The Justice Department’s Criminal Division hosted a
cybersecurity roundtable discussion yesterday on the challenges in handling
data breach investigations. Assistant
Attorney General Brian A. Benczkowski of the Criminal Division delivered
opening remarks and served as moderator for the event. Deputy Attorney General Rod J. Rosenstein,
Assistant Attorney General John C. Demers of the Department’s National Security
Division and officials from the FBI, U.S. Secret Service, the White House’s
National Security Council and U.S. Department of Homeland Security also
delivered remarks at the event. The
audience included many of the nation’s leading private-sector practitioners in
the field of data breach response and representatives from premier
cybersecurity and incident response firms in the country.
The Criminal Division held its inaugural cybersecurity
roundtable in 2015, shortly after the creation of the Cybersecurity Unit within
the Computer Crime and Intellectual Property Section (CCIPS). The goal of the first roundtable was to spur
a conversation within the legal community about how the government can work
more effectively with companies, firms, and organizations to prosecute and
prevent data breaches. Three years later,
the Department continues to exchange ideas with and look to the private
sector’s expertise and insight about how to improve cooperation between law
enforcement agencies and data breach victims.
In February of this year, Attorney General Jeff Sessions
established a Cyber-Digital Task Force, which published its first report in
July. The report provides a
comprehensive assessment of the cyber-enabled threats confronting the nation,
and catalogs ways in which the Justice Department combats those threats,
including by partnering with the private sector.
“Public-private partnerships addressing cybercrime play a
critical role in our efforts to hold criminals accountable for data breaches,”
said Deputy Attorney General Rosenstein.
“We depend on the private sector to help us maintain the rule of law in
cyberspace at every stage of our work. That includes working together to obtain
critical evidence for investigations and trials, and collaborating on
developing the legal authorities needed to protect our 21st century economy. Today’s discussion aims to share best
practices, common challenges, and emerging threats, and identify how the
Department of Justice and our law enforcement partners can help private
industry to protect Americans from harm while safeguarding privacy. Through roundtables like this and the
continuing collaboration they fuel, we will meet emerging threats, protect
America’s technological innovations, and preserve public safety and security.”
“The Criminal Division has long been recognized for its
innovative and aggressive pursuit of the most sophisticated cybercriminals,”
said Assistant Attorney General Benczkowski.
“Active engagement with the private sector through events like the
Cybersecurity Industry Roundtable is essential to our effectiveness as
prosecutors because it allows us to draw upon a broad range of experience to
get better at what we do. The Criminal
Division’s commitment to fighting cybercrime is unwavering, and we look forward
to continued close cooperation in that fight with our counterparts in the
private sector.”
The Criminal Division created the Cybersecurity Unit within
CCIPS in December 2014 to help channel CCIPS’s expertise and experience
combatting cybercrime into the prevention of cybercrime. The Unit’s contributions during its brief
existence have included issuing groundbreaking guidance to help organizations
create vulnerability disclosure programs to improve detection of cyber
vulnerabilities. The Unit’s outreach to
the private sector has included participation by members of CCIPS in well over
100 cybersecurity events since 2015, such as RSA, Black Hat, DEFCON, and
International CES, which has helped the Unit build relationships with and
gather input from incident responders, potential victims, and key information
security experts. This input has been
put to good use. The Criminal Division
released a document at the first roundtable providing guidance to help
organizations prepare for a cyber incident, called “Best Practices for Victim
Response and Reporting Cyber Incidents.”
As part of Thursday’s event, the Cybersecurity Unit released
a new document providing even more comprehensive guidance that reflects input
the Unit received during its outreach efforts.
The revised guidance addresses new issues like working with incident
response firms, cloud computing, ransomware, and information sharing. It is an example of the type of assistance
that the Cybersecurity Unit was designed to provide—to help elevate
cybersecurity efforts and build better channels of communication between law
enforcement and industry.