. So how does that benefit organizations? We know how notifying our customers kind of benefits us because when it's required by Wall, but to it provides some type of good will and notification to the customers that were at least trying to rectify the situation.
00:34
But providing that information to law enforcement
00:37
in or providing that information to other organizations one will help us cut down on the amount of incidents that we're going to have to respond to
00:48
one, because knowing is half about. So if I know about something,
00:53
it's gonna be a lot easier for me to make preparations to respond to
00:58
Number 18 and threat of defecation.
01:00
So if I know of a particular piece of malware, if I know of the particular happened, that's out there and I know how his Teepees work,
01:08
I could essentially
01:11
set my set my firewalls to know what to look for.
01:14
I can make my employees were aware of how to be cognizant of certain social engineering techniques,
01:22
additionally, provides threat morning
01:25
so that kind of ties back into knowing and understanding threatened landscape
01:30
that organization is gonna face.
01:34
But on top of that, sharing information is gonna build relationships. So if something happens to me and it's significantly bad and I have ah, buddy, that may work for another organization and I share that information with him, one that's gonna help his information. It's gonna make him better.
01:53
But conversely,
01:55
if something happens to him and he shares that with me,
02:00
then it will also improve my security posture.
02:05
And then, if I'm sharing that information with law enforcement over the federal government, they might actually start sharing information back or building. Those relationships were building our network, and we're helping each other essentially keep each other secure. So got your bodies back.
02:23
So in summary, this covers our legal aspects of incident response. So simply, we started with defining expectations of privacy and how that impacts organizations
02:37
as they go about collecting evidence as it relates to responding to incidents and remediating incidents.
02:44
So what we talked about in that section is that the organizations, especially private organizations, may not have to be cognizant, are abide by the Fourth Amendment for, say, because it doesn't really apply to them except in certain situations. Government employees there always
03:02
acquired to abide by the Fourth Amendment because they're agents of the government.
03:07
However, private entities might become agents of the government when they're acting at the half of behest of law enforcement. So if you've contacted particular law enforcement agency and they're providing you direction
03:24
and guidance on how to
03:28
investigating, gather evidence in this case,
03:30
at some point you may actually become an agent of law enforcement and the Fourth Amendment and the search more requirement may actually apply to you. That being said is a data owner on dhe owning certain systems and information.
03:47
Because of that virtue, you you may actually be able to provide consent
03:53
yourself. Eso
03:55
times can be a very gray area, very slippery slope.
04:00
We also talked about bringing your own device toe work inherently. B Y o. The devices are
04:09
almost a security nightmare, and there has to be good policies and procedures in place to deal with incidents on women if they might occur. Because thes are privately owned devices,
04:25
taking someone's cell phone away from them may not be as easy as taking a company on cell phone and then searching through that cell phone that even the more of a legal nightmare and headaches. So it's important to have
04:38
good policies and procedures in place.
04:42
And then, lastly, we talked about the data breach notification standard specifically as it relates to federal law and how persons were supposed to be notified what constitutes P II and then
04:58
whom organizations are supposed to notify, such as law enforcement
05:01
and or the credit bureau agencies
05:04
so that provides basic snapshot of the legal aspects of incident response. I have to capstone this with anything that is contained within this section should not be construed to be legal advice on behalf of myself and our cyber Eri,
05:25
Uh, this is
05:26
a basic overview of some of the legal aspects that pertain to incident response. So any time you're going to have a question about legal processes or requirements, if you take anything away from this, this section of the course is to you. Consult your legal counsel.
05:45
But hopefully this provides a good overview of some of the laws that pertain to incident response and at least helps you ask. Good questions are become aware of certain laws and procedures. So again, Thank you. Hope you've enjoyed the course and check out more courses from cyber.

Up Next

Incident Response and Advanced Forensics

In this course, you will gain an introduction to Incident Response, learn how to develop three important protection plans, perform advanced forensics on the incident, deep dive into insider and malware threats, and commence incident recovery.

Instructed By

Instructor Profile Image
Max Alexander
VP, Cybersecurity Incident Response Planning at JPMorgan
Instructor