CYBERSECURITY
YOUR CLIENT WAS
By MIKE TALIA
Y
our client, a small business owner, calls you, frantic, early on a Tuesday morning. She tells you that nobody at her business can get into their computer. The computer screens have some sort of a message demanding money. Ransomware. Your client is worried that her customers’ financial information is at risk. Cyber incidents are becoming more common and occur to large and small businesses. What advice do you give your client? Here are a few items to consider in developing your advice.
Hands off until the experts arrive
Use of or access to affected systems after the discovery of a cyber compromise may destroy forensic evidence or cause a loss of your client’s data. Leave the computers and network equipment alone until someone who knows what to do has a look.
14
MONTANALAWYER
Technical expertise
Does your client have a capable cybersecurity professional on staff or on contract? If not, you should recommend one. There are many options, both in and out of the state, but they are not all created equal. In the cybersecurity world, certifications are the standard by which skills are measured. Certifications like the Global Information Assurance Certification (GIAC), Security Essentials Certification (GSEC) or Certified Information Systems Security Professional (CISSP) indicate that an IT or cybersecurity professional has demonstrated significant competence. Your client will want to get a technical expert in quickly, to begin responding to the incident using the National Institute of Standards and Technology (NIST) cybersecurity framework. NIST breaks cybersecurity into five functions: 1) identify, 2) protect, 3) detect, 4) respond, and 5) recover. If your client has been hacked, you are already at the fourth function, respond. Response activities are WWW.MONTANABAR.ORG
