CHAPTER 61
WORKING WITH LAW ENFORCEMENT
David A. Land
61.3.1 Federal Bureau of Investigation
61.3.2 U.S. Postal Inspection Service
61.5 HANDLING EVIDENCE AND THE CHAIN OF CUSTODY
61.7 ASK LAW ENFORCEMENT TO GIVE BACK
61.9 KEEPING YOUR OPERATION RUNNING DURING AN INVESTIGATION
61.10 NONELECTRONIC RECORDS AND THE INSIDER THREAT
61.11 INFORMATION SHARING (THE HUMAN FACTOR)
61.1 INTRODUCTION.
Today, working with law enforcement is likely one of the most important aspects of computer security, and of our collective need to protect our sites and our sites' information. The entire paradigm has shifted to one where you will need law enforcement, and they will most certainly need you. In times past, however, this was not the case. Understanding their needs before, during, and after the commission of a crime significantly enhances your organization's opportunity to come back online quickly, with, it is hoped, little or no disturbance to your users or customers. Likewise, conveying your needs to law enforcement prior to an incident will serve you well later on. Working with law enforcement is, however, not your opportunity to assume the role of law enforcement. You must know your limitations and at what point to engage your law enforcement contacts.
Most organizations, whether they ...
Get Computer Security Handbook, Fifth Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
