IT urged to work with legal departments

IT departments that try to battle computer crime independently may be undercutting their companies’ ability to fight off intruders, said a panel of industry experts.

What’s needed is a team approach, especially one that involves a corporate legal department that understands the investigative process and can assist law enforcement. That was the assessment of a panel of experts, including some current and former top U.S. computer crime investigators, at a public policy forum held last week. The forum was sponsored by the Washington D.C.-based news and information service The Bureau of National Affairs Inc.

When security problems arise at many companies, legal counsel is often left out of the loop, said Christopher Painter, deputy chief of the computer crime section at the U.S. Department of Justice. “System operators don’t think about that; that’s not their first concern,” he said.

But corporate legal departments can make all the difference in an investigation, said Christopher Bubb, the former New Jersey deputy attorney general who investigated the 1999 Melissa virus. Bubb recently left his post to become a legal counsel at Dulles, Va.-based America Online Inc.

AOL played an instrumental role in identifying the originator of the Melissa virus. When the company’s legal department contacted state computer crime officials in New Jersey, where the suspect resided, it “did so in a manner that gave law enforcement what they needed in an investigation,” Bubb said.

Bubb said there’s a “free flow of information” between the information security department and the legal staff at AOL. “We are allowed to be involved in the decision-making on the front end,” he said.

J.P. Morgan Chase & Co. in New York has dedicated teams around the globe for managing information security, said Jacinthia Lawson, a risk management officer at the company. Moreover, she said, J.P. Morgan has incident response teams that include senior managers; a fraud division; the human resources department, in case an employee is involved; auditors if there’s a breakdown in controls; and legal and corporate staff.

Many companies, however, remain reluctant to involve law enforcement in computer crime investigations for fear that the publicity will hurt their firms. Shawn Henry, who heads the computer intrusion unit at the Washington-based National Infrastructure Protection Center, said he has more than 1,200 pending investigations, and 99 per cent of the cases remain under wraps.

Companies that concentrate on remediation – closing off a vulnerability to deter an attacker – without any investigative follow-up may be hurting themselves in the long run. That’s especially the case if companies are dealing with an attack by a disgruntled employee or competitor, said Scott Charney, a partner at New York-based PricewaterhouseCoopers LLP

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now