CHAPTER 61
WORKING WITH LAW ENFORCEMENT
David A. Land
61.3.1 Federal Bureau of Investigation
61.3.2 U.S. Postal Inspection Service
61.5 HANDLING EVIDENCE AND THE CHAIN OF CUSTODY
61.7 ASK LAW ENFORCEMENT TO GIVE BACK
61.9 KEEPING YOUR OPERATION RUNNING DURING AN INVESTIGATION
61.10 NONELECTRONIC RECORDS AND THE INSIDER THREAT
61.11 INFORMATION SHARING (THE HUMAN FACTOR)
61.1 INTRODUCTION.
Today, working with law enforcement is likely one of the most important aspects of computer security, and of our collective need to protect our sites and our sites' information. The entire paradigm has shifted to one where you will need law enforcement, and they will most certainly need you. In times past, however, this was not the case. Understanding their needs before, during, and after the commission of a crime significantly enhances your organization's opportunity to come back online quickly, with, it is hoped, little or no disturbance to your users or customers. Likewise, conveying your needs to law enforcement prior to an incident will serve you well later on. Working with law enforcement is, however, not your opportunity to assume the role of law enforcement. You must know your limitations and at what point to engage your law enforcement contacts.
Most organizations, whether they ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access