Involving the Authorities

In this chapter, we will address one of the most difficult decisions organizations face when confronted with a computer security incident. This is an extension of our last chapter: cover-ups. Actually, the question of involving law enforcement may be moot for some organizations because their governing regulations require it. Even so, as we saw in the last chapter, some managers try to cover up the incident so that law enforcement won’t get involved. I’ve been told by more than one banker that he or she didn’t like to see anything about an investigation or incident written down anywhere so that the bank examiners wouldn’t see it.